Security, GXP & Part 11 Compliance

Intellectual Property protection and data security have become vital to many business areas. This includes scientific and spectroscopic data. Especially in highly regulated environments as found in the pharmaceutical industry, specific requirements from quality assurance departments, FDA, GxP, or other regulatory bodies need to be met and addressed in everyday work.

The Security Add-On module to our panorama Pro, irAnalyze, and RAMalyze products provides enhanced features to help you fulfill such regulations easily. The module assists you in controlling your workflows, protecting your knowledge, and securing your accompanying spectroscopic data.

SciGear has powerful built-in features for security and compliance-readiness and does not require a separate module.

Product Flyer:

Compliance Features

A fully configurable set of features is available. All features can be enabled or disabled on demand depending on your preferred security level:

  • Wizard guided installation & configuration of the Security Add-On module
  • Standalone or LDAP based user management (Security Add-on Module: With wizard-guided configuration)
  • User authentication on software start-up
  • Automatic lockout after idle time
  • Lock screen function (desktop software only)
  • Support for various password policies
  • User dependent control over software functions utilizing permission schemes
  • Workflow oriented, hierarchical data access control with distinct release policies
  • Electronic signatures with predefined and custom release comments
  • Data versioning
  • Comprehensive audit trail and activity log for data and software activities

Some key features are described in more detail below.

User Administration

Software access is controlled by an independent or MS-Windows based user management. Authorized users can be administered by an administrator user. Configurable permission schemes are applied to each user, granting access to distinct software functions. During start-up of the software, a login dialog is shown similar to Windows logon. After successful login, the software only shows those menus and functions the current user is permitted to use.

Data Access Control

In parallel to the permission schemes controlling access to program functions, users can also be assigned data access roles. These roles control whether the current user is permitted to open, modify, copy or delete data. Multiple data access roles with particular data access permissions can be defined and assigned to user groups in your company, such as lab operators, lab supervisors, chemists, QA managers, etc.

Data access roles are configurable and can be organized hierarchically according to your company hierarchy. Spectroscopic data can be transferred from one to another data access level by electronic signature. Signed data has the access permissions defined for the target data access role.

Example: The lab operator measures a spectrum and releases the spectrum by signing it. The lab supervisor will pick up the spectrum to create a calibration model. Once a spectrum is in use for calibration, both the spectrum and the calibration model must no longer be modified by the lab operator. Hence, the lab supervisor signs both to prevent lab operators from modifying them.

Activity Logging

All activities like logon, log off, changing options, creating, modifying or removing data, etc. are logged in a comprehensive activity report. The report can be investigated by the administrator user in a report viewer utilizing enhanced filter functions. The activity log helps you track various operations of interest during a company audit.

Such reports help you to accomplish audits easily.