Introducing the Cloud eQMS Solution for Confluence

Table of Contents

    Why Confluence?

    Or perhaps the first question should be – why quality management?

    Most medical device companies need to have a compliant quality management system in place to assure consistent quality of their product. Quality management system consists of a number of written procedures and a multitude of records that will be generated during the lifecycle of the device.

    In case your medical device is a software product (SaMD) or it has a software component in it, your software development team might be using Jira already. Most organisations would then like to move everything on to the Atlassian stack including their quality management system. With the fantastic integration between Jira and Confluence where you can pull information easily from one to the other using built in queries and macros, it is best to go with a quality management system in Confluence. 

    How to Implement a Compliant eQMS in Confluence Cloud?

    Atlassian Cloud products are currently considered to be the best viable option for the small and medium-sized medical device companies. The self-hosted platform of Server and Data Center are either no longer supported or too expensive for those companies, respectively.

    Technology aside, the most important question for you is how to maintain compliance with the medical device regulations and standards, such as MDR / IVDR, ISO 13485, FDA 21 CFR820 or the more demanding FDA 21 CFR11.

    As with any electronic quality management system, you will need to ensure that the system you build on Confluence will meet requirements like: authentication (electronic signature), audit trail (change history), data integrity, data transfer security, back-ups, etc. 

    The Cloud eQMS Solution for Confluence is here

    We are happy to inform you that with the SoftComply Cloud eQMS Solution on Confluence, a combination of existing Confluence apps and our services, you can meet the compliance requirements.

    Following is a detailed description of the solution.

    A compliant QMS content. 

    We have put together a full QMS based on the requirements of ISO 13485, IEC 62304, ISO 14971 and 21 CFR 820, and growing. There is a Quality Manual that explains how the QMS is organized; a Quality Policy – a brief statement about your organization’s purpose and strategic direction and a commitment for achieving the quality objectives; a set of written Procedures (20 SOPs) and more than 70 Technical Document Templates.

    All documents are pre-filled and have embedded guidance on how you should finalize them. It is a self-sufficient system, where the Procedures explain the required processes and the Templates are used to gather and document the relevant information.

    But what about the “e” in the eQMS? 

    It stands for everything electronic in the quality management system – the electronic workflows, electronicsignatures, macros and automatically populated reports that will help you automate your activities and have a better oversight of your product quality.

    Electronic document workflows with compliant e-signatures are already available on Confluence. For the SoftComply Cloud eQMS solution we have chosen one of the first and most customisable app from Comalatech (now part of Appfire) – Document Management.

    Configuring your Confluence Cloud instance for Compliance.

    Confluence is a great space for document management and collaboration but it comes pretty empty at first. To have the quickest start and to adopt the best practices gathered from our experience, we recommend our customers to have the Cloud eQMS setup done by us. This is the quickest way to have everything properly set up and obtain the advanced workflows and useful macros to make your quality management system electronic.

    More support from SoftComply – validation of the Cloud eQMS Solution.

    “Pre-validated software” might sound as a perfect solution for fulfilling the validation requirement of a medical company, but you need to keep in mind that you are expected to repeat at least part of the validation protocol in-house to confirm the results of the pre-validation provided by the developer.

    However, having app developers support you in the validation is most beneficial – not only does it show that the software tool developer has an idea about the regulatory framework of the medical device industry but it allows to demonstrate compliance using the developers’ own expertise and in-depth knowledge of the tool. Due to their knowledge of the internal processes of the tool, they can put together a relatively lean protocol that adequately challenges the product.

    SoftComply provides validation support as a service to medical device and other safety critical domain companies. We can provide you with the validation protocol of the Cloud eQMS Solution – test cases that you can use for in-house testing. Alternatively, we can also run the first validation of the entire Cloud eQMS Solution in your Confluence instance for you and provide you with a complete validation package as a result. Remember that you will have to periodically run validation tests in-house to ensure that Confluence and other apps that you use for the eQMS work as expected. 

    Final Remarks on Atlassian Cloud

    Atlassian recognises the importance and the complexity of the regulations we have to comply with in the safety-critical domains like the MedTech industry. They are moving towards providing a number of additional features to help bridge the existing gaps to compliance. Some examples for Confluence Cloud include:

    1. Password policy is available for all subscription tiers;
    2. Audit logs are available for all subscription tiers;
    3. Encryption in transit and at rest is available for all subscription tiers;
    4. Sandbox mode and Release Tracks are available for Cloud Premium and Cloud Enterprise versions (to support “delaying” any updates for a couple of weeks while performing validation tests to ensure the integrity of the update);
    5. Data residency is available for all Cloud Enterprise today but it is also going to be available for Cloud Premium and Cloud Standard plan soon as well;
    6. Apps will be allowed to manage their own data residency for GDPR purposes;
    7. Atlassian Cloud Enterprise is also HIPAA compliant;
    8. Several Atlassian Cloud products, including Confluence, have achieved ISO/IEC 27001 certification. Follow this link Compliance at Atlassian | Atlassian for more details.

    Want to Learn More about the Cloud eQMS Solution?

    EMAIL us at info @ softcomply.com

    BOOK a DEMO with us

    LEARN MORE – check out the CLOUD eQMS SOLUTION videos in YouTube  

    By Marion on 25 May 2022

    Table of Contents

    Ready to get started?

    Contact us to book a demo and learn how SoftComply can cover all your needs

    13485 implementation guide
    Picture of Marion Lepmets

    Marion Lepmets

    CEO
    December 18, 2024

    The Internet is full of articles about the implementation of ISO 13485. They talk about “Getting management support”, “Obtain The Documents And Study The Requirements”, “Develop An Implementation Plan”, “Evolution of a Quality Management System”, and other seemingly complex topics. Although comprehensive, most of these articles are self-serving, aimed at...

    SaMD Guide to Compliance
    Picture of Matteo Gubellini

    Matteo Gubellini

    Regulatory Affairs Manager
    December 3, 2024

    Introduction The first contact with the Medical Device regulatory world is a shock for most startups. These companies usually have excellent technical and clinical ideas on how to improve the patient’s life, but little knowledge of the legal burdens required to bring the medical device to the market. The technical...

    e-signature
    Picture of Matteo Gubellini

    Matteo Gubellini

    Regulatory Affairs Manager
    November 26, 2024

    What is an “Electronic Signature”? Electronic signature means a computer data compilation of any symbol or series of symbols executed, adopted, or authorized by an individual to be the legally binding equivalent of the individual’s handwritten signature. (21 CFR 11.3) In other words, to Electronically Sign a document means to...