GAP
Table of Contents

ELN/LIMS End-User Requirements

Has your team considered utilizing an ELN or LIMS in the laboratory, but didn’t know how or where to start? End-user requirements for ELN/LIMS are an important part to any ELN/LIMS project and a good place to begin your journey towards a paperless lab.

SciCord has put together an example of what end-user requirements may look like for a laboratory:


1 Purpose

To define end-user requirements to support R&D, Quality Control, and Manufacture as implemented at Organization.

2 Scope

Implement a commercial off the shelf (COTS) application capable of supporting R&D, Quality Control, and Manufacture business organizations.

3 Abbreviations and Definitions

3.1 Abbreviations

ELN Electronic Laboratory Notebook
LIMS Laboratory Information Management System
COTS Commercial off-the-shelf software
URL “Uniform Resource Locator” – protocol for specifying addresses on the Internet.

3.2 Definitions

21CFR Part 11 Code of US Federal Regulations dealing with electronic records and signatures.
Closed System Software environment in which system access is controlled by persons who are responsible for the content of electronic records that are on the system.
Plug and Play Term defining a process that allows functionality to be integrated into an existing application and which will work perfectly when first used or connected, without reconfiguration or adjustment by the user.
Configuration Specific settings which define how the system operates, including roles and permissions.

4 Requirements

End-user requirements are designed to define the procedures and practices critical to support laboratory and production operations and associated documentation. Each end-user requirement is assigned unique requirement numbers to support traceability to test scripts.

4.1 Quality

UR-Qual-01 The system manages user roles for at minimum Administrator, Scientist, Data Reviewer, Sample Manager, Customer, and Quality Assurance.
UR-Qual-02 The system supports granular permissions for system functionality.
UR-Qual-03 The system manages a matrix of roles versus permissions.
UR-Qual-04 The system manages User definition – creation, activation, updates, deactivation, and role assignment.
UR-Qual-05 Grouping mechanism, such as the “site”, which governs the default scope of information displayed to a user. Site scope may be overridden to display a wider range of information.
UR-Qual-06 A mechanism must be available to expose specific information or documentation to internal or external customers
UR-Qual-07 Granular access to specific system information can be managed (Claims). This requirement adds an additional layer of control to permissions. Example: Use of an instrument is restricted to users completing a specific training exercise.
UR-Qual-08 The system enforces password strength and expiration in accordance with organizational requirements OR implements the organization’s LDAP system for single sign-on.
UR-Qual-09 The system provides archival of documentation and samples in long-term readable format.
UR-Qual-10 The system supports messaging both internal to the solution or via email. Messages are automatically generated based on user-defined events.

4.2 Document Lifecycle

UR-DocLife-01 The system supports a controlled document lifecycle including document status for: creation, in progress, optional review, optional approval, and complete.
UR-DocLife-02 The system supports rework, where reviewed or complete documents are returned to an editable state.
UR-DocLife-03 Documents may be canceled but may not be deleted.
UR-DocLife-04 Document content may be viewed in a read-only mode

4.3 Document Edit

UR-DocEdit-01 Document edit supports recording and formatting scientific information.
UR-DocEdit-02 Calculations are supported with Excel compatible formula functionality.
UR-DocEdit-03 Document edit supports cell content types: text, dates, numbers, and calculated formulas.
UR-DocEdit-04 Document Editor supports Copy & Paste operations.
UR-DocEdit-05 Document Editor supports URLs, Pictures, & Lines.
UR-DocEdit-06 Support in context Signatures within document content.
UR-DocEdit-07 Support temporary work on a document by a different user to record information.
UR-DocEdit-08 Support file attachment within document content.
UR-DocEdit-09 Support linkage between resource definition and resource usage.
UR-DocEdit-10 Support extraction of structured data
UR-DocEdit-11 Support data entry in standard spreadsheet and rich text formats.

4.4 Document Review

UR-DocRev-01 Support addition and management of review notes on a document. Notes must be removed when document is completed.
UR-DocRev-02 Support review alerts for visualization of situations requiring reviewer attention.
UR-DocRev-03 Highlight/mark all entries related to audited records under Review
UR-DocRev-04 Support partial reviews and multiple reviewers

4.5 Sample Management

UR-Spl-01 The system supports a controlled sample lifecycle including sample status for: creation, in progress, available, optional review, and optional complete.
UR-Spl-02 Support configurable sample types and configurable sample attributes.
UR-Spl-03 Support linkage between samples and documents.
UR-Spl-04 Support label printing for Samples. Include barcodes on the label.
UR-Spl-05 Support sample inventory.
UR-Spl-06 System supports management of hierarchical sample locations
UR-Spl-07 Sample task management is supported. Tasks should include at minimum:

