In the last few years, cloud hosting has emerged as a preferred choice which has enabled companies to get out of maintaining their own servers to host various software applications where cloud computing is a model for enabling 24×7, convenient, on-demand network access to a shared pool of configurable computing resources (e.g., networks, servers, storage, applications and services).
Own servers would involve maintaining SOPs, work instructions, systems documentation, hardware, platform, software, security, trainings, and revision of each to meet with the regulatory needs. With the advent of cloud, many companies have chosen to use cloud hosting for their various software applications. This is an enormous burden off the companies and thereby tremendously reduces the overheads in maintenance and such.
This choice of cloud hosting by the customer to host regulated products, the cloud hosting would have to be validated.
The cloud server can be validated such that any non-regulated software application or regulated software application can be hosted which complies with the regulatory needs.
By compiling and managing a complete set of system documentation since the inception of the server used for cloud hosting, all hardware and software traceability be maintained. The control of access also is regulated and only authorized users given access. Each application hosted on cloud is a separate, individual, exclusive instance which ensures data integrity, security and confidentiality with all electronic records created, modified, saved, stored and transmitted in accordance with CFR 21 part 11 (11.10 validation of systems (control of closed systems)) and ensures:
- Validation
- Accurate & complete copies of records
- Protection of records
- Limited system Access
- Audit trails
- Operational system checks
- Authority checks
- Device checks
- Training
- Written policies for electronic signatures
- Control over system documentation
Quality System Regulation (QSR 21 CFR Part 820.3 definitions; 1997) defines Process validation which means establishing by objective evidence that a process consistently produces a result or product meeting its predetermined specifications.
