Security and Traceability in Bluehill Universal
Manufacturers know that nothing is worse than supplying customers with a product that does not meet expectations. Unfit product is costly both to your company's reputation and its bottom line - and it's all the more painful when the error was caused by a mistake that could have been avoided. Companies invest in materials testing systems to help ensure that when their product gets to market it performs as intended, and procedural standards such as ISO 9001, FDA 21 CFR Part 11, and Nadcap stress the importance of traceability at every step of the testing process in safety-critical areas such as the biomedical and pharmaceutical industries. In order to help companies meet the strict requirements set out by these standards, Instron has introduced a new Traceability Module into Bluehill Universal. Traceability makes it possible to find out who did what, when, and why in the system, and enables companies to prove it during an audit.
Bluehill Universal Security
In issue 61 of the accessories newsletter, we discussed the introduction of security options into Bluehill Universal. There are currently four security options available within the software to suit a variety of laboratory needs:
- Active Directory links usernames and passwords in Bluehill Universal to usernames and passwords on your corporate network. Active Directory ensures that your Bluehill login information meets your corporate IT standards for password length, expiration, and character requirements. With Active Directory security, laboratories can allow consistent access to Instron equipment between labs, regardless of location. This is ideal for organizations with multiple Instron systems and system operators, as security is easily configured by selecting user groups.
- Windows security links usernames and passwords in Bluehill Universal to usernames and passwords on your local computer. Instead of meeting network-level standards, Bluehill passwords are required to meet the standards set on the local computer. Windows Security is ideal for laboratories with dozens of Instron operators where Active Directory cannot be used, as security can still be easily configured by selecting user groups.
- Bluehill security is local to Bluehill Universal and not connected to your Windows or corporate network. Users can be set up directly inside Bluehill Universal by creating unique usernames and passwords for each user. Bluehill's internal security is ideal for laboratories with only a few Instron systems and a small group of system operators.
- No Security - Because not all laboratories require the use of security, the option can be disabled completely by the system administrator.
User Types in Bluehill Universal
Once security is enabled, each user can be assigned to one of three levels of permissions. By making these security choices, your organization can prevent accidental errors and changes to methods that might result in compromised or lost data.
- Configure the system
- Configure security
- Edit methods
- Test specimens
- Edit methods
- Test specimens
- Test specimens
With a desire for continuous improvement and based on many hours of listening to customer feedback, Instron has now taken security to the next level by adding a traceability module to Bluehill Universal to complement the security settings with an audit trail. The Traceability module features three main components: revisions history, electronic signatures, and an audit trail. By using these in combination with Bluehill’s security features, users are able to know who did what, when, and why in their test system, and have the power to prove it during an audit.
Revision history allows users to view the full revision history of Bluehill methods, tested samples, and report templates. Each revision contains the details of the affected item, including a time stamp, both the previous and the new value, and the name of the users involved with initiating and, if required, approving the change.
Traceability can also be configured to require electronic signatures for report templates, method files, sample files, and PDF reports. Signature levels include:
- Primary - the person making the change / running the test
- Secondary - someone reviewing the change / test
- Tertiary - a third person review the change / test.
Secondary and Tertiary signatures are configured to 'review' changes, which allow lab managers to accept or reject any changes.
Bluehill Universal’s built-in secure, and searchable audit trail tracks system level usage to allow full visibility into all system activities during an audit. These changes include:
- Configuring the system
- Configuring security
- Log in / Log out
- Failed login attempts
- Method changes
- Sample file changes
- Any additional information regarding approvals and rejections
Though Bluehill's Traceability module is particularly important for industries meeting compliance requirements of FDA 21 CFR Part 11, Nadcap, A2LA, and ISO 17025, it is also important for anyone who values the reputation of their product, people, and business.