Computerization in Blood Establishments (4/6/88)

DATE:     April 6, 1988

  TO:     ALL REGISTERED BLOOD ESTABLISHMENTS 

SUBJECT:  Recommendations for Implementation of Computerization
          in Blood Establishments

FROM:     Director, Center for Biologics Evaluation and Research


The following basic principles are recommended to provide for
uniformity and consistency in the use of computers in blood
establishments.

Automated or electronic data systems used in blood and plasma
establishments should have the capacity to trace the history of
every donation forward through final disposition of each component
and from each transfusion, infusion or sale backward to the
original donor.

Implementation of computerization for data handling between
automated devices or for interpretive and control functions is
considered a major change in manufacturing methods that required
a license amendment for licensed establishments.

Prior to approval all systems will be evaluated for evidence of
validation by the establishment that computer programs,
especially those dealing with processing, labeling, and
distribution of blood and blood components, consistently perform
as required and within pre-established limits.  In addition, when
the establishment has developed its own software de novo or has 
an agreement that software modification may be performed by the
establishment on the vendor's original product, in-depth review
will extend to the more specific concerns these activities raise.

Validation procedures for all systems, whether purchased entirely
or developed in whole or in part in the establishment, will be
reviewed for confidentiality of donor information, security of
data, and system documentation, as described in Sections I-III
following.  Additional scrutiny for software development, both de
novo and as modifications to a purchased system, is discussed in
Section IV.

     I.   CONFIDENTIALITY OF DONOR INFORMATION: Each
     establishment should develop procedures to provide
     for confidentiality of sensitive medical information
     about the donor.  These procedures should prevent
     inadvertent release of this information and protect
     privacy from both external and unauthorized internal
     inquiries. 

     II.  SECURITY OF DATA: If key elements of the
     database are changed, these changes should be
     traceable as to the time and person making the change
     so that integrity and reproducibility of data are
     assured.  Persons authorized to make changes should
     be specifically identified.  Periodic audits of
     stored data should be undertaken to assure that
     timely retrieval and accurate information reporting
     are available.  Hard copy of stored data should be
     available within 4 to 6 hours of request by an
     authorized investigator.  Control and use of
     passwords should be strictly enforced.  Consideration
     should also be given to offsite storage facilities or
     other backup systems for computer tapes/discs that
     store information vital to record keeping for the
     blood center.

     III.  DOCUMENTATION OF SYSTEM: Documentation should
     include system diagrams, charts, and descriptions
     detailing both hardware and software components.  The
     location and means of access to source code,
     including a letter of agreement from the vendor that
     permits FDA investigators access to the source code,
     should be identified in the procedures manual. 
     Software/hardware integration and verification
     testing (i.e., validation) procedures should be well
     defined, and all possible stress/load situations
     listed in the program manual.  Any change to the
     program should be fully documented and validated
     prior to being implemented, with all validation
     testing results suitably documented.  A recovery plan
     should be available in case of a disaster.  Packaged
     software should have the same testing requirements,
     and no system should so on-line until all elements
     are in place and there is verification that the
     system produces reliable results.  Training manuals,
     user manuals, and records of personnel training
     should be available for review.

     IV.  STANDARDS AND PROCEDURES FOR DEVELOPMENT AND
     MODIFICATION OF SOFTWARE:  Written program
     development standards should be in place that detail
     any requirements and/or restrictions to be followed
     then writing or modifying the computer program. 
     Programs should be identified by name, purpose,
     version, language and date.

Specifications for software design, the process of defining the
software architecture, components, modules, interfaces, test
approach and test data for a Software system according to system
requirements, must be formally developed and written for each
system application.  This document is the guide/instruction to
those responsible for writing or modifying and maintaining the
computer programs and should include specific instructions for
revising and documenting updates to the system.  All of the
foregoing should be available for review at the time of an
authorized FDA inspection.

Questions should be directed to: 
     K. Sazama, M.D., Chief, BBPL
     Division of Blood and Blood Products
     Center for Biologics Evaluation and Research
     8800 Rockville Pike
     Bethesda, Maryland  20892
     301/456-0951


                                    Paul D. Parkman, M.D.