Compliance#
Overview#
The Compliance module supports you among other things with the conversion of the guidelines FDA 21 CFR Part 11. Over the Compliance module you can realize the examinations (4 eye principle) with the certification of production bills of material and routings as well as the release of articles, creditors, debtors, inspection plans and the confirmation of operations.
You can define conditions for this via table numbers and field filters. If a data record that meets one of these conditions is to be released again after a change, a compliance document is generated. The final release of the original data record is then only possible once the compliance document has been released by all relevant persons.
!!!note "Note The Compliance module is an activation module that can only be used with additional licensing and activation.
!!!note "Note If you are using KUMAVISION medtec365 in combination with the Workflow and Notification Manager module, you can additionally define a workflow for processing the approvals via the integrated action manager.
Establishment#
Compliance facility#
The number series for the compliance documents must be stored in the compliance setup. To do this, call up the "Compliance setup" via the user search.
The Compliance setup card opens where you can define the number series:
| Name | Description |
|---|---|
| Compliance Call Number | Number series for compliance documents |
Compliance permissions setup#
Compliance authorizations#
The compliance authorizations are used for the subsequent assignment of individual process steps. To define the compliance authorizations, call them up via the search.
The Compliance Permissions tab opens. Execute the "New" function in the ribbon to create a new compliance authorization.
A new line for creating a new compliance authorization is inserted in the overview. To define the compliance permission, fill in the necessary fields according to the table below:
| Name | Description |
|---|---|
| Code | Assign a meaningful code for the appropriate compliance authorization. The codes can later be assigned accordingly in the individual compliance authorization groups. |
| Description | Add a brief description of the compliance authorization |
Compliance authorization groups#
The individual authorizations are combined in the compliance authorization groups. The compliance authorization groups can then be assigned to the compliance users.
To define the compliance authorization groups, call them up via the search.
The Compliance authorization group overview opens. Execute the "New" function in the ribbon to create a new compliance authorization group.
A new line for creating a new compliance authorization group is inserted in the overview. To define the compliance authorization group, fill in the necessary fields according to the table below.
| Name | Description |
|---|---|
| Code | Assign a meaningful code for the corresponding compliance authorization group. |
| Description | Add a short description of the compliance permission group. |
After creating the compliance authorization group, you can define the corresponding authorizations in the "Compliance authorization lines" info tab via the "Code" column.
In addition, it is possible to assign a maximum amount. This amount is checked when purchasing and sales documents are released. I.e. as soon as the net value of the corresponding document reaches the value specified in the authorizations, the user cannot release the document. If, for example, you also require a minimum amount for a multi-level release, this is entered in the compliance tables.
Compliance user setup#
Attachment Compliance User#
In the Compliance user setup, you can set up the authorized users who are authorized for the compliance process. In addition, the Compliance User Setup contains the management of the digital signature for all call-based modules.
To access the Compliance user setup, call it up via the user search.
The Compliance user setup opens. Execute the "New" function in the ribbon to create a new user.
A new line for creating a new user is inserted in the overview. To define the compliance user, fill in the necessary fields according to the table below:
| Name | Description |
|---|---|
| User ID | Specifies the user for whom the setup is valid. |
| Sales/buyer code | Displays the field with the same name from the standard user setup |
| Digital signature | The digital signature of the user is entered here |
| Digital signature locked | Here you can manually block a user from executing the digital signature |
| Digital signature No. | Incorrect entries Displays the number of times the user entered the digital signature incorrectly on the last attempt. If three incorrect entries are made, the "Digital signature blocked" field is set and the "Password entered incorrectly 3 times" test is stored in the "Digital signature blocking reason" field |
| Digital signature blocking reason | Specification of the reason for blocking |
| Reset digital signature | If the field is set, the user must update the digital signature before entering the next one. |
Note
If you are using KUMAVISION medtec365, you have the possibility to assign the resubmissions at this point. Further information about this topic can be found here.
Assign compliance authorization groups#
Any number of authorization groups can be assigned to a user via the "Compliance authorization groups".
The authorization of a user is made up of the sum of the individual authorizations from the assigned groups. For example, if authorization A is required in a compliance table setup, the user must have this authorization in at least one of the assigned authorization groups.
To assign a compliance authorization group to a user, first select the corresponding user line in the overview and then select the "Compliance authorization groups" menu item in the ribbon.
The Compliance authorization group card opens in which you can define the corresponding authorization groups for your user. Then confirm your entry with "OK".
Compliance tables#
In the so-called "Compliance Tables" you can define for which data sets a compliance release is required.
To define the compliance release for a data set, call up the compliance tables in the search.
The Compliance table card opens. Execute the "New" function in the ribbon to create a new compliance table.
