The Art of Securing Customer Data Over Its Entire Lifecycle

The difference between data integrity and security is clear. As far as information technology is concerned, you can’t have one without the other, as the integrity of data relies in large part on it being kept secure throughout its entire lifecycle.

There are of course other factors that dictate the degree to which the integrity of data is maintained. The accessibility and traceability of data play a role, but at the end of the day, its trustworthiness and reliability is front and center, especially when the data belongs to consumers of a SaaS application. In such a context, security errors and malware/ cyber attacks must be addressed as constant, potential threats and doing so effectively is just as much an art as a science.

For starters, you must consider the individual phases in the data lifecycle, as each represents a point at which the data is vulnerable. Each stage also presents firms with unique challenges. The exact number varies, but most agree it has several critical components that can be grouped as follows:

  • Collection/ Processing
  • Analysis/ Usage
  • Archival/ Purge

The Collection and Processing of Data

These can be considered two separate stages, but for the purposes of this simple blog post, we’re grouping them together. After all, data must first be collected and processed before it can be used.

Hypothetically, in this post-GDPR (General Data Protection Regulation) world, it’s generally considered to be a good business practice to protect data collected from consumers and be completely forthcoming with regard to how it will be used. Ethics aside, it makes you look good in the eyes of consumers. At the very least, you’d be keeping pace with competitors by being transparent. Why risk lagging behind by being secretive about it when there’s so much more to gain by getting consent and keeping your consumers’ data as secure as possible?

In any case, at this stage, you would limit your vulnerability from a legal standpoint by being selective about the data you collect. There’s no need to ask the consumer for their life story when only certain bits are relevant. Getting more than you need might enable the data to be repurposed, but in such an instance additional consent may be required anyway.

When it comes to processing the data, the National Institute of Standards and Technology (NIST) has you covered. It established NIST SP 800-53 as a standard, whereby compliance is dependent on, among other things, limited data access only to parties that need to use it. Lax access policies only detract from the point of implementing them in the first place… and attract attackers.

The Analysis and Usage of Data

There’s also the potential for harm if data leaves the organization by way of it being shared or published. Even an invoice sent to the customer can fit the bill (no pun intended), here.

An in-house comprehensive data management policy should be enacted to ensure universality of any agreed-upon practices/ processes. From an IT perspective though, cryptographic key management for the cloud is one option that can protect data as it moves throughout the network. Ironically, with regard to data sharing, there’s still a shared responsibility model at play here.

It’s justifiably the usage stage that worries consumers the most, as they go about submitting their data. It’s a reasonable expectation that it will be used responsibly, but it’s also the consumer’s responsibility to ensure they read any applicable terms and conditions as well as to appropriately set privacy settings. Assuming they do, the firms receiving the data have no choice but to respect their wishes… and do their best to keep their cloud infrastructure as secure as possible.

The Archival or Purge of Data

It might not be something every company considers at first, but after the data is used there is still a need to manage it. Whether the decision is made to retain the data or destroy it, there are still steps that need to be taken to keep it secure.

Archiving, which effectively translates to the removal of data from the active environment into storage, is always attractive to firms. It’s an inexpensive, low-maintenance option for companies who may want to preserve the ability to analyze it. The data still has to be secured and, the more data a company chooses to hold onto, the more data that company has to protect. Even if archiving data is becoming more and more cost-effective, space is still a finite resource.

Hence, the alternative, to destroy it. In fact, depending on the industry in question, there might be a requirement to destroy it, like in finance and healthcare. Nevertheless, it’s a bit of a gray area. Not only are there different disposal methods, but different extents to which the data can be destroyed. For example, a user deleting his account could just mean they would be denied access from that point onward. The company could still keep the account active in case the user changes their mind.

In any case, the way data is classified dictates how it will be deleted. Files can be time-stamped, facilitating the purging process, if there are regulatory timelines and guidelines to follow. Meanwhile, metadata helps to identify obsolete data, which may not be so easy to delete. The redundancies and back-ups that may have once been a godsend in case of mishap have to be addressed too, so as to prevent data from becoming zombified, which would also put your security at risk.

Once security goes out the window, so does your brand equity and then the very customers whose data you once collected. Needless to say, with such a thing as zombie data in play, the data lifecycle takes on a whole new meaning, one whose every single intricacy companies would do well to understand and then master, for the sake of their customers and themselves.

Cartoon computer work on the digital inspection fast and efficient comparing to manual work

Regardless of the industry, all companies have the same goal in mind: provide high-quality products to keep customers loyal and attract new ones. To accomplish this, each product must go through a strict proofreading process to ensure the accuracy of all labeling and packaging. This can be time-consuming. As a result, some early adopters have switched to proofreading software due to time constraints. In fact, sticking with human proofreaders has proven to be the potentially costly mistake… one that may even lead to expensive recalls.

Too Many Errors

Although they do their best, human proofreaders are not able to catch all errors that can be found on a label. In a North Carolina State University article about errors in food manufacturing, 25% to 50% of recalls were due to human error. There are many reasons why these errors were missed; For one, a proofreader could have been tired or simply unfocused.

