A Cornerstone for Compliance
and Security in Life Sciences
Sponsored by:
Information Management: A Cornerstone
for Compliance and Security in Life Sciences
Executive Summary and Methodology
The explosion of data in society has transformed the business and IT landscape. Life sciences companies need
increasingly faster, smarter, more secure and easier-to-use systems to effectively manage and harness information.
This White Paper covers the role of enterprise information management (EIM) systems in life science laboratories.
Important features and uses are explored in addition to challenges and recommendations related to security and
compliance. Finally, the future of information management is discussed in relation to the life science community’s
increasing reliance on mobile technologies and addressing the need for easy to use systems while also still speaking
to compliance and security requirements.
In order to ascertain the needs of the life science community with regard to information management, Advantage
Business Media conducted a survey of its Bioscience Technology, Drug Discovery & Development, Laboratory
Equipment, Pharmaceutical Processing, and Scientific Computing subscriber audience in June 2015. A total of 611
responses were received.1
Life sciences companies are often challenged to effectively manage and leverage massive amounts of information
that resides in a variety of systems and devices. However, increasingly sophisticated, integrated, secure, and
easy-to-use information management systems are enabling these organizations to better optimize their critical
operational information by ensuring the right content and data is in the hands of the right people at the right time.
Enterprise information management refers to a set of solutions that enable the optimal storage and management
of information. This can include data and content for the support of decision-making processes or day-to-day
operations like managing and disseminating standard operating procedures (SOP).
The difference between EIMs and other kinds of information systems is that EIMs can manage both structured
data and unstructured content. Unstructured content refers to information assets that do not have a pre-defined
data model or that are not organized in a pre-defined manner. Examples include documents, spreadsheets,
images, audio and video files and E-mails. Meanwhile, structured data typically refers to objects within a database
application, such as a customer or contact in a CRM solution, or lab equipment in an ERP system.
The chance to win a $100 Amazon gift card was used as an incentive to participate. As with most surveys, not all respondents
answered each question. Therefore, all percent-of-total calculations are based on the total number of respondents answering each
particular question. Due to rounding, totals do not always equal 100 percent.
Information Management: A Cornerstone for Compliance and Security in Life Sciences
According to the Advantage Business Media survey, EIM integration with other systems is one of
the most important capabilities in a platform, and it was also identified as the biggest pitfall of
users’ current information management systems (IMS).
An EIM system enables organizations to manage their structured data and unstructured content
residing in different business systems from a single unified platform. Metadata serves as the
“bridge” that connects these two data sources. A bridge between content and context that provides
a full view of the relationships that exist between all objects.
For example, an object in an EIM solution for a lab project can display team members, all
documents associated with the project, tasks and assignments, and any other information
associated with that specific project. This level of visibility enhances real-time decision making and
helps to ensure projects stay on schedule and on budget.
An additional benefit of full system integration is the elimination of information silos. Leading EIM
solutions integrate easily and seamlessly with commonly-used business applications, thus freeing
information from the confines of a specific platform or repository.
“Many life sciences companies are using multiple and disconnected systems for storing and managing
their structured data and unstructured content,” said Mika Javanainen, Senior Director of Product
Management at M-Files Corporation, an EIM provider. “You can’t avoid the fact that organizations
have many systems in use, and a key capability for an EIM solution is the ability to easily integrate
with existing systems so that information is not duplicated or incorrect versions of documents are not
being used for making mission-critical decisions.”
EIM enables companies to eliminate information silos created when important data and documents
are scattered among different business systems, departments and devices. With an EIM solution,
Most important features in an information management system
Availability of templates
Integration with other systems
Less paper
Mobile phone compatibility
No sync issues with documents
Policy updates
Project management
Searchable content
Training requirements
Source: Security & Compliance Survey, June 2015.
Information Management: A Cornerstone for Compliance and Security in Life Sciences
content is not tethered to a specific location—it can be
searched for, accessed and synced between various systems
and devices—with no duplication of content.
Via metadata, an EIM solution intelligently links information
residing in structured data systems to unstructured content
repositories. The result is instant access to the most accurate
and up-to-date information from any system or database,
which in turn leads to better, more informed decisions and
increased profits.
