GxP-Relevant Applications in the Cloud - Secure and Compliant through the Lifecycle

Cloud services offer new possibilities and promise cost savings. But: in cloud solutions, the GxP-regulated company gives part of its IT sovereignty away to the cloud operator. But not all clouds are the same - the deployment models range from public cloud, community cloud, private cloud to hybrid cloud. And the service models also vary from pure usage of the cloud as a data center through IaaS (Infrastructure as a Service) to SaaS (Software as a Service). In the latter case in particular, many operator tasks and changes at the level of the cloud base components up to the provision of the application are removed from the direct influence of the user company and shifted to the execution responsibility of the cloud operator. 

What does this mean for data security? What are the GxP regulatory requirements for cloud hosting? How is validation of the hosted software carried out and what are typical topics of an inspection? What elements does a cloud strategy contain and what needs to be taken into account during operational phase? 

These questions are addressed in the German language specialist lecture by Dr. Peter Schober, Principal Consultant at gempex:

GxP-relevant applications in the cloud - Safe and valid through the life cycle
04/18/2023, Lounges Karlsruhe, 11:30 a.m., Room 3.

In the presentation, the basics are conveyed and the allocation of tasks between the cloud provider, application operators of the cloud-based solution and the user company are shown. Aspects of a cloud strategy will be explained, a validation strategy according to Annex 11 will be presented using the example of a Saas solution, and an overview of typical inspection topics in connection with cloud-based solutions will be given. 

Key points of the presentation are:

  • Cloud computing: term and definition
  • Service and deployment models
  • Opportunities and risks
  • Typical Applications in industry
  • Guidances on IT security: BSI, CSA
  • GxP - regulatory requirements applicable to cloud hosting 
  • Cloud strategy
  • Data integrity, data security
  • Validation and operational phase
  • Inspection topics
  • Conclusion

After the lecture, there will be an opportunity to talk directly with Dr. Schober at the gempex booth, D12, area VIP3000.

The gempex team of experts will be happy to answer questions about GxP in the cloud via contact@gempex.com.


This might interest you as well:
IT Validation Concept