Category: Government

Implementing an electronic signature in ALM


 

This is where organisations like the FDA (Food and Drug Administration in the United States) and TGA (Therapeutic Goods Administration in Australia) come in, enforcing regulatory controls around all aspects of the manufacturing process to minimise risk and ensure a high level of quality.

These regulatory bodies understand that effective quality assurance goes much further than just regulating the raw materials and manufacturing process. Any software used to control or support the manufacturing process must also adhere to strict quality standards, because a bug in the software can lead to problems in manufacturing with real-world consequences for patients. Software quality assurance can therefore literally be a matter of life or death l.

To ensure that medical manufacturers conduct satisfactory software testing and maintain the required quality assurance standards, the FDA have published the General Principles of Software Validation document which “outlines general validation principles that the Food and Drug Administration (FDA) considers to be applicable to the validation of medical device software or the validation of software used to design, develop, or manufacture medical devices.”

The JDS solution

JDS Australia recently implemented HPE Application Lifecycle Management (ALM) for one of our clients, a manufacturer of medicine delivering more than 10,000 patient doses per week to hospitals in Australia and overseas. ALM is a software testing tool that assists with the end-to-end management of the software testing lifecycle. This includes defining functional and non-functional requirements for a given application and creating test cases to confirm those requirements are met. It also manages all aspects of test execution, the recording and managing of defects, and reporting across the entire testing effort. ALM enables an organisation to implement and enforce their test strategy in a controlled and structured manner, while providing a complete audit trail of all the testing that was performed.

To comply with the FDA requirements, our client required customisation of ALM to facilitate approvals and sign-off of various testing artefacts (test cases, test executions, and defects). The FDA stipulates that approvals must incorporate an electronic signature that validates the user’s identity to ensure the integrity of the process. As an out-of-the-box implementation, ALM does not provide users with the ability to electronically sign artefacts. JDS developed the eSignature add-in to provide this capability and ensure that our client conforms to the regulatory requirements of the FDA.

The JDS eSignature Add-in was developed in C# and consists of a small COM-aware dll file that is installed and registered on the client machine together with the standard ALM client. The eSignature component handles basic field-level checks and credential validation, while all other business rules are managed from the ALM Workflow Customisation. This gives JDS the ability to implement the electronic signature requirements as stipulated by the FDA, while giving us the flexibility to develop customer-specific customisations and implement future enhancements without the need to recompile and reinstall the eSignature component.

Let’s look at a simple test manager approval for a test case to see how it works.

To start with, new “approval” custom fields are added to the Test Plan module which may contain data such as the approval status, a reason/comment and the date and time that the approval was made. These fields are read-only with their values set through the eSignature Workflow customisation. A new “Approve Test” button is added to the toolbar. When the user clicks this button, the Test Approvals form is presented to the user who selects the appropriate approval status, provides a comment, and enters their credentials. When the OK button is clicked, the eSignature component authenticates the user in ALM using an API function from the HPE Open Test Architecture (OTA) COM library.

If the user is successfully authenticated, eSignature passes the relevant information to the ALM workflow script which sets the appropriate field values. The approvals functionality can be further customised to do things such as making the test case read-only or sending an email to the next approver in line to review and approve the test case.

As it currently stands, the eSignature has been implemented in three modules of ALM – Test Plan for test cases that require two levels of review and approval, Test Lab for test execution records that require three levels of review and approval, and Defects to manage the assignment and approvals of defects. This can easily be expanded to include other modules, such as the approvals of test requirements or software releases.

The JDS eSignature add-in has a very small footprint, is easy to install and configure, and provides our clients with the ability to effectively implement an electronic signature capability as part of their software testing strategy.

If you have compliance requirements or are seeking ways to automate your test management processes, contact our support team at JDS Australia. Our consultants are highly skilled across a range of software suites and IT platforms, and we will work with your business to develop custom solutions that work for you.

Contact us at:

T: 1300 780 432

E: [email protected]

Case Study: Australian Red Cross Blood Service enhances critical application performance

“We depend on technology to deliver essential services to our people and healthcare professionals around the country,” says Wayne Bolton, manager of Applications and Integration Services for the Blood Service. “If our applications are unavailable, slow or not performing as intended, we’re potentially impacting patient care. In this business, time is critical.”

Historically, the Blood Service tested and monitored its infrastructure and applications in a manual, siloed and time-consuming manner. Given the criticality of its services and the highly regulated industry it operates in, the Blood Service needed more insightful information about the quality, performance, and availability of its applications.

Today, the Blood Service has that insight. Over a period of time, it has adopted best practices to gain visibility into its critical business services and understand what its users are experiencing. This was achieved by taking an end-to-end lifecycle approach to optimising applications from pre-production through to post-production or day-to-day operations management. How? By using Application Lifecycle Management (ALM) with HP Quality Center software and HP Functional Testing software in conjunction with HP Application Performance Management including HP LoadRunner software, HP SiteScope software, HP Business Process Monitor software, HP Business Service Management software and HP Diagnostics software.

