“It’s all about the data.” How many times have you said or heard this in recent years? Life sciences companies are creating and managing data with surprising velocity—accelerated largely by digital technology. This wealth of data enables better patient care through faster time to market, enhanced diagnostic capabilities, and more targeted therapies. At the same time, there is still a need to ensure patient safety.

So, where does the Food and Drug Administration (FDA) stand within this new biotech landscape?

With the rollout of new life sciences regulatory guidelines targeting computerized systems, electronic records, data integrity, and Computer Systems Assurance (CSA), we are left wondering: Is there an appropriate shift in the FDA’s thinking? Is there something bigger and broader going on in the background to address the changing tech landscape?

The short answer is yes. The FDA has been working on refinements to guide how the industry can demonstrate regulatory compliance. While keeping pace with tech will remain a challenge, it’s important to remember that the core intentions of the regulations remain steadfast. No harm to human life must be the primary driver.

Let’s dig in a bit further to understand how the FDA has been keeping up with the changing landscape. To do so, let’s consider:

  • The core purpose of regulatory bodies
  • Some of the original regulations
  • A few of the newer guidelines

The Purpose of Regulatory Bodies

Considering that the products of a life sciences company are drugs and/or medical devices, it’s easy to see how poor-quality products can harm lives—therefore the need for us to have regulations. The intentions of regulations are not to add complexity. Rather, they are there to ensure product quality and that products don’t cause harm to the consumer/patient. With this core concept in mind, let’s look at some of the changes over the years.

Origin and Evolution of Regulations

Some of the key regulations related to the industry—like 21 CFR Part 11, 210/211, 820, ICH Q7A, and other international regulations—have withstood the test of time. The key to this longevity is not dictating specifically how regulation implementations must be done, but instead framing the recommendations more as guidelines and best practices.

Here is a brief overview of regulatory evolution over the years through guidance updates:

  • The original guidelines were strict regarding system implementations: detailed step-by-step approaches, thoroughly documented evidence, and verification of every requirement and design.
  • Over time, with feedback from the industry, guidelines were updated to incorporate efficiencies for individual systems implementations (i.e., scaling validation effort based on risk).
  • Since 2016, regulations have shifted to focus more on the importance of broader data integrity and data governance issues, versus strictly system-focused validation efforts.
  • In 2019, a draft guidance was introduced around Computer Systems Assurance (CSA), which represents a departure from traditional Computer Systems Validation (CSV) concepts, where the emphasis shifts to having and following process, rather than ensuring massive amounts of documentation.
  • In recent years, there has been talk by the FDA about motivating Life Sciences companies to actively monitor product quality and corporate culture of quality via metrics and allowing management reviews to occur as part of the normal process instead of as “one-off” events.

Looking at these updates over time, we see an evolution. There has been a shift in focus from ensuring that individual systems and tools are set up and maintained appropriately, to ensuring broader controls focused on the integrity of core data.

Data that provides the evidence of product quality is now captured throughout the entire product lifecycle—essentially moving from low-value “check the box” steps of the past (which often left many quality gaps) to a broader “quality is everyone’s responsibility” concept.

Good News for Biotech

These changes may appear to simply be a shift in interpretation of how to implement the original set of regulations. But the good news for the industry is that the regulatory bodies are listening and responding to challenges in the industry. They are acknowledging improvements and changes in technology to support the common goal: successfully helping people improve their lives.


Here at SQA Group, we have a deep understanding of the Life Sciences industry and its journey to compliance and validation. Do you have faith in your compliance process? We’d love to chat; drop us a note here.