Over the last 3 years, I have come across several initiatives from life sciences companies to revisit their Drug Safety system strategy, in line with the trend of evaluating their options with other IT systems, on whether they should continue to host and support these systems on-premise or move to cloud. We all have witnessed a major shift towards Cloud Computing and Software-as-a-Service (SaaS) model, Drug Safety is no exception. The challenge with this strategy is that it needs a dramatic shift in the traditional thinking that prevails in the industry in terms of people, process and technology. What I mean by that is:
- People should understand that once the system is hosted by an external partner, the way the business and IT teams within the sponsor organization interact with the support teams will change dramatically. For example, they may not be able to pick up the phone and call a Mr. John Doe at the last minute to get their product/license configured in the safety system to support the launch of a new study.
- Processes, both business and support, should be changed to reflect the new model and ensure seamless transition and steady state support to ensure the business operations are not impacted. For example, if you are engaging a new partner in a new market to support your clinical study you have to engage the service provider so you plan and support the onboarding process in time.
- Technology should be brought in to accommodate such change and ensure business continuity, system performance and transparency in service delivery. For example, tools should be made available to not only monitor the performance of the system and process but also to continually review and improve the performance.
You may argue that these are required for any transition from “On-Premise” model to “SaaS/Hosted” model. My answer would be YES, but the regulated clinical research world adds additional emphasis on getting it right the first time and ensuring that every aspect is validated and in compliance with the regulatory requirements of various agencies across the sponsors markets. I want to list some key items that would be useful to sponsors, in evaluating Drug Safety System hosting partners.
- Domain Expertise: The first and foremost criterion is “how much does the partner know about Drug Safety?” You cannot go to run-of-the-mill hosting partner and expect them to understand your business processes and host the system in compliance with the regulatory requirements
- Hosting Expertise: Have they hosted a safety system for any other customers? If not, have they hosted a system that requires validation and should comply with regulatory requirements? Will it be a “Multi-tenant” environment? If so, do they have experience facing audit for such a setup as my data may be hosted along with my competitors? How do they ensure Data Privacy and Security? Does their system support Single Sign On (SSO) or do my users need a separate login to access the system, which could be disruptive to business
- Hosting Location: Where are they hosting my data? Some countries do not allow safety data of patients to reside on foreign soil for obvious reasons. What arrangements do they have from a Disaster Recovery and Business Continuity perspective? How do they staff in case disaster strikes the main site? Do they move people or do they maintain minimal staff to support the secondary site?
- A-Team: Do they have the right people? If so, what are their qualifications? In my experience many sponsors look for references of the partner. That may not always be the right way to evaluate the partner because the staff that delivered the project for that referenced customer may not be with the organization anymore. Most service providers in drug safety space have small teams. Not all of them have bench strength to fully staff the engagement. However, it is critical that they have senior staff to seed the team and bring on additional staff as needed
- Processes: Do they have SOPs and WIs to get the new environment up and running faster but with little risk? Can they also provide case processing and aggregate reporting services? If so, what processes do they have in place? Do those processes meet our requirements? If not, how do we harmonize the processes?
- Total Cost of Ownership (TCO): It is essential that a decision of this criticality is financially viable too. Also, it is required to have a long term view of the cost associated with such a move. It is highly impractical to change your decision in short intervals of 1 to 2 years. You should be committed to a term of 3 to 5 years. If you are, then what is the total cost of ownership for such a commitment? Is the vendor transparent about all the hidden costs? If there would be increase in pricing, how predictable is it? Can we lock-in to a price now for 5 years? What discounts are offered? Can we tie in the payments to service performance? How about service credits?
- Viability: It is critical that the partner has a viable business model. Not just to fulfill your current needs, but your future needs as well. If you expand to new markets, would the partner have ability to support such a change? Do they have teams spread across multiple geographies?
- Cultural Fitment: You need a partner that fits, not just from a strategic and operational perspective but also from a cultural perspective. This arrangement is long term and both parties should look at it as a win-win proposition and should be committed to make it a success.
- Executive Commitment: Last but not least is the commitment the partner has to this business and more importantly to your service. What is their governance model? How does the escalation process work? Where is the executive team located? Are they a phone call away, if disaster strikes?
These are some of the aspects that I thought would be useful for some sponsors and vendors alike, to consider when selecting a partner for a drug safety hosted service. As always, appreciate your feedback and comments.
Oracle released their latest version of Argus Safety Suite 7.0. The biggest highlight of this release is the “Multi-Tenancy”. This comes very handy for organizations that manage patient safety on behalf of more than one sponsor. This is being dubbed as a ‘CRO Release‘ for obvious reasons. However, another set of service providers that could benefit from this is the Technology Service Providers (TSPs).
