This case involved the implementation of a successful IAAS solution that meets the regulatory requirements, it describes the process and success factors with MyMeds&Me: a UK company providing a SAAS solution to Pharma and CROs for the collection and processing of drug side effect and adverse event data direct from patients and physicians.

Requirements:
• Compliance with EMA (Eudralex) and CFR (FDA) regulations
• Qualified IT Infrastructure
• Having processes and procedures in place to maintain the qualified status of the IT infrastructure (such as change mgt, incident mgt, supplier mgt, backup/ archiving and restore, disaster recovery, etc.).

Furthermore, security policies and standard should comply or exceed ISO27001 and NIST standards so following URS are set up:
• Physical security
• Network security
• Access control
• Data isolation

To ensure that the compliance of MyMeds&Me is preserved, procedures are put in place. The Iperion administrators are trained in these procedures and qualified to administer the platform. Furthermore, there is a high level of technical and GxP expertise at both companies which shows the proven level of quality that is maintained.