In the QC lab, Empower 1.0 (Windows 2000 server) manages 40 HPLCs (Watres/ Agilent 1100) each client PCs are connected to maximum of 4 HPLCs. Empower directly interacts with the firmware. The vendor supplied protocl covers the functionality tests. do we need to perform any additional tests from the point of security and data integrity. any other validation requirement for Empower.
Is security and data integrity covered in the vendor’s test, if not then absolutely you will need to perform this testing as it is integral to complying with Part 11, this also depends on the intended use of your application aswell.
Empower let´s you turn on and off a lot of security functionality.
So YOU need to define, what security level you need and afterwards test if YOUR implemented setup fullfills YOUR Requirements.
Waters only test if it is possible to use it and if so, does it work as expected.
But as said, YOU need to test YOUR setup !!
The supplier protocols do not test for compliance issues from a part 11 perspective, simply because they don’t define how you are going to use the system. When we did our Empower units, we tested the audit trail capability, user privileges (owner-assigned), run stop/starts and result versions, e-signatures (although we are not using this aspect), access control, timeouts, etc. as these were all considered to be GLP critical elements which needed to be demonstrated.
As stated earlier, you qualify what you set the system up for…