A new line for creating a new compliance table is inserted in the overview. To define the compliance table, fill in the necessary fields according to the table below:
| Name | Description |
|---|---|
| Code | Unique code for the record. |
| Table no., table name | Table for which compliance release is to be performed. Note Some sub-tables of the possible tables are also included in the compliance. |
| Sorting | If several entries exist for a table, which differ in the field filter, it is possible that a record would fall through several entries in a compliance release. In this case, the sorting can be used to determine the order (ascending) of the check. |
| Description | Internal Description. |
| Number of field filters | Indicates whether conditions are stored. These are configured via the Field filter action. |
| Status | Only in the "Released" status is the data set active as a compliance rule. |
| Min. amount | For purchase and sales documents, this field can be used as an additional condition. If the net amount of a document is below this value, the compliance condition is not met, i.e. no compliance release is required. |
| Dig. signature required | If the field is set, each release must be verified by a digital signature of the user. |
| Change authorization code | Authorization code for changing a data record. I.e. to start the compliance process. |
| Enable authorization code | Authorization code to release the compliance document. |
| Rejection authorization code | Authorization code to reject the compliance document. |
| Release 1-5 | Indicates which releases are necessary. Max. 5 release levels. |
| Enable 1-5 Authorization code | Authorization code for the respective part release. Max. 5 release levels. |
Note
If you have KUMAVISION medtec365 in use, you have further setup options at this point. More information about this topic can be found here.
Conditions can be defined for each compliance table. You can specify a filter for a field. To do this, select the desired compliance table and then select the "Field filter" menu item in the ribbon.
The Compliance fields card opens. To define the compliance fields, fill in the necessary fields according to the table below:
| Name | Description |
|---|---|
| Field no., field name | Field no. of the current table |
| Field value | Filter value on table field |
Unless a special compliance field is entered, as described above, the complete data set is monitored, which means that compliance is always triggered by a change.
If individual fields are entered in the compliance fields, the system first checks whether the data record contains the specified entry in the field specified in the table and only then triggers the compliance or creates the compliance data record.
Note
If you have KUMAVISION medtec365 in use, you have further setup options at this point. More information about this topic can be found here.
Example:
Monitoring on the "item tracking code" field in the item
The Item tracking code field has the entry "CN", when changes are made to the record, a compliance document is generated.
Example:
Monitoring on the document type "Inquiry".
In addition, this monitoring was limited via the field "Eink. von Kred. Nr" with an entry on a specific creditor. When an inquiry is generated for the corresponding vendor, a compliance document is created.
Note
When making entries in the compliance tables, note that sub-tables of the tables entered in the compliance table that are to be monitored are also included. These can be seen in the Compliance tables window when the "Subtables ID filter" column is displayed.
Note
Only if a record meets one of the defined criteria, a compliance document is generated.
Change log (audit trail)#
The Compliance module itself only logs the time and user of the last changes in the Compliance data set.
Changes in the audited record are recorded via the change log (audit trail).
The prerequisite for this is that the change log has been set up beforehand; for at least the tables that have been set up in the compliance tables.
To set up the change log, first call up the "Change log setup" via the search.
Alternatively, you can call up the setup in the audit trail in the compliance overviews or in the open or archived data set and proceed as follows:
The change log setup card opens, where the "Change log enabled" checkbox must be activated.
Then select the "Tables" menu item via the ribbon to set up the change log for the desired table.
The Change settings (Tab.) transfer card opens.
Select the desired table on which you want to set a change log. Then, for the columns "Log insert", "Log edit" and "Log delete", you can specify whether the logging should apply to "some fields" or to "all fields".
If you have selected the "Some fields" option, you must activate the fields to be logged in the change log by clicking the Assist button in the "Change log" overview and placing a check mark in the "Log insertion" field.
In the open compliance record and in the compliance overview, the current changes to be released can be seen via the audit trail.
In the archived compliance data set and in the Compliance Overview Archive, the current changes to be released can be seen via the audit trail, as can the changes made previously.
Compliance#
Trigger Compliance Document#
After a record has been edited and "released" or "maintenance completed" by the user, as soon as the condition of the entry in the "Compliance Tables" for the record matches, the compliance process is triggered.
The user must now enter a change reason for the compliance release. Optionally, a longer text can be written via the text field.
After entering the reason for change, the user is informed that the data record will only be successfully released after the approval procedure.
The respective compliance status or history can be viewed in the associated compliance info box.
Edit compliance document#
To release a compliance document, call it up via the "Compliance overview".
The Compliance overview opens in which the open compliance documents to be released are listed. Open the relevant document by selecting the "View" menu item in the ribbon.
The compliance card then opens, from which you can obtain all the necessary information.
Releases#
Depending on how the approvals for the record have been specified in the facility, the releases (approvals) must be processed.
To release the compliance document, first mark the approvals in the Approvals area and execute the "Release" function in the ribbon.
Depending on the setting in the compliance table for the data set to be released, the digital signature is requested.
Note
Once the approval flow has been released by all necessary approvers, the origin document is also released after approval.
After approval, the compliance document is closed and archived.
Decline#
To reject the compliance document, execute the "Reject" function in the ribbon.
Now enter a rejection reason for the compliance rejection. Optionally, a longer text can be written via the text field.
After rejection, the compliance document is closed and archived.
Audit trail in the compliance map and overview#
If the audit trail is set up for the process, you can view the logging of the changes via the "Audit trail" menu item. The basis for this is the change log as described above.
Compliance archive#
The Compliance archive is divided into two subcategories. One is the released compliance and the other is the rejected compliance. To view a completed compliance document again, call it up via the "Compliance overview archive".