1) what needs to be done,

2) who is responsible (individual or group),

3) start date and completion date

4.6 Support

UR-Sup-01 The preferred solution requires minimal overhead by the organization and is provided as SaaS (Software as a Service). The solution is provisioned, maintained, and fully supported by the vendor.
UR-Sup-02 The preferred solution is provided as a Closed System to be more easily validated and managed.
UR-Sup-03 The preferred solution provides an industry-standard data migration path such as XML to support transfer of organization data to another solution if circumstances require.
UR-Sup-04 The preferred solution features a modular architecture that can be easily enhanced and extended by adding plug and play modules & components.
UR-Sup-05 Scheduling of updates and releases are managed by the organization – not the vendor.
UR-Sup-06 Vendor validation package (Solution Requirements, Functional Specification, Design Specification, Test Plans, Test Executions, Matrix, Summary Report)
UR-Sup-07 Documented Backup and Recovery procedure.
UR-Sup-08 Documented Service Level Agreement (SLA) defining:

· Service Availability

· Support Coverage

· Support Guidelines

UR-Sup-09 Issue Management

4.7 Compliance

UR-Comp-01 The solution supports flexible life cycles for documents, specifications, and samples. At minimum, life cycles must include author(s), reviewer(s), and approver.
UR-Comp-02 Screen locking can be implemented on organization defined “unused” time interval.
UR-Comp-03 A comprehensive audit trail is implemented. The audit trail should be easily displayed and understood by reviewers and auditors. Audit reasons can be required for change events.
UR-Comp-04 The solution generates a comprehensive “readable” archive bundle for long-term data storage. The archive bundles should be available for storage inside the organization’s network.

4.8 Data

UR-Data-01 The solution supports definition of structured data in the format Test-Measurement.
UR-Data-02 Structured data is associated with samples or documents.
UR-Data-03 Structured data includes definition of analyst, date, units, replicate number, method, and method version.
UR-Data-04 The definition of structured data may be extended through a set of flexible qualifiers.
UR-Data-05 Structured data is displayed for a specific sample or for a filtered group of samples.
UR-Data-06 Structured data may be queried from a DataMart. The DataMart tables should be in stacked or in wide form tables to support queries from third party visualization tools such as JMP, PowerBI, Spotfire, Excel, or Visio.
UR-Data-07 Specifications can be applied against structured data. Specification should at minimum support warning and error limits for text or numeric data. The results associated with a specification are displayed with outcomes.

4.9 Reports

UR-Rep-01 Reports can be generated for structured data in either pdf or spreadsheet format.
UR-Rep-02 Basic reports can be defined using a set of filters available in the user interface.
UR-Rep-03 Advanced reports can be defined by the organization by users with a knowledge of spreadsheet applications.
UR-Rep-04 Reports can be scheduled and delivered either via email or to a defined folder within the system.

4.10 Interface

UR-Inter-01 Solution supports real-time connections with instruments such as balances and pH meters.
UR-Inter-02 Instrument files can be attached to documentation.
UR-Inter-03 Attached instrument files can be “parsed” to extract specific information for additional processing or reporting.
UR-Inter-04 Instruments can “print” directly to the solution using a printer driver.
UR-Inter-05 Custom interfaces are provided for specific instrument applications
UR-Inter-06 Chromatography interface is provided for industry standard vendors (Waters, Agilent)

4.11 Resources

UR-Res-01 The solution manages resources such Standards, Solutions, Supplies, Chemicals, Protocols, and Methods
UR-Res-02 Resource usage can be identified – instances where a resource was used within a specified date range.
UR-Res-03 Manage Resource Expiration dates and availability
UR-Res-04 Manage Resource location
UR-Res-05 Manage Resource inventory
UR-Res-06 Manage Instrument logbooks including metrology (calibration due dates, in/out of service, scheduling, and recording preventative maintenance).

4.12 Extensions

UR-Ext-01 The system provides Analytical Documentation modules.
UR-Ext-02 The system provides Manufacture Batch Records.
UR-Ext-03 The system provides a Training module.
UR-Ext-04 The system provides a Document Management module.
UR-Ext-05 The system provides a Stability module.

4.13 21CFR Part 11 Records

UR-CFRRec-01 Limited and authorized system access. [11.10(a)]
UR-CFRRec-02 Limited access to selected tasks and permissions. [11.10(a)]
UR-CFRRec-03 Computer generated audit trail. [11.10(a)]
UR-CFRRec-04 Accurate and complete copies. [11.10(a)]
UR-CFRRec-05 Binding signatures with records. [11.10(a)]
UR-CFRRec-06 Procedures should be in place to generate accurate and complete copies of records in both human readable and electronic form suitable for inspection. [11.10(b)]
UR-CFRRec-07 Records must be protected to enable their accurate and ready retrieval throughout the records retention period. [11.10(c)]
UR-CFRRec-08 Procedures should be in place to limit system access to authorized users [11.10(d)]
UR-CFRRec-09 Procedures should be available to use secure, computer-generated, time-stamped audit trails to independently record the date and time of operator entries and actions that create, modify, or delete electronic records. [11.10(e)]
UR-CFRRec-10 Record changes shall not obscure previously recorded information. Such audit trail documentation shall be retained for a period at least as long as required for the subject electronic records and shall be available for agency review and copying. [11.10(e)]
UR-CFRRec-11 Procedures should be available to use operational system checks to enforce permitted sequencing of steps and events, as appropriate [11.10(f)]
UR-CFRRec-12 Procedures should be available to use authority checks to ensure that only authorized individuals can use the system, electronically sign a record, access the operation or computer system input or output device, alter a record, or perform the operation at hand. [11.10(g)]
UR-CFRRec-13 Procedures should be available to use device (e.g., terminal) checks to determine, as appropriate, the validity of the source of data input or operational instruction. [11.10(h)]
UR-CFRRec-14 Procedures should be available to determine that persons who develop, maintain, or use electronic record/electronic signature systems have the education, training, and experience to perform their assigned tasks”. People qualification is a GxP requirement and not specific to Part 11. [11.10(i)]
UR-CFRRec-15 Procedures should be available to establish, and adhere to, written policies that hold individuals accountable and responsible for actions initiated under their electronic signatures, in order to deter record and signature falsification. [11.10(j)]
UR-CFRRec-16 Procedures should be in place for appropriate controls over systems documentation including: (1) Adequate controls over the distribution of, access to, and use of documentation for system operation and maintenance. (2) Revision and change control procedures to maintain an audit trail that documents time-sequenced development and modification of systems documentation. [11.10(k)]