With new technologies continuously introduced into every aspect of our lives, people can be distracted by an email alert or text message. When an error is detected in packaging, companies must issue a recall on their product, costing them thousands of dollars and leaving them with a ton of unsellable inventory. Fortunately, there are measures to ensure each packaging component is error-free. These measures can be combined into a single solution: an automated proofreading platform.

Check Every Word

Human brains are trained to skip words. So, no matter how fluent they are in a language, they can overlook one that’s misspelled. Most people use spell-checking software such as the spellcheck feature in Microsoft Word or maybe even an online solution like Grammarly. These tools help catch those mistakes, but they do have flaws. For example, some English words are spelled differently, such as “color” and “colour.” One solution would be proofreading software that automatically detects errors in a loaded file.

Every Shade of Color Matters

Despite evidence to the contrary, some may argue human proofreaders do catch misspelled words. Nevertheless, color differences are a different animal. It’s important that the labels of packaging have a consistent color pattern. This helps promote brand awareness and identity. If the color has faded or the hue is slightly different, the product will come off as rushed. Color-detection software is one way to identify any issues before the file gets sent to the printing press.

A+ Barcode Grading

Every company wants to send out Grade “A” barcodes and nothing less, as recalls can be issued if they will not scan. And, yet, despite the very real need, human proofreaders are unable to tell if a barcode will scan properly when it reaches the customer. Leveraging technology is the only option here, and it makes sense to opt for the best solution possible. Having a process in place to digitally check barcodes saves you time and money. This is especially true when it comes to consumer goods.

Checking Labels Even After Printing

There is still a chance some errors or color differences will slip through the cracks even after the job is done and the labels are printed. The best way to review your printed files is by reverifying them, using proofreading software. This way the user can find any differences and decide to reprint if necessary.
It’s important to make sure that, even when the final label is produced, it remains error-free. It would be infinitely preferable to find errors in labels immediately after they’ve been printed instead of having a customer find them while in line at a store.

Making sure your products are high-quality extends to the packaging. Errors are not only costly but embarrassing. People are far from infallible, and companies who rely on human proofreaders risk having their products recalled and losing customers. Making the switch to automated proofreading, like with GlobalVision, can save you time and money by sparing your firm from having to issue recalls. Businesses should consider spending a little more money now on solutions that help maintain their reputation and brand integrity. It’s not about short-term gains, but rather the long game, in which everyone is a winner.

Man working on compliance with a laptop

In spite of the term Software Development Lifecycle (SDLC), there aren’t concrete steps to follow when coding. Each case is somewhat different, even if there is one universal truth: Certain standards apply across the board. Data integrity is one such standard.

The Ultimate SDLC Goal

It may not be the ultimate goal, as that would be releasing a functional piece of software. However, as a key consideration of any successful SDLC, data integrity is a requirement that must not be ignored. That goes for GlobalVision proofreading software, which follows an SDLC approach, too.

The term “data” is relatively straightforward: information collected and potentially used by the application. “Integrity” is, of course, the end result achieved through the process of keeping that data uncorrupted and unchanged. It goes hand in hand with the concept of data security, which is sought after through the act of taking the necessary measures to protect it.

For example, individual lifecycles have proper security precautions built into and controls added at each step. One precaution would be the act of defining early on the sensitivity of the data a given system will require. As James E. Purcell writes in his paper, “Defining and Understanding Security in the Software Development Life Cycle”, this enables the security needs of the firm to be considered come the time for decisions to be made later on in the process. Failure to do so leads to potentially unforeseen consequences and add-ons and patches after the fact. Almost by definition, those should be last resorts.

The Software Development Process

Taking the development process one meticulous step at a time is a way to avoid them. As alluded to earlier, there are a variety that can be followed, but, generally speaking, as a list, it looks like the one below:

Analyze and Plan, which should include preliminary risk assessment. Relevant regulations that will come into play should be looked at and a plan of action as to how to address them should be devised. This should be reflected in the resulting software-requirement-specification document that comes out of these two phases.

Design, where whatever needs to be in the software gets included in the design-specification document. Depending on the system being designed and compliance considerations, it may end up including failsafes with regard to the database, so it is easily backed up and restored. Furthermore, as a security precaution to protect against data being stolen or corrupted, encryption, if applicable, is identified as a necessity at this stage.

Build the Software, presumably using secure code to eliminate any potential vulnerabilities that may surface.

Test, with regard to all aspects of the software in a thorough, structured fashion. Testing is as universal as it gets and becomes a focal point of a product’s development regardless of the industry. When it comes to software though, aspects like code quality and security testing are just two of many that should be considered here, ideally by a dedicated quality-assurance team.

Unit testing, where the smallest testable parts of an application are verified for bugs and vulnerabilities independently, is also a popular pre-emptive strike against breaches but can be automated. Meanwhile, black-box testing, which places the application under the microscope of a tester who does not look at its internal workings (as if it were in a black box), seeks to test a variety of things, including external database access and the software for data-structure errors.

