Ensure Audit Readiness
In the highly regulated drug development market, certain software applications used in the clinical trial process must comply with and be validated against a growing list of global government requirements. US and EU requirements such as FDA 21 CFR Part 11, HIPAA, European Commission Directives and US FDA electronic signing regulations make it costly, time consuming and difficult for organizations to monitor a vendor’s adherance to changing regulatory compliance requirements.
To address our customer’s ongoing compliance needs and to minimize their risk, SureClinical launched SureCompliance™ as an annual subscription service and web portal. SureCompliance is designed to give our life science and healthcare customers immediate access to the critical system compliance documents that they need for regulatory audits and inspections. SureCompliance is offered via a secure web portal service, and includes a training and test environment for quality and training purposes.
SureClinical maintains its compliance documents including SOP’s data center audit opinions, independent compliance opinions, staff training records, validation test scripts and validation reports and other compliance documents online in the SureCompliance portal. These compliance documents are updated continuously to ensure a broad range of regulatory agency support for both the US and EU.
SureCompliance is an annual subscription service providing you with an online portal that addresses FDA, EC and other regulatory agency requirements for validation of health science applications. It include features such as:
- Compliance Web Portal: SureClinical has delivered its compliance validation documents and reports to meet the requirements of FDA 21 CFR Part 11, EC Annex 11 and GAMP 5.
- Test Environment / Instance: SureClinical provides a test instance with a non-production software license and snapshots of your data (reimaged at major releases).
- Pre-release Access to software and test results: To assist its customers with system compliance tasks, SureClinical provides its SureCompliance subscription customers with access to tested, pre-release versions of software, as well as test reports and requirements approximately 4-6 weeks prior to major releases.
- Audit trail: All user activity on the SureCompliance portal is tracked with a read-only time-stamped audit trail that adheres to FDA requirements for user activity and login events.
- Continuous updates: Proactive compliance portal content monitoring and updates means that you’ll have the most current system compliance information on your compliance portal subscription, 24×7.
- Get immediate access to compliance docs on demand when you need them – even in the middle of an inspection or audit
- Save staff time and hassle collecting compliance certificates, records and docs
- Save money and travel costs with on-site audits – complete audits remotely using the SureCompliance Portal
- Accelerate quality management processes through reduced time and labor resource needs
SureCompliance Portal provides customers with the most comprehensive list of certifications and compliance docs:
- SSAE-16 Type I and Type II Attestation: Support for both SSAE-16 Type I and Type II attestations in conjunction with auditor SSAE 16 Solutions.
- PCI Compliance: Maintenance of a PCI-compliant environment. Certification is optional for customers who purchase the PCI compliance service.
- HIPAA Business Associate: SureClinical maintains policies and procedures necessary to act as a HIPAA Business Associate for customers whose application maintains data covered by HIPAA regulations.
- FDA CFR Part 11 Application Certification: SureClinical’s SureClinical eTMF cloud application is independently audited and validated through an ongoing program of continuous validation and certification. These in-depth evaluations of our cloud applications and cloud infrastructure are done against a rigorous set of FDA regulations.
- U.S. Commerce Department Safe Harbor Certification: SureClinical’s cloud is certified under the U.S Commerce Department’s Safe Harbor program, which signifies that the SureClinical cloud employs policies and procedures that meet the privacy standards of the European Commission’s Directive on Data Protection. By certifying under the program, SureClinical’s customers can be assured that their personal information is private and protected.
- FIPS-140-2 Level 3 compliance: SureClinical’s Certified Cloud is the first cloud solution for health sciences to offer a secure cloud-based digital signing service that enables investigators to electronically sign documents outside the firewall making the 100% paperless eTMF a physical reality. Our patent-pending signing services support digital certificate signing (PKI x.509). All PKI signing transactions utilize US NIST tested and approved FIPS-140-2 Level 3 technologies.
- Staff Training Records: Continuous training on SOP’s and processes, evidenced by digitally signed training records and reports.
- Software Release Test Cases: Detailed step-by-step test cases for software features
- Software Release Test Reports: Detailed reports on test case results for automated and manual tests
- SOP documents: Current SOP documents related to the development, operation, maintenance support, testing of software and more.