 

4.14 21CFR Part 11 Electronic Signatures

UR-CFRSig-01 Signed electronic records shall contain information associated with the signing that clearly indicates all of the following:
(1) The printed name of the signer;
(2) The date and time when the signature was executed; and
(3) The meaning (such as review, approval, responsibility, or authorship) associated with the signature.
(4) The items identified in this section shall be subject to the same controls as for electronic records and shall be included as part of any human readable form of the electronic record (such as electronic display or printout).
UR-CFRSig-02 Electronic signatures and handwritten signatures executed to electronic records shall be linked to their respective electronic records to ensure that the signatures cannot be excised, copied, or otherwise transferred to falsify an electronic record by ordinary means
UR-CFRSig-03 Each electronic signature shall be unique to one individual and shall not be reused by, or reassigned to, anyone else.
Before an organization establishes, assigns, certifies, or otherwise sanctions an individual’s electronic signature, or any element of such electronic signature, the organization shall verify the identity of the individual.
UR-CFRSig-04 Persons using electronic signatures shall, prior to or at the time of such use, certify to the agency that the electronic signatures in their system, used on or after August 20, 1997, are intended to be the legally binding equivalent of traditional handwritten signatures.

(1) The certification shall be submitted in paper form and signed with a traditional handwritten signature, to the Office of Regional Operations (HFC-100), 5600 Fishers Lane, Rockville, MD 20857.
(2) Persons using electronic signatures shall, upon agency request, provide additional certification or testimony that a specific electronic signature is the legally binding equivalent of the signer’s handwritten signature.

UR-CFRSig-05 Electronic signatures that are not based upon biometrics shall:

(1) Employ at least two distinct identification components such as an identification code and password.
(i) When an individual executes a series of signings during a single, continuous period of controlled system access, the first signing shall be executed using all electronic signature components; subsequent signings shall be executed using at least one electronic signature component that is only executable by, and designed to be used only by, the individual.
(ii) When an individual executes one or more signings not performed during a single, continuous period of controlled system access, each signing shall be executed using all of the electronic signature components.
(2) Be used only by their genuine owners; and
(3) Be administered and executed to ensure that attempted use of an individual’s electronic signature by anyone other than its genuine owner requires the collaboration of two or more individuals.
(4) Electronic signatures based upon biometrics shall be designed to ensure that they cannot be used by anyone other than their genuine owners.

UR-CFRSig-06 Persons who use electronic signatures based upon the use of identification codes in combination with passwords shall employ controls to ensure their security and integrity. Such controls shall include:
(a) Maintaining the uniqueness of each combined identification code and password, such that no two individuals have the same combination of identification code and password.
(b) Ensuring that identification code and password issuances are periodically checked, recalled, or revised (e.g., to cover such events as password aging).
(c) Following loss management procedures to electronically deauthorize lost, stolen, missing, or otherwise potentially compromised tokens, cards, and other devices that bear or generate identification code or password information, and to issue temporary or permanent replacements using suitable, rigorous controls.
(d) Use of transaction safeguards to prevent unauthorized use of passwords and/or identification codes, and to detect and report in an immediate and urgent manner any attempts at their unauthorized use to the system security unit, and, as appropriate, to organizational management.
(e) Initial and periodic testing of devices, such as tokens or cards, that bear or generate identification code or password information to ensure that they function properly and have not been altered in an unauthorized manner.

 

SciCord ELN/LIMS Solutions

Our aim is to create and maintain a comprehensive, configurable, enterprise laboratory informatics solution to enable users to record and consume their laboratory data in ways that facilitate bringing their product to market.

We appreciate you for taking the time to visit our site and learning a little about SciCord. If you’re interested in any of the SciCord products for use in your laboratory, we want to be able to provide you with any information that is needed to help you in making a decision. Feel free to reach out using the ‘Request a Demo’ button for additional information or to setup a time to have a demonstration of our product.

Request a Demo