21 CFR Part 11 Compliant Hosting Solutions

Your 21 CFR Part 11 Compliant Hosting Solution Provider

21 CFR Part 11 Compliance ByteGrid specializes in hosting data for the compliant conscious customer. Regulatory requirements for the Life Sciences industry are particularly stringent – and this also trickles down to the data center provider. We have fully qualified all our data centers to Part 11/GxP and Annex 11 compliance standards, have the documentation to prove it and our open to audit for any potential client who wants to see it for themselves.

Why does a data center need to be Part 11 Compliant?

The short answer: IT’S THE LAW. The FDA regulators via the law tell us exactly what they expect us to do and have provided several very helpful guides around how infrastructure should be qualified and how to maintain it. Full 21 CFR Part 11 compliance is essential to safeguard your customers and reputation, reduce legal liability and ensure you’re ready for FDA enforcement.

It takes considerable commitment to achieve this level of compliance but a data center should understand that the data a Life Sciences company creates, manages, edits and archives is priceless and precious. It’s possibly the recipe to a lifesaving drug, it’s a DNA sequence that cracks the code to a life prolonging therapy or the design of a medical diagnostic test that has the capacity to save thousands of lives. Data is the culmination of billions of dollars of science, technology, brain power and that unique human element that drives us to improve the quality and longevity of our lives.

ByteGrid has taken the necessary steps to achieve this commitment and protect the lives it inevitably effects because of it.

1. Quality Management System

A true GxP/Part 11 compliant data center will have a robust Quality Management System (QMS) in place. ByteGrid’s QMS is comprised of 70+ policies, procedures and forms. ByteGrid has revisions of these policies procedures and forms controlled, approved and all employees are appropriately trained for their specific job function. The scope of our QMS accounts for validation, risk assessments, IT change management and regulatory alignment. Ensuring documented evidence is essential for the data center that hosts regulated data.

2. Qualified Infrastructure

It is well understood that IT infrastructure that houses applications that are validated should be qualified. A Part 11/GxP compliant data center qualification will involve first defining key components:

HVAC - Fire suppression - Physical security - Logical security - Routers - Hubs - Firewalls - IDS/IPS

All infrastructure at ByteGrid’s data centers have been qualified and are under change management and compliance of these components is maintained through their respective life cycles. The burden to prove this and maintain Part 11/GxP compliance is on the data center provider - ByteGrid ensures this.

3. Application Specific Hardware Qualification

The application or solution specific hardware qualification is dependent upon what type of solution a Part 11/GxP customer is provisioning within the data center. A truly compliant data center will have this addressed.

Private Cloud – this involves qualifying the hardware supporting the cloud and the associated virtualization software being employed to manage it.

Community or Hybrid Cloud – the data center will have qualified the shared components, and those components should be subject to change management.

Collocated or Managed Servers – this takes the form of a traditional IQ, with the additional steps verifying both the existence of the data center QMS and their qualified infrastructure.