Pharma QMS Cloud Platform - GMP, 21 CFR Part 11, ICH, ALCOA+

Overview

Pharma QMS Cloud Platform is a purpose-built, GMP-grade Quality Management System developed for pharmaceutical API manufacturers operating under Indian Schedule M, 21 CFR Part 11, and ICH Q1A(R2) regulatory frameworks. Built for an API manufacturer— the platform replaces fragmented paper-based and spreadsheet-driven QC, warehouse, and dispatch workflows with a single cloud-hosted, audit-trail-grade, multi-role digital system.

The platform covers the complete batch lifecycle from raw material receipt to customer dispatch: inward GRN and container tracking, analytical requests across all four QC types, label management with direct printer integration, certificate of analysis generation with three-signature cryptographic release, stability study management, and a persistent print queue with role-scoped access — all built on an immutable, hash-chained audit trail.

Problem

Most Indian MSME API manufacturers, operated quality management through a combination of paper-based SOP records, manual Excel batch logs, and disconnected QC tracking sheets. The revised Schedule M (effective 2025) mandated a formal Pharmaceutical Quality System including documented CAPA, audit-trail-grade electronic records, and traceable batch release — requirements that paper-based systems fundamentally cannot meet.

Beyond compliance, specific operational problems had no digital solution anywhere in the Indian market:

• Five custom label formats (WH01001, PR01006, PF01006, QC01029, QA01035) were printed manually on generic blank templates, with no link between the physical container label and the QA approval record, making container traceability unreliable during audits.
• Certificate of Analysis generation required manual data transcription from QC Excel sheets into Word templates, with three QA signatures obtained on paper — a process prone to transcription errors and impossible to cryptographically audit.
• Analytical Requests for all four QC types (Raw Material, Finished Goods, In-Process, Stability) were managed in siloed spreadsheets with no spec-snapshot mechanism, meaning historical ARs could not prove what specification was active at the time of testing.
• No Indian pharma QMS vendor offered a system covering label management, AR workflow, and COA generation in a single integrated platform at a cost accessible to an MSME API plant.

Challenges

1. Zero-gap audit trail under 21 CFR Part 11 Every data change, approval, and label print must be captured in an immutable, tamper-evident log with cryptographic hash chaining. Standard web frameworks do not provide this — it required building a custom audit engine that computes SHA-256(previousHash + entityId + action + userId + timestamp + delta) on every write, enforced at the database transaction level, not the application layer.

2. Client-specific label templates at exact format numbers Five reference labels were not generic — each had a specific format number, department code, signing authority, and trigger event. The WH and PR Quarantine labels both fire on GRN approval but have different scopes (GRN-level vs container-level), different signers, and different data fields. The PF label triggers on a new workflow event (Material Issue to Production Floor) that no existing QMS modelled. Building these required defining a new MaterialIssue entity, a ZoneType enum, and a per-user print queue with own-prints-only scoping.

3. Direct network label printing from a web application Browsers cannot open raw TCP sockets. Sending ZPL directly to a Zebra/TSC label printer at TCP port 9100 requires a server-side socket connection triggered by a client action — without introducing latency that makes the UX feel broken. The architecture delegates ZPL rendering and TCP transmission to a Next.js Server Action, with PDF fallback using Puppeteer for A4 Avery sheet layouts when no network printer is configured.

4. Cryptographically signed COA PDF with three-signature release A Certificate of Analysis in a GMP context is a legal document. The three signers (Prepared By, Checked By, Approved By) must sign with re-authentication, and the signed PDF must be tamper-evident over its full lifetime (10-year regulatory retention). This required implementing PAdES B-LT long-term validation signatures using a KMS-backed key, with the signed PDF stored under object lock in S3 — so that not even an admin can overwrite or delete it.

5. Computer System Validation (CSV) as a parallel workstream A validated QMS cannot just work — it must be documented as working, with IQ/OQ/PQ protocols, ~225 executed test cases with evidence, a Traceability Matrix linking every URS requirement to a test result, and a Validation Summary Report signed by  QA Head. Running this workstream in parallel with development, without blocking either, required treating the spec documents as living artefacts updated at the end of each sprint — not written after the fact.

