The Office of the Comptroller of the Currency (“OCC”) issued a letter (1179) that national banks and federal savings associations must demonstrate that they have adequate controls in place before they can engage in cryptocurrency, distributed ledger, and stablecoin activities. The OCC had issued multiple Interpretive Letters in 2020 and earlier this year related to […]
Posts Tagged ‘Regulatory’
Regulatory Updates for Safety: Oracle Health Sciences Connect 2021 Session Recap
During a session at this year’s Oracle Health Sciences Connect conference, Oracle presented recent and upcoming regulatory updates from regulatory agencies around the world for safety. Due to the pandemic and new COVID vaccines, the regulatory update that piqued my interest most was related to the Postmarketing Safety Reporting (PMSR) requirements for Combination Products. The […]
Key Takeaways About Compliant IT Systems In The Cloud
This is the final post in our series on maintaining regulatory-compliant IT systems in the cloud. In this post, we’ll go over the key takeaways from the series and then we’ll send you on your way! Regardless of how much control you have over your IT systems, if you are using them for regulatory purposes, […]
Tips And Best Practices For Compliance In The Cloud
As we’ve learned in the previous posts in this series, having a thoughtful, thorough cloud vendor qualification process and intelligent SLAs in your cloud vendor contracts will help you maximize the value of the cloud while maintaining regulatory compliance. In addition, here are some tips and best practices to help you knock it out of […]
How To Use Contracts For Regulatory Compliance Of Cloud Systems
In my previous post in this series, we discussed how to qualify cloud vendors. Once that process is complete, the second step to maintaining compliance is to document your specific regulatory requirements in a contract with the cloud vendor, usually in the form of service-level agreements (SLAs). In this blog post, I include a range […]
How To Qualify Cloud Vendors
We recently completed a 21 CFR Part 11 gap analysis engagement for a client that was largely using SaaS applications, but had no cloud vendor qualification process in place. They had just been allowing each business unit to select the applications that met its user requirements, accept whatever validation documentation the cloud vendor supplied (if […]
Who Is Responsible For The Compliance Of Cloud Systems?
Any time you take advantage of a cloud service – infrastructure, platform, or software – for a regulated purpose, you are ultimately responsible for its regulatory compliance, not the cloud vendor. This is critical for you to remember. So, how can you ensure regulatory compliance of a software system you did not build, you do […]
Cloud-Hosted Terminology: Types Of Systems
As we continue our series on maintaining regulatory-compliant cloud systems, let’s touch on a few key terms. Below are explanations of the primary cloud-hosted offerings available in the market. Infrastructure-as-a-Service (IaaS) When you purchase a software system and opt to have a vendor host it for you instead of installing it on servers you own, […]
Refresher: Which IT Systems Are Regulated
If your company makes drugs, medical devices, or biologics (vaccines, blood and blood components, allergenics, somatic cells, gene therapy, tissues, and recombinant therapeutic proteins), it is regulated. If your company is regulated, then every IT system you use to design, develop, conduct trials, manufacture, package, label, store, distribute, install, or service your products is also […]
Maintaining Regulatory-Compliant Cloud Solutions
The benefits of cloud hosting – including Infrastructure-as-a-Service (IaaS), Platform-as-a-Service (PaaS), and Software-as-a-Service (SaaS) – are very clear: less upfront capital, faster implementations, scalability and elasticity, and no need for individual companies to maintain physical space, hardware, and/or technical staff for support. But there are also several risks to consider, including physical and technical security, […]
Streamlining the Manufacturing and Automotive Treasury Function
The strategic vision of the manufacturing and automotive treasury function is to deliver efficiency, control, and scalability. The logical structure for this transformation includes several key components: business events, centralized demand deposit accounts with banking connectivity, and a reporting data warehouse. A comprehensive finance and treasury transformation program can help improve cash and liquidity management, […]
FDIC Part 370 Testing Support
Each phase of a company’s Part 370 response will have to undergo rigorous testing to ensure that all the regulatory requirements are met and the FDIC’s ongoing testing will produce satisfactory results. Our industry-leading DevOps organization that can assist with: Test planning and execution Defect tracking and reporting Requirements traceability Continuous integration As with requirements […]