Mettler-Toledo International Inc. (MTD) Earnings Call Transcript & Summary

Ladies and gentlemen, welcome to this Mettler-Toledo webinar on How to Achieve 21 CFR Part 11 Compliance with STARe Software. It's the Mettler-Toledo Thermal Analysis software. My name is Thomas Oberholzer, and I am Product Manager for Material Characterization and Thermal Analysis and organizer of this webinar. I am accompanied by an expert and today's expert is [ Nicholas Hedley ] from the Market Support Group. Nicholas and I are both located at the headquarter of Mettler-Toledo in Greifensee, Switzerland. So let me briefly introduce [ Nicholas ] to you. After studying Chemistry and Chemical Engineering, [ Nicholas ] began his career as a service and application person in France, later on in Ireland, Dublin. There, he also got in contact with many type of instruments and with many technologies as he was working for a typical distributor in the laboratory area. After this period, he moved to Mettler-Toledo to become first -- second level service person and later on the market support specialist. And in this application-related role, [ Nicholas ] is now working for about 12 years. [ Nicholas' ] most favorite topics is not CFR -- CFR compliant, no, it is TGA combined with other techniques. So TGA-MS, TGA-FTIR, TGA-TCMS. But [ Nicholas ] is also very versatile and multitalented, so he also got the job to explain the software. He is also our top specialist in explaining all the pace of our STARe software. So [ Nicholas ] will, during this session, also take the opportunity and explain you this software option basically live. The main part of the webinar will be a prerecorded presentation, and this will last for about 35 minutes. As we made the experience that our webinar content is quite compact. As I said, we will interrupt the presentation and [ Nicholas ] will summarize in his own words, some of the content, and he will demonstrate some parts of the software live with story. Yes. And if you have questions, we would kindly ask you to use the chat. It's not possible that I open the audio line. So your lines are muted, sorry for that, but it's necessary. Thank you. So then, we will now start the presentation.