Leveraging Argus 7.0, CRO and TSP organizations can host one instance of the application (not considering the various development, test, validation, training environments required) and provide technology and functional services to multiple organizations. The software comes with all bells and whistles required for it to be regulatory compliant as well as keeps the data clean so there is no compromise of patient information and critical safety information. The biggest advantage is the feature set that will enable the CRO/TSP organizations manage the configuration required for each organization separate but at the same time enable them to be able to jump start a new organization’s configuration by leveraging configuration settings of an existing organization.
The diagram depicts a simplistic view of how this works. Please note that it does not include all the components of Argus system as well as the network elements required to ensure connectivity between the CRO/TSP to the sponsor organization. Essentially multiple sponsors will be able to connect to the Argus application through a custom/standard portal setup by the CRO/TSP.
In case of CROs, their internal staff viz. Admins, Data Entry, QA, and Medical Review personnel (depending on requested workflow by the sponsor or the CROs SOPs) would manage the cases. In case of TSPs, the Implementation (installation, configuration and support) and Hosting services could be provided by them while the sponsor manages the case processing bit.
Other enhancements to Argus Insight, Argus J and another new tool to manage Operational Analytics are slated for release throughout this year. In terms of upgrades, it comes with provision to upgrade from 6.0 and 6.0.1. However, for customers on prior versions, they would have to follow the step-by-step upgrade path till version 6 and then upgrade to 7.0.
If you need more details please write to me.
I have been reading through the report by RAD Labs of University of Berkeley. It is an interesting body of work . Please feel free to get a copy for youself from the link provided at the end of this post. I will summarize a few interesting lines from the report here:
- 1000 servers for one hour costs no more than 1 server for 1000 hours
- Cloud Computing is the sum of Software-as-a-Service (SaaS) and Utility Computing but does not include Private Clouds (Clouds for internal organizational use)
- Quick Preview of Top 10 Obstacles to and Opportunities for Growth of Cloud Computing
- Cloud Computing is a new term for a long-held dream of computing as a utility, which has recently emerged as a commercial reality.
- Cloud Computing is likely to have the same impact on software that foundries have had on the Hardware Industry
|1||Availability of Service||Use Multiple Cloud Providers;Use Elasticity to Prevent DDOS|
|2||Data Lock-In||Standardize APIs;Compatible SW to enable Surge Computing|
|3||Data Confidentiality and Auditability||Deploy Encryption, VLANs, Firewalls;Geographical Data Storage|
|4||Data Transfer Bottlenecks||FedExing Disks; Data Backup/Archival;Higher BW Switches|
|5||Performance Unpredictability||Improved VM Support; Flash Memory;Gang Schedule VMs|
|6||Scalable Storage Invent||Scalable Store|
|7||Bugs in Large Distributed||Systems Invent Debugger that relies on Distributed VMs|
|8||Scaling Quickly||Invent Auto-Scaler that relies on ML;Snapshots for Conservation|
|9||Reputation Fate||Sharing Offer reputation-guarding services like those for email|
|10||Software Licensing||Pay-for-use licenses; Bulk use sales|
This paper basically answers the following questions:
- What is Cloud Computing, and how is it different from previous paradigm shifts such as Software as a Service (SaaS)?
- Why is Cloud Computing poised to take off now, whereas previous attempts have foundered?
- What does it take to become a Cloud Computing provider, and why would a company consider becoming one?
- What new opportunities are either enabled by or potential drivers of Cloud Computing?
- How might we classify current Cloud Computing offerings across a spectrum, and how do the technical and business challenges differ depending on where in the spectrum a particular offering lies?
- What, if any, are the new economic models enabled by Cloud Computing, and how can a service operator decide whether to move to the cloud or stay in a private datacenter?
- What are the top 10 obstacles to the success of Cloud Computing—and the corresponding top 10 opportunities available for overcoming the obstacles?
- What changes should be made to the design of future applications software, infrastructure software, and hardware to match the needs and opportunities of Cloud Computing?
[Technical Report No. UCB/EECS-2009-28 ] Obove the Clouds : A Berkeley View of Cloud Computing by Michael Armbrust, Armando Fox, Rean Griffith, Anthony D. Joseph, Randy H. Katz, Andrew Konwinski, Gunho Lee, David A. Patterson, Ariel Rabkin, Ion Stoica, Matei Zaharia of Electrical Engineering and Computer Sciences department of University of Berkeley