The result is instant access to
the most accurate and up-todate information from any
system or database, which in
turn leads to better, more
informed decisions and
increased profits.
One of the most important considerations for any life sciences organization is how to effectively
secure and protect sensitive information. The exposure of confidential information to unauthorized
individuals can be expensive and time consuming to remedy, and puts companies at significant
operational risk. Defining and enforcing policies and processes for who is authorized to access, edit
and approve specific documents is of paramount importance for companies of all sizes and in all
However, a multitude of features built into EIM systems help life sciences companies ensure that
confidential information is available to the people who need it, and inaccessible and invisible to
those who aren’t authorized to access it. EIM solutions enable organizations to mitigate risk through
enforcement of information security policies as well as tracking all document access and revision
Solutions enable companies to protect and control access to their confidential information with
advanced metadata features that make the process of setting permissions for documents and
other information both dynamic and automatic. With an EIM solution, life sciences companies
can establish access permissions by user, group, role or any metadata property. This provides
the ability to support advanced access control policies without scripting, and the flexibility and
scalability to address even unforeseen needs that arise in the future.
According to Advantage Business Media’s survey, 66 percent of respondents are concerned about
security when storing company data in the cloud. Furthermore, of the respondents that expressed
security concerns, 83 percent identified hacking from outside sources as the top issue. Permanent
Concerns with storing information in the cloud
Hacking from
outside sources
Permanent loss
of data due to
technology issues
Privacy within
Temporary loss of
data due to
technology issues
Source: Security & Compliance Survey, June 2015.
Information Management: A Cornerstone for Compliance and Security in Life Sciences
loss of data due to technology issues (67 percent) and temporary loss of data due to technology
issues (62 percent) were ranked second and third.
But with advancing EIM technology, enhanced policies and controls and multi-level security
measures in place, the cloud is considered by most businesses to be a trustworthy platform.
For example, a common cloud security measure employed in an EIM system is multi-factor
authentication, where users receive a code via text message to log in. Secondary information is also
required to grant full access to an individual.
This kind of security is similar to what banks employ in the case of online banking. If a user
is accessing a bank account from a device they have never used before, or haven’t used in a
significant amount of time, the bank will not allow the user to log in until a code, that was sent to
the users’ bank-registered telephone number, is entered. Thus, even if an EIM user’s password was
hacked, the hacker would not be granted access to critical information because the device they are
using would not be approved/recognized.
Additional security concerns arise when employees must collaborate with business partners,
contractors, temporary staff and contacts in other companies using consumer file-sharing
solutions. Use of these solutions is often unregulated, uncontrolled and lack the necessary
governance controls, workflow management and robust EIM functionality many life sciences
companies require.
Given an organization’s
Unauthorized employee use of file-sharing solutions
represent a serious security and non-compliance risk
because employees can store and share documents with
third parties completely out of an organization’s control.
Given an organization’s responsibility to protect its
information assets, unregulated use of file sharing solutions
represent a significant and growing security threat.
responsibility to protect
its information assets,
unregulated use of file
sharing solutions represent
a significant and growing
security threat.
Some EIM systems enable secure cloud-based document sharing and collaboration by integrating
with enterprise-grade file sharing applications. This cloud environment enables users to share and
collaborate on content with others, while restricting their direct access to an organization’s files.
This combined solution provides co-authoring capabilities that enable multiple users to edit the
same file simultaneously in a controlled manner. In addition, check-in/check-out and versioning
features prevent data loss when changes are overwritten and confusion associated with multiple
outdated versions. Role-based and metadata-based security controls ensure that access to
specific files is restricted only to those who are authorized to view and/or edit them.
Undoubtedly a key compliance concern for life science laboratories is 21 CFR Part 11, which
establishes the United States Food and Drug Administration’s (FDA) regulations on electronic
records and electronic signatures. Part 11 confirms that electronic signatures are as good and
trustworthy as paper ones.
Electronic signatures supplant the need to print and sign documents, thus eliminating unnecessary
paper use. Even without a stack of paper, tracking quality and compliance processes and verifying
completion can be extremely time consuming. EIM systems can free up staff time by automating
Information Management: A Cornerstone for Compliance and Security in Life Sciences
processes like contract lifecycle management. Features such as this also allow faster review and
approval as a notification is sent as soon as a document needs to be e-signed.
