In a research lab, a liquid class that works is enough. In a regulated one, a class that works but cannot be documented, traced, and defended is a liability. Compliance frameworks such as GxP and the electronic-records rules in 21 CFR Part 11 do not change the physics of pipetting, but they change what you must be able to prove about it. The good news is that most of what they ask for is good practice anyway.
What regulators actually want
Underneath the acronyms, the requirements are practical and consistent.
- An audit trail: a durable, tamper-evident record of who changed what, when, and ideally why, for every method and every liquid class.
- Attributable actions: changes tied to identified users, often through electronic signatures, so a record is not anonymous.
- Change control: a defined path for altering a validated class, rather than a quiet edit in place.
- Version integrity: the ability to say exactly which version of a class produced a given result, and to retrieve it.
Why liquid classes sit at the center
A class is a controlled input to a regulated process. If someone adjusts a flow rate to fix one protocol, every result produced afterward depends on that change, and an auditor will ask when it happened and who approved it. Without a trail, you cannot answer, and an unanswerable question about a controlled input is a finding.
Build it in, do not bolt it on
Compliance is far cheaper as a property of how you work than as a scramble before an audit. If every change to a class is already versioned, attributed, and reversible as part of normal use, the audit trail exists because the system produced it, not because someone reconstructed it. Trying to assemble that history after the fact is where labs lose weeks.