Ladies and gentlemen, welcome to the Mettler-Toledo webinar on 21 CFR Part 11 Compliance. 21 CFR Part 11 is the acronym for part of Title 21 of the Code of Federal Regulations that establishes the United States Food and Drug Administration regulations on electronic records and electronic signatures. During the course of this webinar, I would like to describe the scope, requirements and significance of these guidelines. The slide lists the topics I want to cover. I would like to start with a brief introduction to 21 CFR Part 11. I will then present the scope and requirements for CFR compliance and the Mettler-Toledo STARe software solutions in this context. Following this, I want to explain the technical features of the CFR compliance option in the STARe software. Finally, I will summarize the topic and list a number of useful references for further information and reading. Typical questions for companies working under a regulated FDA environment are, have you read 21 CFR Part 11? Is your system validated for its intended use, who entered the data? How do you know which data have been changed? During the seminar, I will present more details about questions like this and how they can be addressed using the STARe software CFR compliance option. CFR is the acronym for the U.S Code of Federal Regulations. The CFR is divided into sections or parts that pertain to different areas. Title 21 is for food and drugs. It covers good clinical practice or GCP, good laboratory practice or GLP and good manufacturing practice or GMP for the pharmaceutical and healthcare industries. The FDA not only promotes and protects the market reach of safe and effective products for the public but also monitors the products for their continued safety. The FDA also helps the public to get the accurate science-based information needed to improve health. This is ensured by Part 11 which defines the criteria under which electronic records and electronic signatures are considered to be trustworthy, reliable and equivalent to paper records and hand-written signatures for acceptance by the FDA. 21 CFR Part 11 is in fact a law to prevent any falsification or fraud while permitting the use of electronic technology. As discussed in the previous Slide 21 CFR Part 11, regulations are obligatory for all healthcare industries that manufacture or export their products in or to the U.S. market. Part 11 is designed to help FDA regulated companies benefit from the use of electronic data management. In short, it gives detailed guidelines on how to manage electronic records and electronic signatures in order to maintain accuracy and security. The key objectives of Part 11 regulations are shown in the slide and include ensuring the generation of trustworthy and reliable electronic records and the ability to detect and keep track of any alterations to electronic records. Part 11 contains detailed guidelines for keeping trustworthy electronic records and signatures. However, Part 11 does not state which records must be generated and which records must be signed. This is the role of the predicate rule. Predicate is simply a legal term, meaning preexisting. For example, 21 CFR 211 current good manufacturing practice covers all phases of finished product manufacturing and correction and problem reporting. The predicate rule mandates what records must be maintained, the content of records, whether signatures are required, how long the records must be maintained and so on. If there is no predicate rule requirement for a record, then 21 CFR Part 11 most likely does not apply to the record. There are only 6 explicit requirements for signing records in 21 CFR 211 but consider that reviewed, approved and verified in the regulation also implies a signature. According to FDA regulations, all systems that come under Part 11 compliance require 3 types of controls, namely technical controls, procedural controls and administrative controls. Technical control is a vendor supplier responsibility. It includes functions built into software to ensure the reliability and integrity of electronic records and signatures. For example, to provide security and access to the application and audit trails. Procedural control is the user responsibility, generally that of the quality control department which provides SOPs or instructions for using and maintaining the system. Administrative control is the responsibility of the company to verify the identities of users. Guidelines are published to achieve these controls. One of the guidelines for software is GAMP or Good Automated Manufacturing Practice. I will now explain this in more detail. GAMP or Good Automated Manufacturing Practice provides guidance to help with the validation of a computerized system. CSV stands for Computerized System Validation. This slide shows the classification of software into different categories. Systems used to control the instruments, acquire and process the data and report the final results are classified into categories 3, 4 and 5. As we progress through the categories, validation becomes more specific. According to the definition of validation, one has to demonstrate that the software operates as expected. However, validated software may contain bugs. So software support is the responsibility of the vendor. The STARe software is classified in category 3, it is used off-the-shelf and controls the instrument, acquires and processes data and reports the final results. Now let's take a closer look at Computerized System Validation or CSV using the model shown in the slide. CSV demonstrates that the computerized system operates in accordance with predefined specifications. The predefined specifications are written in the User Requirement Specification or URS. It documents the functional parameters of the instrument and software that the user requires. The term DQ or Design Qualification is also used. IQ, OQ and PQ are performed after the user has purchased the system that best suits his or her requirements. The IQ or Installation Qualification is the documented evidence that the installed system matches the vendor's specifications. The OQ or Operational Qualification is performed once the IQ has been completed and approved by the user. This documents the evidence that the system operates as specified by the vendor. Finally, the PQ or Performance Qualification is carried out. The PQ is the documented evidence that the system performs according to the URS. The PQ is the last step before the instrument is ready to use. Finally, change control as part of the ongoing validation process. It consists of periodic reviews to ensure that the system remains fit for purpose and controlled, for example, when changes are made to the system. GMP and 21 CFR Part 11 compliance means providing additional security to the data management system. The STARe software is designed as a closed system, more precisely an environment in which system access is controlled by persons who are responsible for the content of electronic records present on the system. In order to achieve this compliance, the STARe software provides password access control to the application, assigns user rights for each user level, ensures file integrity with electronic records and properly logs the audit trail and electronic signatures. The STARe software is designed and tested according to the Mettler-Toledo Internal ISO 9001 quality management standards. Mettler-Toledo provides IQ and OQ at installation and can assist the customer with PQ. Furthermore, the STARe software can be integrated into a Laboratory Information Management System or LIMS for short. The STARe software is delivered with a certificate of system validation. Now let us discuss each technical feature of the STARe software in more detail. Firstly, access control. The primary role of access control is to limit system access to authorized individuals only. When data management is controlled technologically, it is mandatory that the system owner should know who is accessing and altering system data. STARe software provides state-of-the-art access control. This implies password policies for user identification, so that every user is unique and has a user name and a specific password. The STARe software can therefore only be used if the log-in is successful. Old accounts can be disabled but not deleted. Users cannot be deleted or renamed even if no other records refer to this user. In this way, the STARe software ensures that the entries in the audit trail can be uniquely assigned to a particular user. As a result, it is not possible to have more than one distinct user with the same identification throughout the lifetime of the STARe database. The STARe software provides additional features related to access control for password policies, the user policies dialogue box on the right of the slide shows how an administrator can assign these password policies to a user account. The system administrator defines the minimum password length with or without special characters and expiration date for the password, which must be periodically changed can be set. And if allowed a reuse period can be assigned. To ensure that unauthorized people cannot access the STARe software, the administrator is provided with certain extended features. For example, the maximum number of log-on attempts permitted before an account gets locked. The administrator can define a deactivation time for the STARe screen saver lock which allows automatic logging off of a STARe user after a certain period of inactivity or if the user has forgotten to lock his applications before leaving the PC. Each user is assigned a user role. The user role defines the group of rights granted to that particular user, for example, administrator, lab manager, lab technician or operator. The system administrator is the only responsible authority who can create a new user account. He or she allows a user role and a signature level for that particular user account. The user accounts dialogue box on the right of the slide shows how the system administrator West creates an account for the new STARe user, Michael Fraser, as a lab technician. I will explain more about user roles and user rights in the following slides. Now let us turn our attention to user level management. User level management consists of user rights and user roles and allows you to limit the functions that can be performed by a particular user. It ensures that only the data and functions actually required are linked to that user. This is extremely valuable for a multi-user system that is shared by several individuals. Each user is assigned an individual user role. The user role defines the group of rights granted to that particular user. For example, administrator, lab manager, scientist, lab technician and so on. The number of user roles that can be defined is not limited. One or more of up to 30 different rights can be granted as appropriate to an unlimited number of different user roles. As I explained earlier on, each user is assigned a user role and signature level that corresponds to the user's daily business requirements. This means that a user can only sign a record if he or she has the basic right to do so and also has the appropriate signature level. Let us assume that a system in a QC lab is used by multiple users and is supervised by a lab manager. As shown in the table, we have created 4 different hierarchical levels of user roles corresponding to the various functions of the personnel in this imaginary laboratory. The user, Fraser, who has a user role defined as a lab technician is only authorized to run measurements. He has to sign a record as tested and submitted for review to scientist Miller. Once Miller has signed the record, only users with a signature level higher than 4 can additionally sign the same electronic record. Here, in this case, it's [ Wittman ] and Jones because they have signature levels of 7 and 10. The final result is released by Jones, the lab manager. In this way, each person involved has to add their part to complete the puzzle.

