FDA Regulated Software Validation Process

FDA requires software vendors to add features to their software to ensure data integrity and audit trails. The manufacturers that use the software for data capture and workflow management relating to FDA compliance are also required to undergo a validation process to ensure the configured software works as intended.

What does software validation mean?

In order to produce FDA compliant COTS (Configurable Off-the-Shelf) software, a vendor must:

1. Add a series of features that ensure data continuity, integrity and security
2. Complete a software validation process
3. Enhance security, recovery and training procedures (SOPs)

When all requirements are completed, a third party consultant provides a Compliance Letter to the vendor. A new Compliance Letter is obtained for each new major version release.

What do manufacturers have to do to validate their software is working as intended for their unique processes?

When FDA regulated manufacturers adopt software they are required to further validate that the software is working as expected for their specific quality processes. Manufacturers are required to create a list of “jobs” the software is to complete and then test to confirm the jobs are completed correctly.

What do manufacturers we need to do if the software is reconfigured or a new version is released?

Whenever the application is reconfigured (i.e. updates to forms or new processes) or a new version of the software is released the customer must revalidate the software. This process involves the following steps:

1.  Create new versions of the validation documentation and update the specifications and test cases

2.  Execute new test and report the results