LIMS Risk Assessment

Could any one guide me on what could be the risks that can be faced when implementing a LIMS software that needs to cater to the GLP requirements.
Only functional risks are required in general.


Hi phani.

In my opinion LIMS are one of the most “risky” software to have around, mainly because it is directly used to pose a diagnostic on patients, and can potentially have high risk on safety of patients. Having used and validated a LIMS a few years ago, and now working on a conformity project for a LIMS developer, here are the major points I would consider for risks related to the use of such a system:

  1. LIMS communications between other systems and/or laboratory instruments. If the communications are not proper, you might end up with wrong data in your LIMS database, which could potentially result in patient injury.

    • What operates the communications? HL7 files?
    • What type of instrument interface are you using? In-house? Part of LIMS? Is the interface validated?
    • Is the other system you are communicating with validated?
    • Outline and make a diagram of the communication process, then go from there.
  2. Reference values / flagging of out-of-range values. Most LIMS will flag out-of-range values, in which case a malfunction could lead to false diagnosis. Although I usually mitigate this one by saying that the professional has to verify against the ranges (we always publish ranges with results) even though there is a flag.

  3. Any calculations. A lot of test results presented to the users/professionals are actually calculated from other results, often with pre-determined values or charts, etc… Calculations are usually set up by the users or configured by the vendor for each test. This is a big one…does the calculation work? What happens if it doesn’t calculate properly?

Those are the three of the more important points to consider when dealing with LIMS risk assessment, in my opinion. Of course there are much more, and it depends on what product you want to assess. Then there are the “regulatory” risks (i.e.: e-signatures, audit trails, etc…) which I did not mention here, since you asked about “functional risks”.

A few other important things to consider are the environment, as the lab environment definitely has an effect on LIMS risk, i.e.:

  • The lab instruments themselves (usually validated by manufacturer),
  • Any workstations used in instrument communications (often the lab instruments are connected to a workstation, then server (not to the server directly),
  • Instrument reagents (using the wrong or expired reagents in an instrument could lead to false results),
  • Etc…

Hope this helps!