A Summary of Tulip's GxP Capabilities

Here are the features and company practices that Tulip uses to comply with GxP regulations.

Tulip works with customers in the life sciences industries. Therefore, we offer a special version of our cloud software that was developed according to the GAMP 5 framework under a QMS compliant with ISO 9001:2015.

Here is how Tulip complies with typical GxP standards.

Internal Practices

Tulip uses a QMS that was designed in compliance with ISO 9001:2015.

Tulip offers an LTS, or long term support, release to support the needs of regulated customers. This is released every 6 months.

GxP Specifics

Tulip uses the term "GxP Mode" to describe the version of its cloud software that is used by customers with GxP requirements. This version provides the following:

• Stricter control over app assignments
• Stricter controls over app execution
• Stricter controls over app editing
• Display more explicit Dates
• Display IDs alongside Names

Here are our practices around different software features required for GxP compliance.

Access Control

Tulip has multiple user roles that allow for different levels of access to Tulip and the Tulip Player.

Running Apps on the Shop Floor

Stations can only run apps on one Display Device at a time. A device running the Tulip Player automatically logs out when it is transferred away from a Station.

The Tulip Player will automatically logout and cancel any running app after a customizable number of minutes of inactivity (with a warning prior to log out). This can be disabled upon request.

Version Control

All apps in Tulip are version controlled. When an app is executed in the Tulip Player, the version number of the app is logged alongside all other app data with each Completion.

You can only run "Published Versions" of Apps on Stations. If you'd like to run a non-published version, you need to click Run from the App Editor.

Your organization can define which users are allowed to publish specific apps.

After the app is published, the Tulip Player at the operator’s workstation will open the latest published version of the app upon the next time that the app is restarted, completed or cancelled.

Approvals

The Approvals feature allows you to define which Tulip users are required to review a new version of an app before it can be used on the shop floor. Only users with the "Account Owner" role can modify Approvals.

The latest version of the app must be signed electronically by all approvers before it is published and made available to be used by operators.

Precise Data

All Activity History will include the unique IDs of Apps, Users, Connectors, and Dashboards.

Unique IDs are also visible in other parts of the platform:

• API Token IDs on the API Tokens page
• Table Column IDs when hovering over a column
• Station IDs when viewing app completion data

Dates are more explicit in Activity History. Each timestamp is included as text and structured as the following:

MMM-DD-YYYY / HH:mm:ss Z

Example: Jan-05-2023 / 21:15:21 +02:00

Tulip also provides an audit log for each individual Table Record, which is used to store information about a single batch, material or subassembly. This is displayed in the Digital Record History in an app.

App Building Permissions

By default, only the app creator can edit an app after they create it. They can give permissions to others to edit the app if needed.

Apps are also read-only from the Stations page.

Electronic Signature for Operators

Tulip allows operators to sign within apps using e-signatures to certify that they have completed the app.

Added Warnings Before Actions

Warning messages pop up for certain actions as extra security and verification. These warnings appear when you:

• Delete a station
• Delete a station group
• Remove a display device
• Reassign a display device to another station

Further Reading

• Tulip IT Welcome Guide
• Using SAML for User Management
• Using LDAP for User Management