Good morning, good afternoon, everyone. So we have our first Q&A session now. I will kindly ask you to use the chat if you have any questions. In the meantime, to give you some time to write your questions, I will show you on my STARe software, basically how you can set up these user roles and so on. I will now share my screen. So this is the main bar of STARe software. Now we log -- now log in with my name. So here as you can see, I have to type in my password. So this is unique -- how many, [ yes, ] in the software can be called the same as [ Nicholas. ] Now I have access to the software. So everything that we are seeing so far about user roles, signature levels and so on is under the installed window. Now the installed window, we have here different user accounts, user roles, user policies and for the signature. Down to user policies, this is where you can define about password. They must have how many at least number of characters, special charters, and of course about expiration. And then you can tell also the software if can the -- same password can be reused and after how many days. And this is where, if, for example, someone is leaving the company, the user account can be disabled. User accounts, here, this is where you can create a new user. So for new -- sorry, I have first to log in as system administrator because I do not have the user rights to do it. So on the user accounts. Now, I have the right to create a user. So you have to put the first name and the last name. For example, here, you have the windows user. So if the same user is logging into the PC in windows with the same name, then when you start the software it will not ask you for password. You can set up for e-mails. Here is where you can define the role. At the moment, in my system, I have only two defined role, system administrator or default role. And I will come back to this and here is the signature levels. Here, I have 3 of them are defined in my setup. Once you are created here, you can just file and save as [ user today. ] So if I open maybe here, system administrator, you can see that the administrator Mettler is a system administrator of the software and has the signature level of release. And if I open my profile, I do not have a system administrator but default role with the signature level of tested. The user roles where you can define here the roles, the user roles are here. Here, there is no limitation. So you can create as many user roles as you want. And here for each role, you are assigned some rights, so you can define, for example, to administer the system, administer the user and the database. And this could be, for example, and also the general administration. This could be also the system administrator only for the system that means this user will not be able to open or modify the methods and to open or modify the 7x evaluation and so on. Additionally, now we have also created something else, which is called user groups, [ the idea is if ] the STARe software used in a laboratory with different groups, so the easiest example is QC and R&D, you can create a group QC, put all the QC technician in that and create a group R&D. And then later on, that means the technicians from QC will not be able to see the curves and evaluation from the other groups. You need to be part of the group to be able to open an evaluation. Then we have here the levels, the classification of signature. Here you can define up to 10. So we have the level 1 up to Level 10. And each of them can be at a new level. So it could be just tested review, for example, released, you can add a second one with approved. That means at signature levels, this one, the level 1 has to sign, then the level 4, 7 and level 8 in this case. So all of these that we have seen in the webinars is under the installation window and we have 4, 5 icons to define how to set up the system, so -- there is no questions. So I think, Thomas, we can continue.

Okay.

