Developing GxP-validated applications that comply with strict regulatory requirements has been a significant challenge in the past, particularly due to the lack of tooling around good software development practices. This is no longer the case, over the years, many tools have been developed to help R programmers follow good software development practices and write high-quality code.

Struggling with GxP compliance in the pharmaceutical industry? Learn the steps to make the process easier and more efficient.

In this article, I'll walk you through our approach at Appsilon, sharing insights and recommendations from our years of experience building production-grade GxP-validated Shiny apps.

Building a Shiny App

Shiny is an R package for developers to create interactive web applications using R. It's both a framework for building apps and a tool for enabling interactive data analysis through those apps.

Shiny apps are made up of:

• Data: The foundation of any Shiny app is the data it processes and displays. This could range from static datasets to live-streamed data inputs.
• Code: The app's logic and functionality are written in R using Shiny's framework. This includes everything from data transformations to rendering visual outputs like graphs and tables.

When a Shiny app is executed, the data and code produce interactive results for users. We utilize our R package, Rhino, to make shiny apps - it is a framework that supports creating and extending enterprise Shiny applications using best practices.

Curious about GSEP for FDA submissions? Discover the 7 key categories to ensure compliance and streamline your process.

Watch the Video

The Importance of Standards in Shiny Apps

Adopting standards in Shiny app development improves efficiency and ensures compliance.

Frameworks like Rhino enforce these standards and make it easier for teams to collaborate and maintain validated applications. Additionally, when these standards are applied, they reduce variability in the app development and simplify code reviews and regulatory submissions.

Adopting standards is not only about meeting compliance requirements for audits and submissions, it also reduces review time by enhancing collaboration and streamlines development workflows.

Wondering how GxP validation ties into the Definition of Done? Learn how to integrate compliance into every step.

Understanding Validation for Shiny Applications

What Does Validation Mean?
Validation in the context of Shiny apps refers to two complementary aspects that work together to provide an ironclad guarantee that any data transformations done in the app are transparent and traceable:

1. Software Validation: Ensuring the app functions as intended, producing consistent and reproducible results.
2. Good Software Engineering Practices (GSEP): Adhering to the GxP and regulatory standards to ensure traceability, maintainability, and compliance with regulatory standards.

In this article, we're discussing the GSEP GxP validation that ensures that an application produces consistent and reproducible results.

The process of validation can be required at every stage in which the data has been transformed: from the CDASH, SDTM, AdaM, the R-packages that manipulated the data, the Shiny logic that manipulated the data, and finally, the user who changed the data to view in their final UI.

The GSEP GxP validation process can be divided into two stages:

1. R Package Validation: Packages used in Shiny apps must be validated within specific system configurations to avoid unpredictable behaviors across environments. They are validated on a specific system specification because the behavior of the same packages may be non-deterministic across different systems. Validation involves checking for best practices for R package development, minimized package scope, validating as a cohort in a controllable environment, checking for source code traceability, stored metadata, test results, and then a report is generated as proof of success in this particular environment.
2. The application software validation focuses on validating the business logic, UI functionality, and reproducibility in a controlled environment.

Best Practices for Shiny App Validation

The following best practices for validating Shiny apps borrow extensively from methodologies used to validate R packages.

Dependency Management and Version Control

Dependency management is one of the most important steps when it comes to validation. Since changes in underlying R packages can alter results, use a package like renv to snapshot dependencies. By snapshotting dependencies, you will ensure reproducibility and mitigate risks associated with package updates.

Version control systems (VCS), particularly Git, are another critical tool. Use the Conventional Commits format when documenting code changes. This will improve traceability, simplify long-term maintenance, and add the opportunity to utilize tools for automated documentation. 

Testing and Risk-Based Approaches

Testing is integral to GxP validation. Unit tests and integration tests will ensure both individual components and the overall app function correctly. It is useful to apply a risk-based and identify:

• Low-risk components: Lightweight packages with no data manipulation responsibilities, such as those for UI aesthetics, require minimal validation.
• High-risk components: Packages or app functionalities that manipulate data or perform statistical analysis require thorough testing and validation.

This risk-based approach allows you to focus your efforts where they’re most needed.

Configuration and Access Management

Managing configuration and access is an essential part of app validation. Tools such as the config package help streamline the management of environment variables and secrets by keeping configuration settings separate from the codebase.

Need help with R package validation in pharma? Follow our guide to ensure compliance and build with confidence. 

Rhino for Creating GxP-Validated Shiny Apps

We developed and use Rhino, a tool that enforces best practices and provides a solid foundation for Shiny app development.

By incorporating community best practices, Rhino reduces the complexity of building and maintaining validated apps.

Key Features of Rhino

• File Structure: Rhino makes testing and debugging more straightforward as it has a clear separation between business logic and the application code.
• Focus on Standards: Rhino prioritizes the use of community standards. It ensures consistency and makes it easier to collaborate, review, and maintain validated applications.
• Integrated Development Tools: With tools for dependency management and GitHub workflows for automated linting and testing, Rhino simplifies compliance workflows.
• Testing Infrastructure: Rhino supports standardized testing, enabling developers to achieve comprehensive test coverage efficiently.

Want to boost GxP compliance with automated testing? Discover how good testing practices can make all the difference.

Summary

Incorporating GxP validation into your Shiny app will simplify processes, establish a shared framework, improve collaboration, and enhance development workflows.

A tool like Rhino, purpose-built for creating production-grade Shiny apps that follow good software development practices, which in turn make it easier for users to build GxP-validated applications.

I recommend any team working in regulated industries explore frameworks like Rhino and adopt the best practices I’ve outlined. With the right tools and methodologies, creating compliant, production-grade Shiny apps becomes both achievable and efficient.

Talk to us today about how we can work together to create Shiny apps that utilize best practices and streamline your GxP and app validation.

Does your team have a clear Definition of Done? Explore our GxP validation checklist tailored for pharma teams.