Objective

Drive improvements in the quality, performance and availability of business-critical services

Approach

Engaged HP Platinum Partner JDS Australia to secure application delivery and perform validation services

IT improvements

  • Obtained single point of truth to for application validation records
  • Unified functional, performance and quality management
  • Gained operational efficiencies by migrating to a paperless testing environment
  • Enhanced the Blood Services’ reputation
  • Provided evidence of a code issue to the application vendor to ensure a timely fix

 

About the Red Cross Blood Service

The Australian Red Cross Blood Service (Blood Services) performs a critical role in Australia’s health system. It provides quality blood products, essential services
and leading-edge research to improve the lives of patients.

A non-profit organisation with more than 4,000 employees, the Blood Service must be ready to respond around the clock to deliver blood and search its extensive records for specialised requirements for particular patients. More than 520,000 Australians are blood donors across 120 collection sites every year.

The organisation’s infrastructure is comprised of a range of servers in two main sites and approximately 40 enterprise applications, of which the mission-critical National Blood Management System (NBMS) has the largest footprint with more than 3,000 users. The performance of its systems is, therefore, a top priority.

Industry

Health

Primary applications

  • ePROGESA (Blood management system)
  • Oracle eBusiness Suite (Financials and Procurement)
  • Chris 21 (Human Resources)
  • Genesys Call Centre Enterprise Software
  • Collection Site Reference Application (CSRA)
  • HP Application Lifecycle Management Solution
  • HP Application Performance Management Solution

Primary hardware

  • IBM P570
  • IBM Blades

Primary software

  • AIX
  • Linux
  • Windows® XP
  • HP Application Lifecycle Management including:
    • HP Quality Center Software
    • HP Functionality Testing Software
  • HP Application Performance Management including:
    • HP LoadRunner Software
    • HP Diagnostics Software
    • HP Business Service Management Software
    • HP Business Process Monitor Software
    • HP SiteScope Software

Regulatory compliance drives change

The catalyst came as a result of the need to be able to demonstrate the validation state of the NBMS to both internal and external auditors.

“In the beginning, we were looking for a solution that would allow us to better manage the validation of the National Blood Management System and meet our compliance obligations,” explains Bolton. “In the past, validations were performed on paper, needed considerable manpower and would often take months to complete. In 2006, we decided to do what we could to automate the process and began looking around for a suitable solution.

“We selected HP based on the solution’s deep functionality, automation capabilities, scalability potential and industry leadership.”

Partnering for success

Understanding that it could reach faster time to value with an implementation partner, the Blood Service engaged JDS Australia (JDS) to assist with the project.

An HP Platinum Partner and winner of coveted HP Software Solutions Partner Excellence Awards for six consecutive years, JDS is regarded as an expert in the field of software testing, application/infrastructure monitoring and service management.

JDS believes that for most organisations getting a partner on-board takes the risks out of deployment and maximises return on software investment. “For the Blood Service, leveraging specialist services from JDS has really paid off. It allowed the organisation to focus on core competencies and strategic direction, while we managed testing and monitoring execution. It also brought something else – a roadmap for the future.”

“Embarking on this project without JDS would have been a difficult, if not an impossible undertaking,” explains Bolton. “With their assistance, we were up and running on HP Quality Center very quickly and had standardised on a central quality platform. We were managing and controlling software requirements and test cases with relative ease. Not long after this, we implemented HP Functional Testing and began functional and regression testing of more than 70 percent of our core business processes.

“For the first time in our history, we had a single source of truth for our testing assets and could much more easily demonstrate our validation efforts to internal and external audit. Our people could go to a central location to access, manage and reuse test cases.

“We gained operational efficiencies by migrating to a paperless testing environment and achieved real-time visibility into our validation progress. Overall, HP Application Lifecycle Management (ALM) unified functional, performance and quality management. It increased visibility and enabled us to better align business and technology requirements.“

Today, there are numerous examples where the Blood Service is realising benefits. “For instance, we can now run execution reports on the validation scripts on our blood manufacturing application in 30 minutes, rather than perhaps spending days recalling paper records from off-site storage,” adds Bolton.

“In addition, when we encountered an issue with HP Functional Testing not recognising a certain JAVA class, we asked JDS for help. They collaborated closely with the HP R&D team and within three weeks a global patch was released. This would not have been possible without the high-level relationship JDS has with HP.”

Broadening the HP horizon

Getting results on the board quickly with quality and compliance management paved the way for the next phase of evolution with HP and JDS. The Blood Service decided to upgrade its NBMS to take advantage of significant technical enhancements.

This third-party application, known as ePROGESA, is used by many blood banks around the world. Yet the Blood Service was cautious in its approach towards the upgrade as it was such a major undertaking and others had experienced issues.

