Quality & Regulatory Affairs
Regulations and Compliance
As a provider of cloud-based solutions for clinical research, Medidata meets regulatory expectations for software developers and service providers within the global regulatory environment. We demonstrate compliance with Good Clinical Practice (GCP) regulations, including US 21 CFR parts 312 and 812, EU Commission Directive 2005/28/EC, Ministerial Ordinance on Good Clinical Practice for Drugs (J-GCP) and ICH E6, as well as Good Post-Marketing Study Practice (GPSP) regulations related to Post-Marketing Surveillance (PMS) in Japan. In so doing, Medidata can demonstrate compliance with the ICH E6 sections on data handling and record keeping. And, our solutions and professional services are flexible and can be configured to aid and support our clients with their overall GCP and GPSP compliance.
Medidata’s platform specifically supports Electronic Record and Electronic Signature (ER/ES) requirements, including US 21 CFR part 11, Annex 11 and Japan’s Ministry of Health Labor and Welfare (MHLW) ER/ES regulations. We provide further support to assist our clients with their ER/ES compliance by training users on the significance of electronic signatures and requiring documentation of such training prior to utilizing Medidata solutions.
With regard to privacy, Medidata adheres to the data protection expectations as outlined in the US-EU Safe Harbor requirements and the EU Data Protection Directive 95/46/EC.
Medidata is dedicated to maintaining its position as an industry leader, providing quality solutions and professional services that satisfy our clients’ needs and expectations through conformance with declared requirements and specifications, designated quality standards and regulatory requirements.
Quality System Approach
Medidata’s Quality System incorporates policies and procedures covering, but not limited to, such areas as management responsibility, internal quality system audits, corrective/preventive action, records retention, control of quality system records, solution development and client complaints.
Medidata's cloud-based solutions are designed, built, tested, deployed and operated using an Agile-based suite of Software Development Life Cycle (SDLC) methods and procedures. All products have a fully-validated status, and documentary evidence (demonstrating compliance with all aspects of the SDLC) exists for each solutions’ release. Specifically, each solution release is accompanied by Release Notes, as well as a Validation Certificate that references such evidence and attests to compliance with applicable regulatory requirements.
Quality to the Client
Medidata assigns a project manager to work with every client, and Quality Control verification processes are employed to ensure that our solutions and professional services fully meet each client's unique needs.
Medidata’s Quality & Regulatory Affairs (QRA) function is involved in all aspects of our business. Additionally, QRA oversees:
- Coordination of audits of Medidata by clients and prospects and inspections of Medidata by regulatory authorities
- The evaluations and audits of Medidata’s key suppliers
- The internal Quality System audit program
- Coordination of Medidata’s Quality Incident Management program
- Development and delivery of quality and regulatory training
- Dissemination of new regulatory information