The present invention relates, in general, to a system and method for monitoring a controlled environment and, more particularly, to a system and method of communicating information between a user and a computer system for monitoring a controlled or regulated environment, where the burden of validating and revalidating the computer system is minimized.
Many computer-based systems should or must be validated prior to their use. Validation is especially advantageous in systems used for monitoring and controlling regulated environments or processes. An example of a system requiring validation prior to use is a medical device that includes software. Another example is software used to design, develop or manufacture medical devices. Such validation is accomplished within the context of other components of the system in which the validated component is used.
In the given examples, Food and Drug Administration (FDA) regulations mandate that before such a system is used, the system must be validated. Guidance regarding the FDA regulations is provided in the following publications, which are incorporated herein by reference:
General Principles of Software Validation, Draft Guidance Version 1.1 (released for comment on Jun. 9, 1997);
Off-The-Shelf Software Use in Medical Devices, issued Sep. 9, 1999; and
Guidance for the Content of Premarket Submissions for Software Contained in Medical Devices, issued May 29, 1998.
Each of the foregoing publications was provided by the U.S. Department of Health and Human Services, Food and Drug Administration, Center for Devices and Radiological Health, Office of Device Evaluation.
Validation under the FDA regulations involves testing the hardware and software components of the computer system. Every function, whether implemented as a hardware component or a software component, must be tested and verified to confirm that it is functioning as intended by the manufacturer.
In some instances, even though validation may not be mandated by FDA or other regulations, such validation is often recommended. This is the case for systems that are used in conjunction with regulated or controlled environments or processes. For example, computer-based systems that are used to collect, store, and monitor the temperature of human blood are advantageously validated in order to ensure that the hardware and software components of the system are functioning as intended by the manufacturer. Validation also confirms that the system function meets the user""s requirements.
Whether mandated by regulations or performed voluntarily, testing and verification often takes many hours. This is because, not only should every function be tested and verified, but every possible variation of a function and every possible interaction between one function and another function should also be tested and verified.
The hardware and software configuration, as well as the software version, should be identified and documented. More specifically, the system configuration (i.e., software, hardware, and driver versions, etc.) is typically documented before or during validation, and validation is not complete without specifying the exact system configuration. No further modifications may be made to the system, and the system is xe2x80x9cfrozenxe2x80x9d. The system may now be used.
If the manufacturer or software designer issues hardware improvements or new software versions to the computer system and the user wishes to upgrade the system, use of the computer system should stop and the system should be tested and verified once more for validation. New test procedures should be written, and more extremely labor intensive hours are likely to be expended. In the mean time, otherwise automated processes are performed and recorded by hand.
Furthermore, once validated, any changes to the system, such as preventive maintenance, changing software drivers, adding application programs or changing the operating system configuration voids the validation. Typical changes requiring revalidation include adding, moving or otherwise re-arranging equipment or replacing failed equipment. Additionally there are some periodic revalidation requirements to ensure that equipment continues to operate within calibration, but such periodic validation does not necessarily relate to the validation of the overall system. An example of such periodic validation is documenting actual temperature reading of a temperature sensor every 6 months against a NIST traceable standard thermometer.
Typical revalidation triggered by replacing equipment is tailored to the equipment replaced. For instance, if a monitor is replaced the validation protocol will preferably consist of:
1) recording the monitor""s serial number, the user""s identification, date, etc., and
2) documenting that the colors on the screen are correct and in focus.
More complex components will be likely to require more involved validation. It may be unusual, short of replacing the main computer, to have to repeat the entire validation of the system. The validation that is performed should, however, document the proper operation of the changed component. For example, FDA regulations require that changes to a component of a system be validated. It is up to the user (ultimately, with assistance from the manufacturer of the system) to determine the validation protocol to be used.
A need, therefore, still exists to develop a system that can be used to monitor a controlled or regulated environment, where the burden of validating and revalidating the system is minimized. The present invention addresses that need.
To meet this and other needs, and in view of its purposes, the present invention provides a method and a system for monitoring a controlled environment.
The system includes a first computer configured to store data corresponding to a condition of the controlled environment. The first computer is validated, wherein subsequent alteration of the first computer voids the validation of the first computer. The system further includes a second computer coupled to the first computer. The second computer is configured for access to the data stored in the first computer and communication of the condition of the controlled environment to a user of the second computer, wherein alteration of the second computer does not void the validation of the first computer. A validation module of the system is configured to validate the second computer for the access and communication with respect to the first computer, thereby validating the system.
According to another aspect of the invention, a method is also provided for monitoring a controlled environment using a system having a central application program that can be linked for communication with a separate application program. The method includes validating the central application program. Data from the controlled environment is collected and stored using the central application program, and the separate application program is validated for communication of data from the central application program. The central application program is linked to the separate application program. Data is then communicated from the central application program to the separate application program without voiding validation of the central application program.
According to yet another aspect of the invention, a method is provided for validating a separate application program for communicating data from a central application program before permitting access to the central application program by the separate application program. The method includes transmitting symbols or indicia to a user of the separate application program in response to a request for data. The user of the separate application program is surveyed regarding the user""s receipt of the symbols, and the survey results are received from the user. The accuracy of the survey results is verified, and access by the separate application program to data collected and stored by the central application program is subsequently provided.