“If we were going to execute this upgrade successfully, it became clear that we needed performance testing,” says Bolton. “We were transitioning from a green-screen application that was not scalable to a new n-tier J2EE environment. It was not a trivial matter and we needed to ensure it would perform as intended when launched.”

Once again, the Blood Service engaged JDS. This time, it was to validate system performance prior to going live on ePROGESA and ensure the vendor was meeting its contractual obligations. JDS leveraged Application Performance Lifecycle solutions including HP LoadRunner to emulate predicted loads and HP LoadRunner Diagnostics to deep-dive into the detail. HP SiteScope was also used to correlate infrastructure metrics while the system was under load.

Bolton says the project was unusually complex, “We were working with three different suppliers - one was responsible for the infrastructure, another handled the application and JDS was looking after performance testing. It made for an interesting working relationship, because we had to marry input from three sources prior to going live.”

Predicting and proving system behaviour

“During this time, we had a situation where ePROGESA was simply not performing as intended,” says Bolton. “After evaluating a range of possibilities, we threw more memory at it. When this didn’t yield any results, we began to suspect there could be a bottleneck in the application’s code.”

“When discussing this with JDS, we again turned to HP for answers. We needed to have a detailed look at the problem. Within hours, JDS had isolated the specific line of code that was causing the problem.”

JDS explains, “We used HP LoadRunner in conjunction with HP LoadRunner Diagnostics to deep-dive into the detail and independently ascertain that the performance issues experienced were indeed code-related. It was the silver bullet the Blood Service needed and a patch for ePROGESA was issued.”

Subsequent performance testing and tuning allowed the Blood Service to meet its objectives and deliver response times that were acceptable to the business.

“This gave us the confidence to go live,” says Bolton. “The beauty of HP LoadRunner is that you can draw a line in the sand to benchmark performance and correlate this to what is happening on the hardware. By using it alongside HP LoadRunner diagnostics, you can access all the detailed information you need. This was incredibly valuable and the insight obtained helped us make informed decisions about the readiness of ePROGESA and minimise the risks.”

Monitoring end-user behaviour

Next on the Blood Service’s agenda was enterprise-grade production monitoring. JDS recommended HP Business Service Management (BSM) and associated tools including HP SiteScope, HP Business Process Monitor (BPM) and HP Diagnostics.

These tools were complemented with HP BPM transactions to synthetically gauge end-user performance and availability across its distributed locations and learn of potential issues before end-users were impacted.
Within a short period of deploying these solutions, the Blood Service realised significant operational benefits. “We quickly had evidence to show the business that we were meeting the ePROGESA service levels of 99.98 percent availability,” says Tony Oosterbeek, Acting ICT manager. “Actual response times on business transactions were being met, and in fact, far exceeding expectations. We had an early warning system to resolve issues before our users were impacted. More importantly, we had complete traceability between the performance and availability our end-users experienced.”

Since then, the Blood Service has adopted this same proactive approach to address system availability for other applications including its Collection Site Reference Application – an in-house system used by its national call centre. “Recently, we needed to find out if the application could scale up from 100 to 135 users,” explains Brett Renton, IS Acting operations manager. “HP LoadRunner was put to work and we quickly determined that the user breakpoint would be 180 people. This gave us the confidence we needed to go ahead.”

“Another example of the benefits we are realising with HP Business Service Management (BSM) is with our Oracle™ Financials suite. After we decided to upgrade the software, hardware and database elements to improve performance, we leveraged HP Business Process Monitor (BPM) to better understand the timing issues around business transactions and used this data to justify the cost of the upgrade. It was a really good way to make a clear business case and the results speak for themselves. We now proactively know exactly what our end users are experiencing and can detect any performance or availability issues across all key geographic locations”.

Business Benefits

  • Improved ability to meet regulatory audits by access to validation data in hours rather than days or weeks
  • Achieved availability of 99.8 percent for National Blood Management System (NBMS)
  • Achieved proactive end-user visibility of business transaction times for Oracles™ Financials application
  • Mitigated risks of deploying applications in critical functions

Solid future

Adopting a lifecycle approach to quality, performance and availability of key business applications has enhanced the Blood Services’ capability.

There is now a focus on extending the discipline of validation to other systems, “Although we’ve improved processes in areas including requirements, testing and performance, the greatest outcome is that we have brought all these best practices together. This combination provides collaborative processes and analysis capabilities for traceability and consistent reporting across the lifecycle. It has brought the organisation to a common place that allows us to achieve governance, compliance and accountability at a lower risk.”

“Thanks to HP and JDS, we’ve realised the full advantages of adopting a lifecycle management approach to managing our applications – from testing, through to pre-production through to go-live. We’ve mitigated risks, ensured quality and delivered more responsive, stable services to support our users and the organisations mission to improve the lives of patients,” says Bolton.