Hello good people of the world! Today’s post is about implementing and using Microsoft SharePoint 2013 in a regulated (GMP) environment.
Microsoft has published a comprehensive guide to SharePoint 21CFR11 compliance, which can be downloaded for free here.
Basic software requirements are:
- Windows Server 2008 R2, to serve as the operating system for the software to run on
- Active Directory Domain Services, for managing user accounts
- Active Directory Rights Management Server, to manage data outside the control of the SharePoint application
- Active Directory Certificate Services, for open systems
- SQL Server 2008 R2, to serve as the application’s backend
- SharePoint Designer, to create workflows and custom pages
SharePoint 2013 workflows can be configured to use electronic signatures with versioning and audit trails, in a 21CFR11 compliant way. Electronic signatures can be configured to print directly into Microsoft Word documents, in a way that cannot be altered:
Document workflows can send emails to reminder users of their signature requirement, signature pages can be created, and retention schedules can be set like any off-the-shelf electronic Document Management System (eDMS).
Digital signatures can also be employed, although I haven’t see a lot of adoption for that kind of thing in GMP environments.
Another resource for validating custom Microsoft application is Validation and the Microsoft Platform.
How do you use SharePoint in your GMP space? What advantages/potential risks to you see?
Like this MWV (Mike Williamson Validation) post? Be sure to like, share, and subscribe!