Data Integrity and Privacy: 21 CFR Part 11, Annex 11, & General Data Protection Regulation (GDPR)

Carolyn Troiano Instructor:
Carolyn Troiano 
Thursday, October 3, 2024
10:00 AM PDT | 01:00 PM EDT
90 Minutes
Webinar ID: 502312

More Trainings by this Expert

Price Details
Live Webinar
$149 One Attendee
$299 Corporate Live
Recorded Webinar
$199 One Attendee
$399 Corporate Recorded
Combo Offers
Live + Recorded
$299 $348 Live + Recorded
Corporate (Live + Recorded)
$599 $698 Corporate
(Live + Recorded)

Live: One Dial-in One Attendee

Corporate Live: Any number of participants

Recorded: Access recorded version, only for one participant unlimited viewing for 6 months ( Access information will be emailed 24 hours after the completion of live webinar)

Corporate Recorded: Access recorded version, Any number of participants unlimited viewing for 6 months ( Access information will be emailed 24 hours after the completion of live webinar)


During this webinar, in addition to learning about the California privacy rules, we will discuss the Health Information Portability and Accountability Act (HIPAA) in the US and the General Data Protection Regulation (GDPR) that is in effect to protect citizens’ personal data when they reside in the European Union (EU).

We will compare and contrast these with the CPRA, providing specific requirements and how industry subject to these regulations can meet compliance.

Why you should Attend: This webinar is intended for those involved in planning, execution and support of computer system validation activities, working in the FDA-regulated industries, including pharmaceutical, medical device, biologics, tobacco and tobacco-related products (e-liquids, e-cigarettes, pouch tobacco, cigars, etc.). Functions that are applicable include research and development, manufacturing, Quality Control, distribution, clinical testing and management, sample labeling, adverse events management and post-marketing surveillance.

The attendee will learn how to manage data from various sources, including those from locations governed by General Data Protection Regulation (GDPR; European Union), Health Information Portability and Accountability Act (HIPAA; US), and California Privacy Rights Act (CPRA).

The attendee will understand the importance of meeting the requirements for each regulation and will also learn about FDA compliance for computer systems regulated by the Agency. We will cover 21 CFR Part 11, the FDA guidance for electronic records/signatures, the FDA guidance for Data Integrity, and the FDA guidance for Computer System Validation (CSV; traditional approach from 1983) and FDA guidance for Computer Software Assurance (CSA; draft issued September 2022).

We will also discuss how to align work with GAMP®5, Second Edition (Issued July 2022).

Areas Covered in the Session:

  • In this webinar, we will explore the best practices and strategic approach for evaluating computer systems used in the conduct of FDA-regulated activities and determining the level of potential risk, should they fail, on data integrity, process and product quality, and consumer/patient safety
  • We will discuss traditional CSV vs. CSA, the draft guidance issued in September 2022 by FDA, indicating the differences and similarities, and how they align
  • We will explore validation following the traditional waterfall, phased approach, and following an agile methodology, with 2–3-week sprints for completing work products
  • We will walk through the System Development Life Cycle (SDLC) approach to validation, based on risk assessment
  • We will also cover validation using Computer Off-the-Shelf (COTS), Cloud, and Software-as-a-Service (SaaS)
  • We will discuss the GAMP®5 guidance from ISPE and how to categorize software and test it thoroughly based on potential risk
  • We will discuss the application of 21 CFR Part 11, FDA’s guidance for electronic records/signatures from 1997, and Annex 11, a similar guidance from the European Union (EU). We’ll also cover data integrity requirements from FDA’s December 2018 guidance document, including how to leverage the ALCOA+ principals (attributable, legible, contemporaneous, original or true copy, accurate, complete, consistent, enduring, and available) for FDA-regulated systems
  • We will provide an overview of practices to prepare for an FDA inspection, and will also touch on the importance of auditing vendors of computer system hardware, software, tools and utilities, and services
  • Finally, we will provide an overview of industry best practices, with a focus on data integrity and risk assessment that can be leveraged to assist in all your GxP work

Who Will Benefit:
  • Information Technology (IT) Analysts
  • IT Developers
  • IT Support Staff
  • IT Security Staff
  • QC/QA Managers and Analysts
  • Production Managers and Supervisors
  • Supply Chain Managers and Supervisors
  • Clinical Data Managers and Scientists
  • Compliance Managers and Auditors
  • Lab Managers and Analysts
  • Computer System Validation Specialists
  • GMP, GLP, GCP Training Specialists
  • Business Stakeholders using Computer Systems regulated by FDA
  • Regulatory Affairs Personnel
  • Consultants in the Life Sciences and Tobacco Industries
  • Interns working at the companies listed above
  • College students attending schools and studying computer system validation, regulatory affairs/matters (related to FDA) or any other discipline that involves adherence to FDA regulatory requirements

Speaker Profile
Carolyn (McKillop) Troiano has more than 35 years of experience in the tobacco, pharmaceutical, medical device and other FDA-regulated industries. She has worked directly, or on a consulting basis, for many of the larger pharmaceutical and tobacco companies in the US and Europe, developing and executing compliance strategies and programs. Carolyn is currently active in the Association of Information Technology Professionals (AITP), and Project Management Institute (PMI) chapters in the Richmond, VA area.

During her career, Carolyn worked directly, or on a consulting basis, for many of the larger pharmaceutical companies in the US and Europe. She developed validation programs and strategies back in the mid-1980s, when the first FDA guidebook was published on the subject, and collaborated with FDA and other industry representatives on 21 CFR Part 11, the FDA's electronic record/electronic signature regulation.

You Recently Viewed

Subscribe to our Newsletter

Subscribe for Compliance Alerts Research Reports Absolutely Free