Health & Life Sciences Breakfast with David Meeks
A Meeting at the Tricentis Chicago Roadshow 2023
On October 17th, 2023, Tricentis hosted a breakfast for the Health and Life Sciences community at their Chicago Roadshow event. I had the opportunity to listen to David Meeks speak about Planning Test Automation in the Life Sciences Software Programs.
David has 24 years’ experience in the medical device and pharmaceuticals product and IT quality space and as an associate director of IT and quality compliance at a major pharmaceutical company. I wanted to share some insights from the presentation, as well as illustrating computer software assurance (CSA).
Many of us know that the regulatory landscape for computerized systems includes:
- 21 CFR 210/211
- 21 CFR 820
- 21 CFR 11
- ISO 13485
- GMP Annx 11
- PI O11-3
Many companies have taken a traditional approach to risk-averse software development; teams are taught to document everything in a traditional approach, to test everything, and include screenshots, screenshots, screenshots.
In September of 2022, the FDA provided recommendations on CSA in medical device production and quality systems, detailing methods and testing activities to establish confidence and fulfill regulatory requirements. CSA is nothing new to the FDA; these draft recommendations just repackage the existing risk-based approach to provide better guidance and firm suggestion in moving towards a more automated testing approach.
In recent years advances in manufacturing technologies including the adoption of automation robotics simulation and other digital capabilities have allowed manufacturers to reduce sources of air optimize resources and reduce patient risk FDA recognizes the potential for these technologies to provide significant benefits for enhancing the quality availability and safety of medical devices and has undertaken several efforts to help foster the adoption and use of such technologies.
– FDA CSA for Production and Quality System Software (Draft) Sep 12, 2022.
What are the CSA basics for a risk-based approach to software development?
CSA basics include identifying the intended use, defining the risk, choosing the correct quality assurance approach based upon the risk, and establishing the appropriate records. As you look at the basics of CSA, you see that there are many similarities with the traditional approach to 820. One of the largest changes to this is to decouple the document from the artifacts inside of the document. This allows companies to be more fluid in their planning, rely on the vendors for their evidence and documentation, and move to more modern development methodologies such as agile.
By doing a risk-based approach that ensures there are scripted and unscripted as well as automated tests, you're able to determine based upon risk which components of an application need to be tested the most thoroughly. Especially with COTS software that is modified (similar to a Salesforce where there is a basic installation and then there are modifications on top the platform), one is able to focus their testing on the main components that are modified and rely on the Salesforce testing for the existing components that are straight out-of-the-box.
Along with the risk-based approach to testing, there are also limitations set upon by the business such as money/headcount, speed/cycle time, and coverage. This is why it is pertinent to set automation goals that are attainable and within the limitations of the business.
TTC brings hands-on experience within the Health and Life Sciences Industry and supports clients in overcoming software quality problems related to the software development lifecycle, regulatory compliance, and legacy IT software. Our expertise in Quality Engineering and software testing solutions for the Health and Life Sciences industry improves software quality, customer satisfaction, speed to market, and eliminates production defects in the field, while using the CSA guidance.