In this regulated environment, electronic records must be protected against intentional or accidental modification in order to ensure file integrity. All electronic records are stored in the STARe software database. This means that only authorized STARe users can access data via the STARe software. A Windows user cannot access data in the database via the operating system. This provides more enhanced security compared with a file-based system. Copies in human readable form and in electronic form can be generated of all electronic records that can be signed. The content is the same as in the textual or graphical print-outs. Electronic copies for inspection, by internal or external auditors, for example, the FDA are generated in a noneditable format. For the STARe software, this is the PDF file format. Once you decide to sign an electronic record, the process of signing involves user authentication. This requires entry of your user name and password and the selection of a predefined meaning of the signature. The signature right and the signature level are checked. The signature is linked to the record you sign and cannot be removed, copied or transferred. The electronic signature dialogue box shown on the right illustrates the process of electronic signing of the record. User Jones is about to sign a record and the system is asking for user authentication. He has to enter the mandatory fields like user name, password and meaning of the signature. Additional information can be entered in the remarks box. This slide shows more details concerning the signature level. When you sign a record in the electronic signature dialogue box, you must give the signature, a particular meaning. The STARe software defines up to 10 meanings and levels of a signature. Only the system administrator has the right to define the meaning of signatures. The meanings of signature's dialogue box shown in the slide explains the meanings of signatures defined for a laboratory as an example. Level 10 is the highest level responsible for the release of the electronic record, whereas the meaning of Level 1 is tested or run a measurement and is the lowest. The first level check box is always selected and cannot be cleared. The system administrator can select as many check boxes in the level column as necessary and enter suitable texts that describe the meaning of the signatures in the meaning column. This can, for example, be in accordance with an existing SOP in the laboratory, such as reviewed, approved and so on. To sign a record more than once, every subsequent signature must have a higher level of meaning than the previous signature. Note that 21 CFR 211 requires at least 2 signatures. Once the electronic record has been signed, the signature is linked to the record you sign and cannot be removed, copied or transferred. This process generates a printed name of the signer, date and time of the execution and the history of all signatures related to this electronic record. The electronic signature status is visible in the electronic display as well as on the print out of each electronic record. The STARe evaluation diagram in the slide shows a signed evaluation file. The electronic signature dialogue box on the upper right shows details of the electronic signature history. The detailed history related to an electronic signature can be obtained by clicking electronic signature in the file menu in the STARe software evaluation window. This shows all the relevant details of the signed record that is when Fraser signed the record as tested and submitted it for review, when Miller reviewed the record. And finally, when the lab manager Jones released the record.

Welcome, everyone, for the second Q&A session. So there is a question in the chat, did say what should I do if I forgotten my passwords. So if a user has forgotten his passwords, only a system administrator can clear the password. And to do that, so here, I'm logging as a system administrator. If I open a user account. Let's take the first one. Here, I can clear his password. That means the next time the user easy click will log in, it will ask you for a new password. You can also change directly from this page if the user easy click is visible in the lab, you can change this password from here on the system administrator. Now the question arises, if you have only one system administrator and the system administrator has lost his password. And if you're under 21 CFR, there is nothing really that I can do. That's part of it. The only thing what we can do is to make a backup of the database and reload a new database. When you reload a new database, you can recreate new user and new system administrator. So second question, if we only have two signature. Sorry, I did not share -- I will share my screen to show you how to do it in the installed window here. I'm now logging as a system administrator, and I will open now default role and you can see here and your system administrator has the right here to clear the password or to change the password. So we can clear the password that in less time, easy click is log-on on the software. You will be asked to enter a new password. So the second question if we only have 2 signature, they need to be tested and released. That's just a name that Mettler gave. You can change the name. So the name can be whatever you want, it will be measured, it will be approved. They are here. You can see, we can say, for example, whatever you want. This is just a name, this is according to your requirements. Could be [ here and here, ] so this will be an example. So as I say here, if a system administrator forgot his password, do not ask Mettler to log in into the software for you if you are here. In the 21 CFR Part 11 is sticky. That means there is nothing we can do for you. Okay. So just to show you how easy it is to sign an evaluation. Maybe you should log in with my name because I am the default. If I open [indiscernible] samples to heating by DSC. I can make an evaluation, for example if I evaluate like this. Now, I can save as [indiscernible] now what I can do, I can sign this evaluation. So I can say sign the evaluation. In this case, a new pop-up windows appears with my name, asking me for my password to make sure this is really me. I can type here the reason here. So now that I signed this evaluation, if I want to change something. For example, I did this, now I want to save again, no, I cannot save again because I signed the evaluation. So only someone with a higher level of signature can revoke my signature. So this is of course done by logging with a higher level if I open this evaluation. So only with a higher level, I am not signing as Mettler, I can also sign but if I can revoke here, for example, and save on evaluation. In this case, as a tested level, I can now redo the evaluation inside. And everything that we have done so far is recorded into the software. So there is no more questions. That's very easy how it is with the software. I think Thomas we can continue. Yes, we can continue Thomas...

