Presentation of the new EUROLAB guidance document on the management of digitalised processes in laboratories accredited to ISO/IEC 17025:2017

Salingros, Edouard

doi:10.1007/s00769-026-01704-x

Article (Scientific journals)

Presentation of the new EUROLAB guidance document on the management of digitalised processes in laboratories accredited to ISO/IEC 17025:2017

Salingros, Edouard

2026 • In Accreditation and Quality Assurance

Peer reviewed

Permalink
https://hdl.handle.net/2268/344210

DOI
10.1007/s00769-026-01704-x

Files (1)Send to Details Statistics Bibliography Similar publications

Files

Full Text

Edouard Salingros ACQUAL - Accepted manuscript.pdf

Embargo Until 07/Oct/2026 - Author postprint (347.97 kB)

Request a copy

All documents in ORBi are protected by a user license.

Send to

RIS BibTex APA Chicago Permalink X Linkedin

Details

Keywords :

Data integrity; Digital transformation; Information management system; Information security; Risk-based management; Chemistry (all); Chemical Engineering (all); Instrumentation; Safety, Risk, Reliability and Quality

Abstract :

[en] Digital transformation has become a key challenge for laboratories, with its share of benefits but also of risks, mainly for information security. The last version of ISO/IEC 17025:2017 puts a stronger emphasis on risk management, confidentiality and information management. Based on surveys and reported issues from laboratories across Europe, EUROLAB (the European federation of national associations of measurement, testing and analytical laboratories) identified the need for more practical guidance on how to address ISO/IEC 17025 requirements in the context of digitalised processes. This article presents the last EUROLAB guidance document on the management of digitalised processes. The goal of the guidance document is to answer two broad questions: (1) “How to meet ISO/IEC 17025:2017 requirements related to the use of digital technologies and information security ?” and (2) “How digital technologies can be used to support compliance to ISO/IEC 17025:2017 requirements in general”. This guidance extensively links ISO/IEC 17025:2017 and ISO/IEC 27001:2022, lists the most frequent risks in laboratories, suggests a risk analysis methodology called “risk-based classification” and provides practical recommendations about a total of twenty preventive and corrective actions (i.e.“controls”). Perspectives for future improvement are also identified.

Disciplines :

Physical, chemical, mathematical & earth Sciences: Multidisciplinary, general & others

Author, co-author :

Salingros, Edouard ; Université de Liège - ULiège > GxABT : Centres attachés > Bureau Environnement et Analyse (GxABT)

Language :

English

Title :

Presentation of the new EUROLAB guidance document on the management of digitalised processes in laboratories accredited to ISO/IEC 17025:2017

Publication date :

07 April 2026

Journal title :

Accreditation and Quality Assurance

ISSN :

0949-1775

eISSN :

1432-0517

Publisher :

Springer Science and Business Media Deutschland GmbH

Peer reviewed :

Peer reviewed

Additional URL :

https://link.springer.com/content/pdf/10.1007/s00769-026-01704-x.pdf

Available on ORBi :

since 20 April 2026

Statistics

Number of views

55 (0 by ULiège)

Number of downloads

0 (0 by ULiège)