Solution

The platform was delivered as a cloud-native, multi-tenant Quality Management System (QMS) built specifically for pharmaceutical manufacturing workflows. The solution combines quality control, label management, compliance automation, and certificate generation within a single operational platform.

• Multi-Tenant QMS Platform
  Provide complete tenant isolation through dedicated databases while supporting centralized cloud operations and deployment.
• Role-Based Access Control
  Enforce secure operations through a seven-role permission model with function-level authorization and comprehensive audit logging.
• Label Management & Print Automation
  Generate, preview, queue, and distribute pharmaceutical labels across multiple printing formats and devices.
• Analytical Request Management
  Manage quality-control workflows with immutable specification snapshots, approval workflows, and compliance-driven audit trails.
• Certificate of Analysis (COA) Automation
  Generate digitally signed certificates from dynamic templates and securely distribute them through customer-facing channels.
• Compliance & Traceability
  Support regulatory requirements through electronic signatures, multi-factor approvals, audit logs, object-lock storage, and end-to-end activity tracking.

Architecture

The platform follows a cloud-native, multi-tenant architecture built for pharmaceutical quality management, regulatory compliance, and operational traceability. A Next.js application provides the user interface and business workflows, while dedicated PostgreSQL databases ensure complete tenant isolation. Compliance-critical processes such as audit logging, electronic signatures, label generation, and COA management are enforced through server-side services and background workflows.

Next.js 14 & React - User interface & workflow management

Next.js Server Actions - Business logic & secure server-side operations

PostgreSQL & Prisma ORM - Tenant-isolated data management

Custom Audit Engine - Hash-chained audit trails & compliance logging

Role-Based Access Control - Seven-role authorization framework

Label Management Engine - ZPL/TSPL rendering, preview & print workflows

Industrial Printing Layer - Zebra/TSC network printing & PDF generation

COA Management System - Digital signatures, approvals & certificate lifecycle

AWS S3 & KMS - Immutable document storage & cryptographic signing

Redis Queues & Background Jobs - Notifications, print queues & workflow automation

Multi-Tenant Infrastructure - Dedicated databases with centralized cloud operations

India Data Residency - AWS Mumbai deployment for regulatory compliance and data sovereignty.

Key Features

• Hash-chained audit trail — tamper-evident log of every system action with cryptographic linkage; satisfies ALCOA+ and 21 CFR Part 11 data integrity requirements
• Label templates pre-built to exact format numbers (WH01001, PR01006, PF01006, QC01029, QA01035 + REJECTED + HOLD), each with typed data sources, role-gated print permissions, and reprint reason enforcement
• Three-output label printing — direct Zebra/TSC network printer (TCP/9100), Avery A4 sheet PDF (8-up/24-up), and ZPL file download — with per-user default printer preference stored in UserPrinterPreference
• Print Queue — persistent, user-scoped (own prints only), with Never Printed / Already Printed tabs, age-based overdue alerts (amber >4h, red >8h), toast notifications, and SYS_ADMIN full-view with reassign and cancel actions
• Material Issue to Production Floor — new workflow event setting Container.currentZone = PRODUCTION_FLOOR, triggering PF label with the issuer's signature (not the GRN creator's), captured in a new MaterialIssue entity
• Analytical Request for all four QC types — Raw Material, Finished Goods, In-Process, Stability — with spec snapshot, OOS flagging, and QA e-signature triggering container status and print queue population in a single transaction
• COA generation with AI template mode — upload reference COA PDF → AI generates Handlebars HTML template → live data-bound preview → three-signature cryptographic release → PAdES B-LT signed PDF under S3 object lock
• Stability Study Management — ICH Q1A(R2) Climate Zone IVa protocols (30°C/65% RH long-term; 40°C/75% RH accelerated), time-point AR auto-creation, trending charts, Stability Summary Report
• Progressive disclosure navigation — role-filtered sidebar collapsed by default, context-aware auto-expansion after trigger actions, next-step prompt cards, pending work badges
• Computer System Validation (CSV) package — URS, FS, DS, IQ/OQ/PQ protocols, ~225 test cases, Traceability Matrix, Validation Summary Report per GAMP 5