Quality, Compliance & Security Consulting

 

Pharma IT is experienced in all parts of computer System Validation. We have numerous consultants working with ensuring the compliance of GxP critical computer systems. We have experience in IQ/OQ/PQ, risk based validation and Agile methodology in the Pharmaceutical sector.

We can create and maintain the right levels of specifications and ensure your computer systems will pass through regulatory inspections.

Besides that, we can Audit you  to ensure their compliance, and guide you in writing an IT QMS to assist your organization in meeting regulatory requirements.

Our services include:

  • Risk Assessments
  • Software Vendor Audits
  • User Requirement Specifications
  • Validation Plans and Reports
  • Installation, Operational and Performance Qualification plans and reports
  • Quality in Data Migration
  • System Management SOPs and processes
  • Commissioning and Decommissioning
  • Information Security Management System (ISMS)

We hold certifications within CISSP (IT security), ISO27001, CISA (Information System Audit), CISM (Security Manager), GxP, Computerized System Validation, Data Integrity, ALCOA principles, 21 CFR Part 11 / EU Annex 11

Pharma IT is experienced in Security Management. We have consultants working with general security management activities ensuring the requirements for establishing, implementing, maintaining and continually improving an Information Security Management System. 

We have certified consultants in the General Data Protection Regulation area that can help setting the right level of compliance. See more here.

Besides that, we can Implement and Audit against ISO27001 standard. 

Our services include:

  • Risk Assessments
  • Business Impact Assessment
  • Data Privacy Impact Assessment
  • Software Vendor Audit
  • Built and maintain Standard Operating Procedures and related processes
  • Build and maintenance of an Information Security Management System (ISMS) 

We hold certifications within CISSP (IT security), ISO27001, CISA (Information System Audit), CISM (Security Manager), GxP, Computerized System Validation, Data Integrity, ALCOA principles, 21 CFR Part 11 / EU Annex 11

The EU General Data Protection Regulation was made effective on the 25th of May 2018. Pharma IT offers several services in respect to the implementation of GDPR in pharmaceutical companies.

EU GDPR Implementation

If you haven not already done so we recommend that the following activities are planned and executed:

  • Create a process overview of departments handling personal data
  • Map the personal data processed into the process overview
  • Map the existing security measures and compliance to the GDPR
  • Identify gaps to the GDPR in the created process and data flow overview
  • Create Data Protection Impact Assessment document based on the above collected information
  • Initiate project/tasks to close the identified gaps (if any)

In many cases, existing systems and process will be sufficient and compliant with GDPR, but the full process and IT systems will still need to be reviewed in the view of GDPR and where gaps are identified these should be closed.

Data Protection Officer

The GDPR states that a data protection officer shall be designated in any case where the core activities of the controller or the processor consist of processing operations which require regular and systematic monitoring of data subjects on a large scale (article 37).

This role can be outsourced and it’s a service we are already providing.