Good Clinical, Laboratory, and Manufacturing Practices (GxP)

CFR Title 21 Part 11 sets requirements to ensure that electronic records and signatures are trustworthy, reliable, and generally equivalent substitutes for paper records and handwritten signatures. It also offers guidelines to improve the security of computer systems in FDA-regulated industries. Subject companies must prove that their processes and products work as they are designed to, and if these processes and products change, they must revalidate that proof. The best practices guidelines cover:

  • Standard operating procedures and controls that support electronic records and signatures such as data backup, security, and computer system validation

  • Features that ensure that the computer system is secure, contains audit trails for data values, and ensures the integrity of electronic signatures

  • Validation and documentation that supply evidence that the system does what is intended, and that users can detect when the system is not working as designed

The regulations outlined in CFR Title 21 Part 11 set the ground rules for the technology systems that manage information used by organizations subject to FDA oversight. Any technology system that governs such GxP processes as Good Laboratory Practices (GLP), Good Clinical Practices (GCP), and Good Manufacturing Practices (GMP) also requires validation of its adherence to GxP.

Questions about GxP

Smartsheet is a highly flexible platform that can support a wide range of use cases across many different industry verticals. Customers that are subject to GxP (21 CFR Part 11 requirements) may be familiar with developing systems and practices related to GxP then having these processes validated either by a qualified internal resource or by a third-party, ensuring the integrity of the data involved in a process. In these scenarios, a number of different platforms may be used to track data and processes. Smartsheet can also be a tool for greater achievement in collaboration and process management as long as customers are able to validate their efforts and processes which they build out in Smartsheet.

As there are five disciplines representing the X in GxP and many approaches to the different disciplines, it is difficult to develop a complete and comprehensive process that can be validated initially and that can continue to serve a wide range of customers subject to the requirements of 21 CFR Part 11. Smartsheet can help users of the platform navigate the various capabilities of the platform and become power users, but customers are responsible for ensuring that their usage of the platform aligns with their specific processes and regulatory requirements (including any required validation).

If you have additional questions not answered above, please complete this form and a Smartsheet Security Engineer will reach out to you.