IQ IT: Intelligent Quality through Information Technology

Services:  Regulatory and Quality Compliance

Gray Matter Consulting works with you to evaluate and interpret federal regulations as they apply to specifically to your organization and your systems, and to achieve, document, and maintain compliance.

FDA GxP and Quality Regulations, including (reference 21 CFR):

  • Part 11 - Electronic Records; Electronic Signatures
  • Parts 50, 54, 56  -  Good Clinical Pratice (GCP)
  • Part 58 - Good Laboratory Practice (GLP)
  • Parts 210, 211, 606 - Current Good Manufacturing Practice (cGMP) for Pharmaceuticals, Blood Products, and Biologics
  • Part 820 - Quality System Regulation (QSR)

FDA and Industry GxP and Quality Guidances, Standards, and Good Practices:

  • FDA Guidances for Industry (Quality Systems Approach to Pharmaceutical CGMP Regulations, Part 11, Electronic Records; Electronic Signatures - Scope and Application)
  • ISPE GAMP Guide and GAMP Good Practice Guides (Testing of GxP Systems, Validation of Laboratory Computerized Systems)
  • ICH Quality Guidelines (Q7: Good Manufacturing Practice Guide for Active Pharmaceutical Ingredients, Q9: Quality Risk Management)

HIPAA Regulations and Rules for Privacy, Security, and Health Information Breaches and Enforcement, including:

  • 45 CFR Part 160 - General Administrative Requirements
  • 45 CFR Part 162 - Administrative Requirements
  • 45 CFR Part 164 - Security and Privacy
  • 45 Parts 160, 162, and 164 Final Rule: Health Insurance Reform: Security Standards (2003)
  • 45 Part 162 Final Rule: HIPAA Administrative Simplification: Standard Unique Identifier for Health Care Providers (2004)
  • 45 Part 160 and 164 Final Rule: HIPAA Administrative Simplification: Enforcement (2006)
  • 16 CFR Part 318 Final Rule: Health Breach Notification Rule (2009)
  • 45 CFR Parts 162 and 164 Interim Final Rule: Breach Notification for Unsecured Protected Health Information (2009)
  • 45 CFR Part 160 Interim Final Rule: HIPAA Administrative Simplification: Enforcement (2009)
  • 45 CFR Parts 160 and 164 Proposed Rule: HIPAA Administrative Simplification: Standards for Privacy of Individually Identifiable Health Information (2009)

HITECH Regulations and Rules for Health Information Technology, Electronic Health Records, Incentive Programs for Meaningful Use of Electronic Health Records, including:

  • 45 CFR Part 170 - Health Information Technology Standards, Implementation Specifications, and Certification Criteria and Certification Programs For Health Information Technology
  • 42 CFR Parts 412, 413, 422, and 495 Proposed Rule: Medicare and Medicaid Programs; Electronic Health Record Incentive Program (2010)
  • 45 CFR Part 170 Interim Final Rule: Health Information Technology: Initial Set of Standards, Implementation Specifications, and Certification Criteria for Electronic Health Record Technology (2010)

  • 45 CFR Part 170 Proposed Rule: Proposed Establishment of Certification Programs for Health Information Technology (2010)