If the root cause is not found for any deviation, what will be decided regarding that deviation or product?
It really depends on your criteria. Regulatory bodies expect you to make every possible effort to identify the root cause. Sometimes, investigations may not be conclusive, and in those cases, you should try to determine the most probable cause. If you have not found anything, this would be considered an inconclusive deviation.
For instance, if you receive an out-of-specification result and the investigation is inconclusive, you typically need to repeat the analysis from the very beginning. However, this ultimately depends on your procedure. Most frequently, in such cases, you will need to retest at least six or seven times.
Afterward, if all results comply with the acceptance criteria, you can calculate the average value. But if even a single value does not meet the specification, you cannot calculate the average, which means you should reject the product, hold it in your warehouse, and continue the investigation.
In this scenario, there is no single source of truth or action; it will depend on your efforts, investigations, reanalyses, and so on.
How does your eQMS handle user permissions and access control to ensure that sensitive quality data is only available to authorized personnel?
To access Scilife, every user must log in with a username and password. This identifies the user as someone authorized to access the system and allows us to track all their activities.
In addition, we implement another level of access control through “groups.” By establishing a group structure, you can designate the appropriate users to view specific information, participate in workflows, or create certain types of documentation.
This feature, combined with permission roles (manager, administrator, read-only user), determines what users can see and do within the system. We ensure that only those who are authorized can access sensitive information, whether it's a document, details about a deviation, or KPIs.
How does your eQMS support regulatory audits, and what kind of reporting or audit trails does it provide for compliance purposes?
Scilife includes a dedicated Audits module that allows you to manage three types of audits: incoming audits, outgoing audits, and internal audits. In the context of a regulatory audit, this would fall under an incoming audit since a notified body is auditing your organization. Within our Audits module, you can create the audit, track all relevant details such as the audit reason, type, and scope, and note if it relates to any prior issues.
The module also supports all follow-up processes. You can document your findings, define the necessary actions based on those findings, and record their criticality. If you need to perform additional tasks, such as recording a nonconformity, opening a CAPA, or conducting a risk assessment, you can set criteria for findings and track them through integration with other solutions like Events, CAPAs, or Change Management, allowing you to follow up until they are resolved.
For reporting, Scilife enables you to extract metadata through a report. You'll need a template in the Document Management module, which you can select when downloading the report. Scilife will compile all relevant information in one click, including the auditor's details, findings, due dates, completion dates, and proof of actions taken. These are automated reports.
Additionally, every module includes audit trails, making it easy to check who did what, whether it was signed electronically, and any comments or actions taken throughout the workflow.
If it is not possible to maintain digital deviation management, is it allowable to control manual systems, such as scanning deviation reports?
Regulatory bodies do not require you to use an electronic system over a manual one. You can choose to comply with regulations and good manufacturing practices using either manual or digital systems, as long as you adhere to good documentation practices based on ALCOA+ principles.
If you opt for a manual system and wish to scan a deviation report, you must ensure that it is a true copy and that the location where you store this electronic record is secure and appropriate for the retention period. This is the most critical aspect.
By using a validated system like Scilife, you can maintain your electronic records in a secure environment that complies with 21 CFR Part 11 and Annex 11 regulations. Your documents will be available indefinitely, unless you decide to delete them.
In terms of scaling, how does your eQMS handle increased data volume and complexity as our operations grow?
The Scilife platform is built on a scalable virtual private cloud infrastructure hosted on Amazon Web Services (AWS). By leveraging the power and flexibility of AWS, Scilife ensures seamless scalability, allowing businesses to expand their operations without concerns about infrastructure limitations.
How does your system help ensure compliance with changing industry regulations, and can it be adapted as new regulations come into effect?
As a SaaS solution, Scilife ensures that the platform is always up-to-date. Our expert team continuously monitors changes in industry regulations and seamlessly integrates the necessary updates into the platform as part of our regular module review process. These updates are included in your license at no additional cost.
