Medical device companies face a constant challenge: how do you validate cloud software tools that update daily? If you’re using Confluence Cloud for your quality management system, you need validation documentation that keeps pace with Atlassian’s frequent updates.
I’ll walk you through exactly how to automate this process using the SoftComply Validation for Confluence Cloud app, and show you why manual validation simply doesn’t work for cloud tools anymore.
Watch the complete demo to see automated validation in action.
Why Software Validation Matters for Medical Device Companies
In medical device regulations, validation means confirming through objective evidence that your software tool consistently meets its intended use. Basically, you need to prove it does what it’s supposed to do.
ISO 13485 mandates validation of software used for quality management, including both initial validation and revalidation when changes occur. The validation requirements are proportionate to the risk level.
Here’s how the risk assessment works:
- First, assess if the software tool is part of production or quality system – If yes, you will need to validate the software.
- Next, determine if software tool is directly used in device production/quality system or merely supports them – Both require validation but at different levels.
- Finally, evaluate if software failure could create safety risks – High-risk functions need more scrutiny during validation and re-validation.
The FDA has issued numerous warning letters specifically targeting software tool validation issues. Companies that skip validation face serious nonconformities during audits.
Validation Challenge of Cloud Software Tools
Cloud tools like Confluence Cloud offer amazing benefits – security, scalability, and low maintenance. But they also push daily incremental updates that you cannot opt out of.
Manual validation typically takes weeks to complete. With daily updates to the Cloud software tools, this approach becomes impractical (if not impossible). You’d need a validation team working around the clock just to keep up with Atlassian’s release schedule.
This is where automated validation becomes essential.
How SoftComply’s Automated Validation of Confluence Cloud Works
The SoftComply Validation for Confluence app runs periodic integrity checks that produce validation reports with documented evidence like screenshots. You will always have proof of compliance without the manual effort.
Key features:
- 40 tests cover all key Confluence features including user management, space and page management, restrictions and permissions management
- Runs 1 x a week generating full validation documentation after each run
- Runs on dedicated environment (doesn’t affect your data integrity)
- Supports regulatory frameworks like ISO 13485, FDA 21 CFR 11
- Tests Confluence as a black box – the app presses buttons and enters data
- Detects changes in Confluence, including UI changes
When tests fail, SoftComply troubleshoots the failure. If it’s a real Confluence bug, users get notified and we open a ticket with Atlassian. When Atlassian changes the UI (which happens frequently), we update the test cases.
Confluence Cloud Validation Status
Once the Confluence Validation app is installed, you will see the global app page with:
- the dates when the validation tests have been run,
- the status of each validation run, i.e. how many test have passed, failed and been skipped,
- link to the validation documents.
Complete Validation Documentation Package
After each test run, you get four validation documents:
Master Validation Plan
Describes the scope and process of Confluence Cloud validation, including intended use and risk assessment that determines which features are tested.
Validation Protocol
Details each of the 40 test cases with expected results and step-by-step testing procedures.
Validation Results
Provides detailed test result descriptions with documented evidence like screenshots, showing whether tests passed or failed.
Validation Report
Summarizes how the planned validation activities were executed and completed.
Confluence Risk Analysis for Validation
The master validation plan describes exactly which Confluence features we validate and why. It covers:
- Intended use of Confluence for medical device quality system
- Whether Confluence functions are considered high process risk
- If feature failures could compromise medical device safety
- Risk-based determination of which functions require validation testing
Based on this risk assessment, we derived 40 test cases that run during each validation cycle, covering user management, space and page management, permissions, and backup/restore functions.
Validation Results with Objective Evidence
Each of the 40 test cases includes:
- Detailed test case description
- Step-by-step testing procedures (with sub steps where needed)
- Expected results
- Actual test results with screenshots for objective evidence
- Pass/fail status
This documentation provides the objective evidence auditors expect to see, with screenshots proving how each test was actually performed.
Making Confluence Cloud Compliant for Medical Device Companies
With the SoftComply Validation app, you can confidently use Confluence Cloud for your quality management system documents. The software stays validated automatically, even with Atlassian’s frequent updates.
This solves the fundamental challenge of cloud tool validation – maintaining compliance without the impossible task of manual revalidation after every update.
Ready to see automated validation in action? Try SoftComply Validation for Confluence free for a month or book a live demo to see exactly how it works with your Confluence instance.
For comprehensive risk management solutions beyond Confluence validation, check out SoftComply’s complete product suite.
