Compliance Services - Life Sciences

Regulatory Alignment

Sidus BioData has invested heavily to ensure one of the most robust IT Quality Systems in the Life Science Industry. We have ensured alignment with US, Canadian and European IT GMP regulations. Our proprietary Regulatory Roadmap fully traces our Quality System to all applicable regulations and allows our customers to benefit from a world class Infrastructure Compliance program.

Data Migration

Data Migration Plans are prepared jointly between our Infrastructure Compliance Group and our customers IT and Quality departments. Our DMP's ensure our customer's transition to Sidus BioData is as seamless as it is compliant.

SOP/ Policy Authoring

In order to provide seamless compliance for hosted systems the delineation of responsibilities between the outsource provider and the customer is critical.  Our qualified data center has a fully implemented quality system including policies, procedures etc. however it is recommended that SOPs be developed on the customer side to assure administration and control activities are defined appropriately. 

IT Quality Auditing

Typically the first step in IT auditing is a risk assessment.  The risk assessment identifies the risks that your outsourced IT services present to your business operations.  Once a risk assessment has been completed our team will partner with the customer to complete a comprehensive audit of key data center controls.  The audit will provide assurance that pre-established control objectives in the areas of regulatory compliance, security, confidentiality, integrity, and availability are in place.

Hardware Installation Qualification

Installation Qualification of your hosted cloud or server can be provided by our Quality Team.  Our qualification efforts will be risk-based ensuring that the appropriate level of testing is completed.  Typical deliverables will include:

• Server Validation Strategy Document
• Test Protocol
• Requirements/ Specifications
• Risk Assessment
• Traceability Matrix
• Final Summary Report

Disaster Recovery Testing

Documented disaster recovery testing is a requirement by some regulatory bodies.  Periodic testing to demonstrate the disaster recovery process is still working as expected is recommended however the level of documentation will vary depending on the type of data being recovered.  Our Quality Team will provide fully documented test results at agreed-upon intervals to satisfy our customers regulatory requirements.

Risk Assessments

Our quality team can help you identify, govern and manage risks associated with outsourcing your regulated IT systems/ data.  Risk assessments play an important role in developing a SLA, meeting regulatory requirements and driving the appropriate level of control and testing on your cloud.  Our CISA certified staff will spend the time to understand your business/ compliance needs and provide the technical details of our data center operations to mitigate all risks down to an acceptable level of residual risk.  The final approved document will be provided to our customer for inspection readiness.

Periodic Evaluations

Periodic evaluations are an important tool that helps businesses determine the need for re-validation.  Our staff will perform and document periodic evaluations of hosted systems for customers on periodic basis.  Change requests, help desk tickets, intrusion detection, and other operational statistics will be compiled into an easily readable report and provided to our customers.