Introduction: Non-Product Computer System Validation (CSV)
Regulators are under pressure. I suppose it is natural that governmental agencies, responsible for the welfare of millions of people, would be subject to the winds of political change. My father used to characterize this type of change as an organization breathing. Centralization, de-centralization. Innovation, cost control. Safety in the form of control, safety in the form of new products. It seems that the cycle has changed to an increase in efficiency, and we in industry are hesitant to play the game of trade-offs. Why? Because we want to have our cake and eat it too.
Over the last several months, the FDA has been trying to identify several initiatives which could reduce the burden of regulation and at the same time improve the safety and efficacy of medical devices. Too good to be true? Siemens does not think so. We have been working on a project for some time to dramatically improve the non-product software validation process. The core of this initiative is to provide a system which utilizes a risk based workflow to properly categorize the software system safety exposure.
The process essentially reduces error. The error of improperly categorizing low risk as high, and greatly increasing the work required to complete a validation, and the error categorizing high risk as low, and in ignorance exposing the company to product and user risk. In the past, non-product software validation has been accomplished using a complicated SOP based workflow. Workflows of this nature are difficult to enforce, complicated to implement, and result in very little reuse as software is revalidated over time.
We engaged industry and the FDA to better understand the agency intent in the hope that we can better serve our customers. In this way we are helping provide clarity about the most efficient, and just as important, the safest way to implement the non-product software validation process.
Stay tuned, as we hope to see new guidance by the end of 2018.