摘要：The necessityfor contractual agreements is laid down in chapter 7 "OutsourcedActivities" of the EU GMP Guidelines as well as in Annex 11"Computerized Systems" of the guidance. The following arerequirements for contractual agreements between a Regulated User (RU) and aCloud Service Provider (CSP) which are meant to ensure the integrity of data (inmotion and at rest). These requirements cannot explicitly be foundin the EU GMP Guidelines, they should however be considered as useful:。以下是受监管用户(RU) 和云服务提供商(CSP) 之间的合同协议要求, 旨在确保数据的完整性。

Ensuring the data integrity of cloudservice providers

确保云服务提供商的数据完整性

Theintroduction of cloud services into the GMP environment increases. The costfactor dominates the discussion; however, specific risks need to be taken intoconsideration. Especially the issue of data integrity in cloud applications isnot to be underestimated. What agreements need to be included in contracts withcloud service providers in order to ensure data integrity?

云服务被引入GMP 环境的情况不断增加。成本因素主导了讨论;但是，还有特定的风险需要考虑。尤其是云应用中的数据完整性问题不容小觑。为了确保数据完整性, 需要在与云服务提供商的合同中纳入哪些协议？

The necessityfor contractual agreements is laid down in chapter 7 "OutsourcedActivities" of the EU GMP Guidelines as well as in Annex 11"Computerized Systems" of the guidance. The following arerequirements for contractual agreements between a Regulated User (RU) and aCloud Service Provider (CSP) which are meant to ensure the integrity of data (inmotion and at rest). These requirements cannot explicitly be foundin the EU GMP Guidelines, they should however be considered as useful:

欧盟GMP指南第7章"外包活动" 以及附录11 "计算机化系统" 规定了合同协议的必要性。以下是受监管用户(RU) 和云服务提供商(CSP) 之间的合同协议要求, 旨在确保数据的完整性。这些要求在欧盟GMP 中未明确, 但这些要求应被考虑:

• Data transfer should only occur in encrypted form and in a way which ensures that the data being transferred are complete and unchanged.
• 数据传输只能以加密形式进行, 并以确保所传输的数据完整且不变的方式进行。
• CSP handling sensitive data or data with high availability requirements must have a certified ISMS (Information Security Management System) in place (e.g. as per DIN 27001).
• CSP 处理敏感数据或具有高可用性要求的数据必须有经过认证的 ISMS (信息安全管理系统) (例如, 根据 DIN 27001)。
• CSP handling sensitive data or data with high criticality must submit to penetration testing in the course of their qualification.
• CSP 处理敏感数据或关键数据的程序，必须在其确认过程中进行渗透测试。
• Sensitive or critical data may only be stored in encrypted (or pseudonymized) form.
• 敏感或关键数据只能以加密 (或假名) 形式存储。
• A deployment model should be chosen based on criticality. Private or community cloud models should be chosen rather than a public cloud for sensitive data.
• 应根据关键程度选择部署模型。对敏感数据，应选择私有云或社区云模型, 而不是公共云。
• Sharing data with a third party (e.g. subcontractors), e.g. providing infrastructure (storage space for backups, redundant computing power, etc) should be prohibited or dependent on the RU's approval.
• 与第三方 (例如分包商) 共享数据, 如提供基础设施 (用于备份的存储空间、冗余计算能力等)的做法应禁止或经RU批准。
• The deletion of data must be fully guaranteed.
• 数据的删除必须充分担保。
• It must be possible to export data in a way that allows RUs to switch CSPs or get the data back on premise.
• 必须能够以允许 RU切换 CSP 或在工厂导出数据。
• Only a limited, specifically selected and qualified group of people from the CSP should be able to access the data.
• 只有有限的、经过特殊选择和确认的CSP人员才能访问数据。
• If data has been encrypted, the key management should lie with the RU.
• 如果数据已加密，则密钥管理应放在RU。
• The CSP informs the RU about changes which might impact the application or database. A notification of change with release note is expected, ideally issued before the actual implementation of the change so that the RU may check the effects of those changes, if necessary.
• CSP应向RU通知可能影响应用或数据库的变更。 要求发布变更通知，最好在实际执行变更之前发布，以便RU可以在必要时检查这些变更的影响。

公众号