Oh! Sorry, sorry.

Mettler-Toledo has implemented 2 different types of computer-generated time-stamped audit trails in the STARe software. The first is the system audit trail. This keeps detailed records of all system changes, such as log-in attempts, software version changes, backup and restore user creation and so on. The other is the analysis audit trail. This keeps detailed records of all significant changes of electronic data objects. It documents the creation and modification of any electronic record. At the same time, it keeps track of what was changed in the data, its previous and new value, who made the change, when the change was made and why the change was made. I will explain this in more detail in the following slides. First, a few more details about the system audit trail, which keeps track of all system changes. The system audit trail dialogue box in the slide shows an excerpt of a system audit trail generated by a STARe system shared by multiple users in a laboratory. It records details of log-in attempts made by various users, user account creation, password changes made by different users with a log off date and time. The analysis audit trail keeps detailed records of all significant changes of electronic data objects. It documents the creation and modification of any electronic record. Generally speaking, the analysis audit trail keeps track of what was changed in the data and logs it in the record type column, for example, who made the changes, when the change was made and why the changes were made. The analysis audit trail dialogue box chosen analysis audit trail of a STARe system shared by multiple users in a laboratory. In this example, the date was used as the filter of criteria. Some companies prefer to have their software systems integrated in a laboratory information management system or LIMS. LIMS connectivity is made possible using a software part called the STARe Gateway. The LIMS interface software option enables you to access the STARe software database and to control some features of the STARe system. The LIMS requests the STARe software to create a LIMS order. Typically, the purpose of the order is to run a thermal analysis experiment, evaluate the measured data and generate a report. The STARe software, together with the LIMS interface can implement specific customer requirements. For example, the LIMS order may comprise the order to export only a particular result of the evaluation of the curve, even though the evaluation may include several other results. It is, of course, also possible to export more than one result at a time to the LIMS. A single press of the button then sends the report directly to the LIMS. This slide shows a summary of the main features and benefits of the STARe 21 CFR 11 compliance option. In this webinar, I have explained features that are mandatory requirements of CFR regulations such as strict access control, user management, electronic signatures of data records and audit trails. Finally, I would like to draw your attention to information about the STARe software and the CFR compliance option that you can download as PDFs from the Internet. For example, you can download data sheets describing the 21 CFR 11 compliance and user rights STARe software options. You can also obtain detailed information from our validation and thermal analysis and practice handbooks. This concludes my presentation on the Mettler-Toledo 21 CFR Part 11 compliance option. Thank you very much for your interest and attention.

Hello, everyone, and welcome back. So I would like just to show you for this last Q&A session, give you some time to write the last question. I would like to show you here just the system and analysis audit trail. Of course, you need to have the user rights to open them. And here if I just click on it, we can see here all the log-in -- log on action that was done in the software. We can also classify with other. So here, it's everything that was done in the software since this morning, we can directly switch to analyze this trail, also click here. I will make switch to the analysis trail. And here is basically what has been done in terms of records here. So that means, for example, that the last one here with STARe, I created a record, Mr. Mettler created a record. It has been signed and so on and so on. So this is automatically saved in the trail each time you do an action. So if you save a record, if you open, you modified a method, if you save -- if you create a method, if you make a new evaluation and sign this evaluation, this will be recorded automatically to this analysis audit trail. So if you have any more questions later on, you can always ask your questions, and we will answer to you. In the meantime, if there are no more questions, I will leave it back to Thomas.

Okay. Then we'll go back and [indiscernible]. So then, it's time now to finish, and I will finish by remind you for our upcoming thermal analysis webinars end of July, July 27, we will talk about hot-stage microscopy thermo-optical analysis. Then on August 23, we will have thermal analysis of paints and coatings. And on September 28, we will talk about crucibles for thermal analysis, our huge crucible -- present our huge crucibles portfolio. So we hope that you will also join these webinars. And then I would like to thank, first of all, [ Nicholas, ] for his work and his demos. And then also, of course, I would like to thank you for attending this webinar, and I hope to see you again. With this, I wish you a nice evening or afternoon, wherever you are, and hope to see you again. Bye-bye.