Independent Assessments of TraceLink
Independent Assessments of TraceLink
TraceLink customers have engaged two leading industry organizations, Rx-360 and Rephine (formerly known as Agrupación Forum Auditorías [AFA]) , to conduct independent quality audits of TraceLink’s operations, processes, and records. The results of these audits are leveraged by existing and prospective TraceLink customers to establish trust in TraceLink’s Quality Management System (QMS) maturity and alignment with applicable global laws, regulations, and industry standards and guidances, including but not limited to US FDA 21 CFR Part 11 and EU Annex 11. Rx-360 and AFA’s reports and ongoing oversight provide our customers evidence that satisfies regulatory vendor assurance requirements, lessening the burden on the life sciences industry by minimizing audit-related costs and dedicated resources. See below for more information about these organizations and the available TraceLink audit reports.
Rx-360, an international pharmaceutical supply chain consortium, was formed in 2009 to support an industry-wide commitment to ensuring patient safety by enhancing quality and authenticity throughout the supply chain. The organization’s mission is to protect patient safety by sharing information and developing processes related to the integrity of the healthcare supply chain and the quality of materials within the supply chain. Rx-360 has conducted periodic independent audits of TraceLink since 2017, with a requalification audit most recently performed in Aug 2023. To inquire about licensing this independent audit report, please contact Rx-360 directly at the following link: https://rx-360.org/licensable-audit-reports/
Rephine, formerly known as Asociación Forum Auditorias (AFA), is a firm of deeply experienced auditors which proactively assists organizations within the life sciences industry around the world with their supply chain quality assurance and vendor auditing programs. TraceLink has been independently audited by this firm since 2018. To inquire about licensing this independent audit report, please contact Rephine directly at the following link: https://www.rephine.com/global-audit-library/
Quality and Security Management
Quality and Security Management
TraceLink's commitment to maintaining a high-quality industry-leading supply chain software is exemplified through our comprehensive Quality Management System (QMS) and Information Security Management System (ISMS). Together, these systems govern the development, deployment, maintenance, security, and support of TraceLink’s products and services.
TraceLink has achieved and maintained certification to ISO 9001:2015 and ISO 27001:2013 (inclusive of ISO 27017:2015 controls), and achieved SOC 2 / ISAE 3000 Type II attestation. These, along with other achievements and certifications, can be viewed on TraceLink's Certifications and Attestations webpage.
TraceLink Regulatory Intelligence
TraceLink Regulatory Intelligence
TraceLink is committed to our customers' global track & trace and compliance requirements by continuously monitoring the global regulatory landscape, as laws and regulations are introduced or modified, and by actively engaging in the definition of industry standards for newly emerging markets or as previously established regulations are modified. TraceLink products and services are enhanced to align with regulatory and industry requirements, thereby ensuring customers continue to adhere to compliance requirements and industry standards.
Software Development Lifecycle (SDLC)
Software Development Lifecycle (SDLC)
TraceLink's commitment to providing its customers with high-quality, secure, industry-leading supply chain software is the foundation of its software development lifecycle (SDLC). Structured to respond to the requirements of the regulatory landscape and the needs of TraceLink's customer base, the SDLC takes an agile approach to product quality with defined processes for requirements gathering, code building, testing, and installation.
Software Quality Assurance
Software Quality Assurance
TraceLink’s software Quality Assurance (QA) team is responsible for establishing robust processes and practices across the software development lifecycle (SDLC) with the goal of producing high quality software. These processes operate in accordance with defined internal procedures and applicable industry standards and include concepts such as risk management, separation of duties, independent reviews, and software testing.
TraceLink’s Test Plans describe the test strategy, along with applicable use-cases, data requirements, configuration needs and the test automation approach. The Test Plans are informed by Requirements, Functional Specifications, Acceptance Criteria, and High-Level Designs, and employ a Risk Management approach outlining mitigation plans for impacts such as data integrity, security, performance, regression, among others.
TraceLink Supplier Assurance
TraceLink Supplier Assurance
TraceLink protects the quality, reliability, and data integrity of its services and product offerings by following defined supplier management policies, including risk evaluation, based on intended use, data in scope, security, and reliability.
TraceLink's Quality Management System (QMS) governs the selection, management, oversight, termination, and replacement of approved third-party suppliers which are essential to or impact TraceLink services and product offerings. All suppliers are reviewed and qualified through collaborative processes between TraceLink Regulatory and Quality Compliance (RQC), Security, Legal, and Finance teams, and the internal business partner.
Internal Audit Program
Internal Audit Program
TraceLink's dedication to continuous improvement of our Quality Management System (QMS) and Information Security Management System (ISMS) is driven through processes such as the internal audit program. Through internal audits of our policies, procedures, processes, and controls, TraceLink identifies opportunities to improve and verifies continuous adherence to both internal and external standards, confirming our ability to provide customers with high-quality products and services.
Employee Training and Qualifications
Employee Training and Qualifications
TraceLink invests in new hire onboarding and continuous employee learning practices to ensure team members possess the necessary knowledge and skills for their defined role.
The TraceLink training program includes a defined set of core requirements across the organization, including awareness trainings for regulatory and quality, security, and data integrity. Additional training specific to an employee’s defined functional area and role responsibilities is required, including a review of applicable Quality Management System (QMS) procedures supplemented by a comprehension assessment recorded in the electronic learning management system.
This training program is designed to promote compliance with applicable internal and external requirements, and produce high quality products with service delivery excellence.
Document Management
Document Management
TraceLink's dedication to maintenance of our Quality Management System (QMS) and Information Security Management System (ISMS) is driven through document management processes such as authoring new procedures, revision control, archiving superseded versions, and confirming availability of effective quality documentation to TraceLink workforce members to promote accurate and consistent quality records.