Life Sciences

GxP in the AWS Cloud

Issue link:

Contents of this Issue


Page 1 of 4

SHARE: GxP in the AWS cloud: The compliance and efficiency benefits of rethinking regulated workloads 2 Highly-regulated corners of the biopharma industry were initially wary of the cloud. Faced with a lack of regulatory clarity and possessing understandable caution, companies stuck with systems they knew. That is no longer the case. Now, companies know the Amazon Web Services (AWS) cloud meets their needs and those of regulators. This shift has unleashed a model that is enabling companies to achieve more control with less effort by fundamentally transforming compliance practices. The initial reticence of companies to run regulated workloads in the cloud reflects the importance and scrutiny of these tasks. Errors in a system handling unregulated workloads affect the internal operation of the company. The fallout from such disruption, while undesirable, is typically isolated. Errors in a system handling regulated workloads affect the regulatory status of the company and potentially patient safety. These are the sorts of issues that have major, long-term consequences. Companies commit considerable time and resources to avoiding such issues. Compliance with the good laboratory, clinical and manufacturing practices (GxP) regulators enforce to protect patient safety is central to these efforts. GxP ensures the integrity, reproducibility and traceability of data companies generate while developing, testing and producing drugs. Each set of good practices is built on a core concept: If it isn't documented it didn't happen. Following this maxim necessitates the validation— and accompanying documentation—of computer systems to ensure they are accurate, reliable and consistently perform as intended. The validation must also show if records have been altered or are otherwise invalid. HOW THE CLOUD IMPROVES COMPLIANCE Today's on-premise GxP systems operate in the physical realm. Data comes into receiving docks, is unpacked and moved on to data centers. Companies can audit the sites and ser vers they use to show compliance with GxP. T h e s e m a nu a l c o mp l i a n c e c h e c k s h ap p e n at dist inc t p oints in t ime. This a l lows a comp any to show auditors its system was compliant at a p ar t ic u lar t ime on a cer t ain day. Howe ver, t he c o mp a ny c a n n o t s h ow c o mp l i a n c e a f t e r t h at point. A void in the company's knowledge of the st atus of t he system b eg ins once t he va lidat ion is p er for me d. The void on ly ends af ter anot her manua l compliance che ck is p er for me d. In t he t i m e b e t w e e n c h e c k s , s y s t e m s c a n d r i f t aw ay f rom t heir compliant st ates unnot ice d. The problem is compounded by the level of effort required to manually validate systems. This is a labor-intensive task. The upshot is increasing the frequency of point-in-time checks to shorten the drift window would require more resources. Cloud GxP systems can fix some of these problems. The cloud is a virtual, software-defined realm. Code is the infrastructure. In this realm, companies can automate and script checks and controls rather than task employees with periodically validating and monitoring their systems. The result is a move from

Articles in this issue

Links on this page

view archives of Life Sciences - GxP in the AWS Cloud