21 CFR/GMP Compliant Software

TotalLab’s 21 CFR Part 11/GMP Compliant Module

Could you sell more software or equipment if you were able to offer your customers 21 CFR Part 11/GMP compliance?

Here at TotalLab, we’ve been working in the regulated pharmaceutical industry for over a decade with the world’s largest pharmaceutical companies:

To make our own software suit their needs, this culminated in the development of the TotalLab 21 CFR Part 11/GMP Compliant Module.

Our module is flexible enough to be wrapped around nearly any existing software or hardware, solving the problem of legacy systems being forced out of a production environment as regulations change or enabling equipment manufacturers to gain access to the lucrative pharmaceutical or manufacturing markets.

Get in touch to find out how we can help you

Regulatory compliance made easy

Taking your existing product, be it hardware or instrumentation, and attempting to make it compliant can be a significant undertaking for a business requiring the investment of both time and potentially requiring the hiring of new specialist staff.

Here at TotalLab we already have an industry-proven solution that can be applied to your existing product, reducing time to market, business risk and the required upfront financial investment.

Not only that, because we’ve already had our software accepted by the regulatory departments of some of the world’s largest pharmaceutical companies we know exactly want they want in terms of features and usability beyond basic audit trails and other base-level requirements of 21 CFR Part 11/GMP regulations.

Log in screen
user permissions
projects list

How does it work?

Our module complies by implementing the following features:

  • Limits system access with user-configurable password strength controls and timed password expiry (21 CFR 11.10(d), 21 CFR 11.200 (a))
  • Ensures data integrity and authenticity of results with configurable control over user privileges assigned to each electronic signature (21 CFR 11, Subpart B)
  • Built-in emergency access protocol to restore access to projects in the case of a user being locked out (21 CFR 11, 11.200 (3))
  • Integrates with Windows active directory logins and passwords to limit system access ((21 CFR 11.10(d))

Our GxP Module eliminates project overwriting through our check-in/check-out system. This means that analysts can collaborate on a project, without risk of overwriting each other’s contributions, leading to a streamlined and easy-to-use process.

Maintain data integrity with comprehensive electronic reports

Our solution provides an easy-to-read, time-stamped audit trail which contains a complete history of projects created, retrieved and approved.

With our full analysis audit trail/report you can easily reproduce analyses.

The solution also comes equipped with an access log. This automatically tracks critical signature and system access actions such as:

  • Changes to user privileges
  • Login fails
  • Emergency logins
  • The action of changing logins

All of this information is held to hand, so if called upon you can easily demonstrate your compliance through electronic reports.

Maintaining compliance with the Electronic Code of Federal Regulations

21 CFR part 11.10(d) refers specifically to secure sign-ins and limiting system access to only authorised individuals. This includes controlling who can use the system, sign off a project and view and alter a record.

Our compliant system has the following features to enable users to meet compliance:

  • GxP Module can detect and record unauthorised attempts to gain access to the system
  • It only allows access to authorised individuals who have a valid username and password
  • Based on a state of actions (operational checks) and user permissions (authority checks) certain actions or sequences can be automatically disabled to maintain the integrity of the system
  • For audit and security purposes, all electronic signatures remain permanently associated with the electronic records, including date, time and reason for approval.


All the benefits of a pre-validated cloud-compliance solution without having to sacrifice data security

AuditSafe is TotalLab’s answer to one of the major pain points in introducing regulatory compliance in a manufacturing site – difficulty in integrating the solution within your existing network.

Here at TotalLab we’ve been creating and selling FDA 21 CFR Part 11/GxP-compliant software for the pharmaceutical and other regulated industries (such as hospitals) worldwide for years now with an incredibly robust and feature-rich software solution however the hardest part of the installation and validation of the software on site has always been navigating the existing users network/IT configuration.

From blocked ports to user permission headaches preventing end users from setting up the software themselves without their own IT professionals to hand, we thought there must be an easier way for our users to become compliant.


AuditSafe provides users with the usability benefits of a pre-validated cloud-compliance solution without having to sacrifice data security, 21 CFR/GMP compliance or risk breaching local data sovereignty laws.

Get in touch to find out more about our 21 CFR Part 11/GxP Compliant Software