EIM solutions reduce the risk of failing audits and regulatory non-compliance by organizing,
recording and automating everything in a business. For example, EIM systems can automate quality
workflows like change control tasks, assignments related to CAPAs and training requirements.
This allows managers to ensure consistency while the EIM solution verifies that all employees are
following procedures. The system can also keep track of all critical tasks, updated protocols and
required activities and assignments to make sure changes are implemented and compliance is
An additional compliance challenge identified by respondents to Advantage Business Media’s
survey is data archiving. The main hardship with data archiving is that records retention rules are
so complex. Companies often find it difficult to formulate a retention plan—making sure they
keep the right records for the right amount of time, especially when using a manual process for
doing so. An EIM platform can be used to manage and enforce the retention rules dynamically. In
life sciences, retention rules are generated based on the type of record or the end-of-life date of a
product, whichever comes first. So, if you attach a document to a product, an automated EIM can
then calculate retention time based on which factor will expire first, offering users an immediate,
compliance-safe answer.
Mobile-enabled Workforce
Work still must get done when people are away from the office, and the use of mobile devices to
access and process documents has become necessary for life sciences companies operating in the
global business environment.
Choosing an EIM system with native mobile apps enables business users in highly regulated
industries access to data repositories and workflows from iPhones, iPads, Androids, Windows
Phones and other popular smart devices.
If an EIM offers mobile apps, then documents can be both accessed and signed. A mobile
e-signature capability allows authorized employees at life sciences companies to approve and
monitor processes associated with regulations like 21 CFR Part 11 anytime, anywhere.
Users Demand Simple Platforms
According to respondents of the Advantage Business Media survey, more user-friendly software is
expected to be the biggest improvement to current information management systems in the next
five years with 61 percent of the vote. More flexibility (46 percent), faster working times (51 percent)
and better integration capabilities (42 percent) were also cited as expected improvements.
M-Files’ Javanainen agrees that ease-of-use is going to be a driving force behind system
improvements. “Look at how the consumer products are becoming massively successful because
they are so easy to use. [The industry] is really focusing on being user-friendly. Two years ago, the
main motivation to buy an IMS was to ensure compliance. It’s already much more user-driven than
it used to be.”
At the end of the day, researchers accustomed to easy-to-use mobile phones and tablets expect
their EIM solution to be just as easy.
Information Management: A Cornerstone for Compliance and Security in Life Sciences
What improvements to current information management systems do
you envision in the next five years?
Better training protocols
More cost-effective
More flexibility
More user-friendly
More customization
Improved integration
Improved mobile
user interface
Source: Security & Compliance Survey, June 2015.
The increase in data has fundamentally changed the way business is conducted. Faster, smarter
and easier-to-use systems have been developed to assist life sciences companies in more effectively
managing and harnessing critical information assets. Enterprise information
management platforms achieve this by providing intelligent, integrated solutions for businesses
to store and manage every kind of data. Content and process management capabilities allow
organizations to ensure that compliance regulations and standards are met. Robust security features
allow information to be shared for a mobile workforce, and also guarantee protection of important
and proprietary data. Lastly, EIMs provide quick and easy access to the right content from any core
business system and device, which leads to measurable productivity gains.
M-Files enterprise information management solutions are disrupting the ECM market by eliminating
information silos and providing quick and easy access to the right content from any core business
system and device. With flexible on-premises, cloud and hybrid deployment options, M-Files places the
power of ECM in the hands of the business user and reduces demands on IT by enabling those closest
to the business need to access and control content based on their requirements.
About Advantage Business Media
Advantage Business Media ( is a data-driven marketing solutions company
leveraging content, technology, and business intelligence to match its audience’s job performance
needs with its clients’ solutions. With a diversified portfolio of highly focused websites, e-newsletters,
print publications, specialized directories, vertical search databases, conferences, ancillary media
vehicles, and associated web-based services, Advantage serves more than one million industry
professionals in the manufacturing, science, and design engineering markets. For more information
© Copyright 2015, Advantage Business Media. All rights reserved.
Download PDF
Similar pages