Adapting to the "New Norm"
The “new norm”. In the tech world, we all become accustomed and numbed to the various buzz words and catchphrases that come along what seems like every other day, yet this is one that extends beyond just our little tech bubble. We’ve heard the phrase the “new norm” countless times over the last few months, and its meaning certainly has broad, global implications, but it also means something when put in the context of the business world that has required many organizations to shift the way they conduct their day to day operations. Perhaps most notably, shifting from physical work environments to virtual.
As someone who has always worked from a home office, this is nothing new to me and the adjustment period for my company was basically non-existent as we are primarily a remote-based organization. However, that was not the case for many teams and a quick and nimble shift was required just to keep a workforce previously equipped for office work to now be equipped to working from home.
It seems that most have gotten over the initial hurdles, but business as usual for many organizations has changed and adjustments still need to be made to get out of the band-aid phase to the fully operational phase. This is especially true for teams working in a regulated industry where strict regulations dictate that well-defined policies be adhered to and verified across the software development and quality cycle. For Life Sciences teams, this also means that signatures must be captured to verify that appropriate review and approvals have been executed by required team members.
If a team was previously operating under a manual review and approval process that was document-based, then certainly things have become more challenging, time-consuming, and risk-prone than ever.
Especially now, teams should really be looking at ways to automate and move to systems of review and approval that are based on digital systems and electronic records by leveraging 21 CFR Part 11 - but I’m not talking about simply using electronic signatures on electronic documents. That still has many of the same limitations as physical documents when utilized across modern SDLC solutions and remote teams, and that approach will continue to act as a roadblock.
While electronic signatures and electronic documents do offer some benefits to facilitate remote teams, to me, that is still a band-aid solution to compliance woes and we should be looking to use this situation as an opportunity to really dive into that fully operational mode I mentioned.
In that context, I’m referring to leveraging a more data-driven approach that many organizations have already embraced to modernize their compliance and software validation practices. By leveraging a data-driven approach and shifting away from the reliance on traditional static documents, teams are able to adopt modern workflows and toolsets that truly support a virtual workforce in a controlled and compliant fashion, without acting as a hindrance to overall business goals and objectives. This is achieved through leveraging a solution that can manage software compliance and validation deliverables at the data level, rather than through a predefined static document with a simple electronic signature applied.
To elaborate a bit on what I mean when I say things like “data-driven” or “data level”, I mean incorporating things like review/approvals, esignatures, and traceability to individual validation elements, like requirements, defects, user stories, test cases, etc. This is important because enabling these activities at the data level vs. managing and updating a static document containing pre-defined data/requirements/deliverables/etc, is really where organizations are effectively able to drive validation activities to integrate much more seamlessly into more modern workflows and practices while supporting dispersed workforces.
Controlling validation relevant elements at the data level also allows for the ability to standardize approval lifecycles, uniformed or dynamic workflow controls, and capturing end-to-end lifecycle and audit history trail. With all this enabled, teams are now able to remove the manual effort required to maintain a document-centric approach (and the human error that comes with it) and allow validation and compliance activities to stay on track with larger organizational requirements demanded by business and software teams in today's landscape.
By leveraging a quality and compliance solution to make this approach possible, the benefits really begin to open up…..
- Real-time insight and access: Gone are the days of “reactive” discovery and analysis to identify compliance issues. Real-time access allows users to monitor and take corrective action before simple compliance concerns become significant compliance breakdowns.
- Repeatable process: Quality control is paramount in all life sciences business processes. Using configurable workflows, data-driven CSV helps to provide repeatability and efficiency, greatly reducing the risk of human error while enforcing the correct process.
- Test automation: Test automation can easily be incorporated into this approach and leveraged along with manual testing. These test elements and their associated execution results can be sent through a formal review and approval process while being recorded in the audit history. In addition, historical information such as the number of executions, execution times, and defect trends can be leveraged as future releases of the application are being considered.
- Comprehensive reporting: The data-driven approach truly provides a panoramic view of the entire CSV landscape – and captures all necessary information and data for rigorous, comprehensive reporting. Real-time reports can show exactly where you are in a validation project, including what reviews/approvals might be stuck and how you can re-assign elements to keep things moving forward.
- Analytics and analytical reporting: Life Science companies are intense collectors and users of data; however, they have historically been unable to extract intelligence from the underlying validation data. A data-driven approach provides the ability to capture relevant and meaningful data at each critical step of the process. This means users can analyze the data along the SDLC. For example, analytics can help create “what-if” scenarios or highlight productivity (or lack thereof) with different out-sourced teams.
- Traceability: The data-driven approach enables users to trace data across the full lifecycle – regardless of the tools that are used (requirements tool, agile tool, testing tool, or ITSM).
- Improved efficiency: It streamlines processes to help reduce processing time while ensuring accurate tracking.
- Reduced risk: A systematic, iterative approach, applied throughout a computer systems lifecycle, helps drive better decision-making, ensures product quality, and minimizes supply chain disruptions. Factors that can reduce risk include repeatability, electronic signature security, visibility, and audit trail.
Regardless of the realities of the “new norm”, this should really be a modality of software compliance practice that teams need to be striving towards in 2020 and beyond. Modernization and shifting away from legacy validation practices that rely heavily on documents and the documentation itself (vs software and system quality) has long been called for, but now is even being encouraged by industry leaders and governing bodies alike. This, coupled with the increased prevalence of remote workforces that will likely persist beyond the effects of the pandemic, should be acting as the drivers to enact organizational changes that will no doubt have drastic positive impacts over the long run.
To learn more about how this type of approach can be adopted and implemented, you can always feel free to reach out to me here, but I would also encourage you to watch a webinar we recently presented along with AbbVie/Allergan called “Standardizing Compliance to Achieve SDLC Modernization” via the link below.
Jason Secola manages content marketing and channel activities at Tx3 Services and has been with the company since 2016. Jason began working with the larger portion of the existing Tx3 team dating back to 2007 when he got his first start in the world of application testing and later began a focus on testing in a regulated environment. He currently resides near Sacramento, CA.
Jason Secola manages content marketing and channel activities at Tx3 Services and has been with the company since 2016. Jason began working with the larger portion of the existing Tx3 team dating back to 2007 when he got his first start in the world of application testing and later began a focus on testing in a regulated environment. He currently resides near Sacramento, CA.View all posts by Jason Secola