GxP

Overview

GxPLogoAws

GxP is an acronym that refers to the regulations and guidelines applicable to life sciences organizations that make food and medical products such as drugs, medical devices, and medical software applications. The overall intent of GxP requirements is to ensure that food and medical products are safe for consumers and to ensure the integrity of data used to make product-related safety decisions.

The term GxP encompasses a broad range of compliance-related activities such as Good Laboratory Practices (GLP), Good Clinical Practices (GCP), Good Manufacturing Practices (GMP), and others, each of which has product-specific requirements that life sciences organizations must implement based on the 1) type of products they make and 2) country in which their products are sold. When life sciences organizations use computerized systems to perform certain GxP activities, they must ensure that the computerized GxP system is developed, validated, and operated appropriately for the intended use of the system.

  • Is AWS GxP compatible?

    Yes. For a comprehensive approach to using the AWS Cloud for GxP systems, see the whitepaper Considerations for Using AWS Products in GxP Systems. This whitepaper was developed in conjunction with AWS pharmaceutical and medical device customers, as well as software partners, who are currently using AWS services in their validated GxP systems. In order to ensure the suitability of the content, AWS took the additional step of engaging Lachman Consultants to review and contribute to the approach outlined in this whitepaper. Lachman Consultants is one of the most highly respected consulting firms on US Food and Drug Administration (FDA) and international regulatory compliance issues that affect the pharmaceutical and medical device industry today. Lachman Consultants has extensive experience working with companies to establish and develop GxP systems, including GxP guidelines in support of maintaining regulated data in a validated cloud environment. For more information on Lachman Consultants, see www.lachmanconsultants.com.

    AWS also has other security and quality certifications such as ISO 9001, ISO 27001, ISO 27017, and ISO 27018, and is compliant with NIST 800-53 under the FedRAMP compliance program.

  • Has anyone used AWS services in GxP systems?

    Yes, numerous AWS customers have successfully developed, validated, and operated all or part of their GxP system using AWS services. AWS regularly works with GxP customers and their auditors in planning for, developing, validating, operating, and auditing GxP systems that use AWS services as a component. Because of confidentiality agreements, we do not disclose specific company details and use cases of GxP systems in AWS.

  • What is 21 CFR Part 11?

    In the United States (US), GxP regulations are enforced by the US Food and Drug Administration (FDA) and are contained in Title 21 of the Code of Federal Regulations (21 CFR). Within 21 CFR, Part 11 contains the requirements for computer systems that create, modify, maintain, archive, retrieve, or distribute electronic records and electronic signatures in support of GxP-regulated activities. Part 11 was created to permit the adoption of new information technologies by FDA-regulated life sciences organizations, while simultaneously providing a framework to ensure that the electronic GxP data is trustworthy and reliable.

    There is no GxP certification for a commercial cloud provider such as AWS. AWS offers commercial off-the-shelf (COTS) IT services according to IT quality and security standards such as ISO 27001, ISO 27017, ISO 27018, ISO 9001, NIST 800-53 and many others. GxP-regulated life sciences organizations are responsible for purchasing and using AWS services to develop and operate their GxP systems, and to verify their own GxP compliance.

compliance-contactus-icon
Have Questions? Connect with an AWS Business Representative
Exploring compliance roles?
Apply today »
Want AWS Compliance updates?
Follow us on Twitter »