More statistics

Scopus citations^®

Scopus citations^®
without self-citations

OpenAlex citations

Bibliography

Kranjc T Zupancic K Pavlek TT Erjavec J Introduction to laboratory software solutions and differences between them Digital Transformation of the Laboratory 2021 New York Wiley 10.1002/9783527825042.ch3
Munir T Akbar MS Ahmed S Sarfraz A Sarfraz Z Sarfraz M et al. A systematic review of internet of things in clinical laboratories: opportunities, advantages, and challenges Sensors 2022 10.3390/s22208051 36502215 9736267
Higgins SG Nogiwa-Valdez AA Stevens MM Considerations for implementing electronic laboratory notebooks in an academic research environment Nat Protoc 2022 10.1038/s41596-021-00645-8 35031789
European Union Agency for Cybersecurity (2024) ENISA Threat Landscape 2024, Brussels. https://www.enisa.europa.eu/publications/enisa-threat-landscape-2024
European Union Agency for Cybersecurity (2024) Foresight cybersecurity threats for 2030 - update 2024 (extended report), Brussels. https://www.enisa.europa.eu/publications/foresight-cybersecurity-threats-for-2030-update-2024-extended-report
European Union Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (General Data Protection Regulation) Off J Eur Union 2016 119 1 88
European Parliament and Council of the European Union Directive (EU) 2022/2555 of the European Parliament and of the Council of 14 December 2022 on measures for a high common level of cybersecurity across the Union, amending Regulation (EU) No 910/2014 and Directive (EU) 2018/1972, and repealing Directive (EU) 2016/1148 (NIS 2 Directive) Off J Eur Union 2022 333 80 152
Organisation for Economic Co-operation and Development (2007) OECD series on principles of good laboratory practice and compliance monitoring – number 15 – advisory document of the working group on good laboratory practice establishment and control of archives that operate in compliance with the principles of GLP, Paris. https://one.oecd.org/document/ENV/JM/MONO(2007)10/en/pdf. Accessed 1 Sept 2025
Organisation for Economic Co-operation and Development (2023) OECD series on principles of good laboratory practice and compliance monitoring – advisory document on GLP & cloud computing supplement 1 to document number 17 on application of GLP principles to computerised systems, Paris. https://one.oecd.org/document/ENV/CBC/MONO(2023)27/en/pdf. Accessed 1 Sept 2025
Organisation for Economic Co-operation and Development (2021) OECD series on principles of good laboratory practice and compliance monitoring – number 22 – advisory document of the working party on good laboratory practice on GLP data integrity, Paris. https://one.oecd.org/document/env/cbc/mono(2021)26/en/pdf. Accessed 1 Sept 2025
European Union Directive 2004/9/EC of the European parliament and of the council of 11 February 2004 on the inspection and verification of good laboratory practice (GLP) Off J Eur Union 2004 50 28 34
European Union Directive 2004/10/EC of the European parliament and of the council of 11 February 2004 on the harmonisation of laws, regulations and administrative provisions relating to the application of the principles of Good Laboratory Practice and the verification of their applications for tests on chemical substances Off J Eur Union 2004 50 44 59
European Union Commission Directive (EU) 2017/1572 of 15 September 2017 supplementing Directive 2001/83/EC of the European parliament and of the council as regards the principles and guidelines of good manufacturing practice for medicinal products for human use Off J Eur Union 2017 238 44 50
European Union Commission delegated regulation (EU) 2017/1569 of 2 June 2017 amending delegated regulation (EU) 2016/161 as regards the identification of unique identifiers and the security features on the packaging of medicinal products for human use Off J Eur Union 2017 238 12 22
ISO/IEC. ISO/IEC 17025:2017 – general requirements for the competence of testing and calibration laboratories. Geneva. https://www.iso.org/standard/66912.html
ISO 15189:2022 - medical laboratories — requirements for quality and competence. Geneva. https://www.iso.org/fr/standard/76677.html
ISO/IEC 27001:2022 – information security, cybersecurity and privacy protection – information security management systems – requirements. Geneva. https://www.iso.org/standard/27001
Ladu L Koch C Asna Ashari P Blind K Castka P Technology adoption and digital maturity in the conformity assessment industry: empirical evidence from an international study Technol Soc 2024 10.1016/j.techsoc.2024.102564
European Commission. Annual report on european SMEs 2020/2021: Background document [Internet]. European Commission; 2021. Available from: https://ec.europa.eu/docsroom/documents/46062. Accessed 1 Sept 2025
Organisation for Economic Co-operation and Development (2019) SMEs going digital: Policy challenges and recommendations, Paris. https://www.oecd.org/publications/smes-going-digital-policy-challenges-and-recommendations-9789264312422-en.htm. Accessed 1 Sept 2025
Berger H (2014) Laboratory information management systems – challenges of implementation. In: Uden, L., Fuenzaliza Oshee, D., Ting, IH., Liberona, D. (eds) Knowledge management in organizations. Springer, Berlin. https://doi.org/10.1007/978-3-319-08618-7_27
Casey E Souvignet TR Digital transformation risk management in forensic science laboratories Forensic Sci Int 2020 10.1016/j.forsciint.2020.110486 32919163
Tully G Cohen N Compton D Davies G Isbell R Watson T Quality standards for digital forensics: Learning from experience in England and Wales Forensic Sci Int Digit Investig 2020 10.1016/j.fsidi.2020.200905
Tziakou E Fragkaki AG Platis AΝ Identifying risk management challenges in laboratories Accred Qual Assur 2023 10.1007/s00769-023-01540-3
Swiss Working Group on Information Technology in a GLP Environment (2018) Change management and risk assessment of validated computerised systems in a GLP environment, Geneva. https://www.anmeldestelle.admin.ch/chem/en/home/themen/gute-laborpraxis/agit.html. Accessed 1 Sept 2025
Swiss Working Group on Information Technology in a GLP Environment (2018) Guidelines for collaboration with external it service providers supporting a GLP environment, Geneva. https://www.anmeldestelle.admin.ch/chem/en/home/themen/gute-laborpraxis/agit.html. Accessed 1 Sept 2025
Swiss Working Group on Information Technology in a GLP Environment (2018) Guidelines for the acquisition and processing of electronic raw data in a GLP environment [Internet], Geneva. https://www.anmeldestelle.admin.ch/chem/en/home/themen/gute-laborpraxis/agit.html. Accessed 1 Sept 2025
Swiss Working Group on Information Technology in a GLP Environment (2018) Guidelines for the development and validation of spreadsheets, Geneva. https://www.anmeldestelle.admin.ch/chem/en/home/themen/gute-laborpraxis/agit.html. Accessed 1 Sept 2025
Swiss Working Group on Information Technology in a GLP Environment (2018) Validation of computerized systems V3, Geneva. https://www.anmeldestelle.admin.ch/chem/en/home/themen/gute-laborpraxis/agit.html. Accessed 1 Sept 2025
Swiss Working Group on Information Technology in a GLP Environment (2018) Guidelines for the archiving of electronic raw data in a GLP environment, Geneva. https://www.anmeldestelle.admin.ch/chem/en/home/themen/gute-laborpraxis/agit.html. Accessed 1 Sept 2025
Swiss Working Group on Information Technology in a GLP Environment (2018) Guidelines for the management of electronic standard operating procedures (SOPs) in a GLP environment, Geneva. https://www.anmeldestelle.admin.ch/chem/en/home/themen/gute-laborpraxis/agit.html. Accessed 1 Sept 2025
World Health Organization (2016) 50th report of the WHO Expert Committee on Specifications for Pharmaceutical Preparations - TRS, No. 996, Geneva. https://www.who.int/publications/i/item/WHO_TRS_996. Accessed 1 Sept 2025
United States Pharmacopeial Convention (2017) USP <1058> Analytical Instrument Qualification, North Bethesda. https://doi.org/10.31003/USPNF_M1124_01_01. Accessed 1 Sept 2025
International Society for Pharmaceutical Engineering (2022) GAMP 5 second edition – a risk-based approach to compliant GxP computerized systems, North Bethesda. https://ispe.org/publications/guidance-documents/gamp-5-guide-2nd-edition. Accessed 1 Sept 2025
United States Food and Drug Administration (2018) Data integrity and compliance with drug CGMP: Questions and answers, guidance for industry, Silver Spring. https://www.fda.gov/regulatory-information/search-fda-guidance-documents/data-integrity-and-compliance-drug-cgmp-questions-and-answers. Accessed 1 Sept 2025
United States Food and Drug Administration (2022) Computer software assurance for production and quality system software – draft guidance for industry and food and drug administration staff, Silver Spring. https://www.fda.gov/regulatory-information/search-fda-guidance-documents/computer-software-assurance-production-and-quality-system-software. Accessed 1 Sept 2025
United States Food and Drug Administration (2023) Electronic systems, electronic records, and electronic signatures in clinical investigations – questions and answers – guidance for industry (draft), Silver Spring. https://www.fda.gov/regulatory-information/search-fda-guidance-documents/computerized-systems-used-clinical-investigations. Accessed 1 Sept 2025
European Medicines Agency (2023) Guideline on computerised systems and electronic data in clinical trials, Brussels. https://www.ema.europa.eu/en/guideline-computerised-systems-electronic-data-clinical-trials. Accessed 1 Sept 2025
European Directorate for the Quality of Medicines & HealthCare (2018). General european OMCL network (GEON) – quality management document PA/PH/OMCL (08) 69 R7 – validation of computerised systems – core document, Brussels. https://www.edqm.eu/documents/52006/128968/guidelines-omcl-computerised-systems-core-document-march2018.pdf/d219100d-db90-2907-4a7a-3966a93e32b4?t=1628491794338. Accessed 1 Sept 2025
Tsimillis KC Data integrity: Requirements set in the accreditation standards Accred Qual Assur 2019 10.1007/s00769-018-1366-0
Murn L (2021) Data safety and cybersecurity. In: Zupancic K, T. Pavlek T and Erjavec J (eds) Digital Transformation of the Laboratory. Wiley, New York. https://doi.org/10.1002/9783527825042.ch4
Russell K (2021) FAIR principles and why they matter. In: Zupancic K, T. Pavlek T and Erjavec J (eds) Digital Transformation of the Laboratory. Wiley, New York. https://doi.org/10.1002/9783527825042.ch5
Erjavec J Hren M Kranjc T Zupancic K Pavlek T T Erjavec J How to approach the digital transformation Digital Transformation of the Laboratory 2021 New York Wiley 10.1002/9783527825042.ch7
Kanza S Zupancic K Pavlek TT Erjavec J Guidelines for Chemistry Labs Looking to Go Digital Digital Transformation of the Laboratory 2021 New York Wiley 10.1002/9783527825042.ch13
EUROLAB (2006) Guidance for the management of computers and software in laboratories with reference to ISO/IEC 17025:2005. Brussels. https://www.eurolab.org/pubs-techreports. Accessed 1 Sept 2025
EUROLAB (2024) Guidelines for the management of digitalised systems in laboratories accredited to ISO/IEC 17025, Brussels. https://drive.google.com/file/d/16NREOW_hyXAdX2qvltppjL_ZTFNglkMX/view. Accessed 1 Sept 2025
ISO/IEC 27001:2022 – information security, cybersecurity and privacy protection – information security controls, Geneva. https://www.iso.org/standard/75652.html