Deploy or Release, finally. That’s assuming all tests have passed and any security shortcomings that had been documented during the testing phase have been resolved. As part of the final quality checks of the software, further security testing may actually be done.

Maintain and Evaluate, which translates to updating the software via security upgrades and improvements whenever necessary. It turns out, sometimes there are good reasons behind those Apple IPhone updates.

Dispose, as, even in obsolescence, software must be handled with discretion. If software is in the midst of being replaced, caution must be exercised to ensure any sensitive data is archived securely or disposed of in its entirety.

After all, any SDLC seeks to create software that is useful to the organization. Logically, software that can be superseded by a newer version has outlived that usefulness. By the same token, an application without the appropriate level of security is relatively useless, to begin with.

The Importance of Data Integrity

As a result data integrity becomes increasingly paramount, depending on the industry in which the software will be used. Expensive changes may be called for at a later date by auditors, but that’s only if the organization in question is relatively lucky.

In a worst-case scenario, hackers could find a way in, compromising not just the integrity of the data but the brand equity of the company too. That could cut any software development cycle drastically short. It doesn’t have to be that way, as the above steps show.

Capitalized letter, checklist, chart and calculator

It’s easier to think of an audit trail as a collection of breadcrumbs leading out of the woods.

The Bright Side of Being Audited

Admittedly, the word “audit” gets a bad reputation. It’s usually associated with the unpleasant process of the same name that can be initiated by the U.S. Internal Revenue Service. In actuality, audits are an unavoidable part of life for many corporations in the sense that they can take place not once but multiple times of year. With an audit trail, they don’t have to be nearly as grueling as people have come to expect, though.

For the uninitiated, trails are the lists of transactions or events kept track of to help auditors and, in many ways, those being audited too. Of course, at its most fundamental level, a company’s audit trail does contain financial transactions. However, they can be chronological catalogs of so many more types of events. An audit is simply an investigation of accounts and records in general. They aren’t limited to those of the financial variety.

For example, audits can be key to achieving and maintaining regulatory compliance, which is in turn critical to operating in sectors like pharma. For a company that develops software intended to meet ISO compliance, perhaps for use within that same pharmaceutical industry, regular internal and external audits are to be expected.

External vs. Internal Audits

External audits can either be initiated by the relevant regulatory body (for certification purposes) or even a client that relies on the given software. Take a digital proofreading application for example.

Continuing within pharma, each piece of equipment that enters into a drug’s chain of custody has to be “validated” as meeting pre-determined specifications and attributes. Obviously, software qualifies as equipment in that context. It makes sense that a firm with as much at stake from a quality perspective as a pharmaceutical company would want to get assurances that a piece of equipment on which they rely comes as advertised as being compliant. It’s theoretically similar to how consumers depend on medication and accurate information on its packaging.

In contrast, an internal audit serves as an evaluation of the company’s effectiveness, from risk-management, governance, and process standpoints. As data integrity arguably touches on all three areas, its importance in a corporate environment cannot be understated. In fact, audits specifically aimed at examining data integrity are a real thing.

Benefiting from an Audit Trail

Regardless of the focus of an audit, trails are undeniably critical to their success. And success is what all parties should strive for, whether they’re doing the auditing or being audited. No one wins however unnecessarily hard one becomes to complete.

That’s one of the misconceptions regarding audit trails that is generally associated with the earlier IRS example. Obviously an audit isn’t exactly something to look forward to, but it can be made less of a headache if all required records have been kept and are easily accessible for the auditors. Automated trails that are easily searchable make smooth audits more of a reality.

Trails are theoretically included in software as one of many required technical controls that enable users to achieve compliance with 21 CFR Part 11 with the Food and Drug Administration (in the United States; equivalent to Annex 11 in the European Union). Compliance here ensures companies implement good business practices through reliable electronic records, which must be able to be accurately displayed and exported. Here, the audit trail serves to log what changes to application data were made, when, and by whom and be available for review.

Whoever ends up conducting that review, whether it’s an agency or the company itself, the auditor will no doubt thank you as the bigger picture begins to take shape. Identifying the individual trees is key to seeing the forest as a whole, though. Finding your way through can be hard, but an audit trail can clearly reveal the right path to take.

Misconceptions of Packaging Quality Control

For most people, the commercial printer is no different than the office photocopier. You press print to make 100 copies, and out comes 100 perfect, identical copies. The expectation is no different when printing 500,000 Aspirin labels, cookie cartons, or potato chip bags, but is this true? Are commercial printers like photocopiers?

Let’s turn our attention away from the printer and look at the question of liability.

What if the printed components are shipped to the production plant and everything is packaged, filled, and distributed to all the warehouses across the country?

“How did the text copy I wrote change in the printer’s proof?”

A few days later, the brand company calls the printer very upset that the barcode is missing on all the cartons!

Even if the brand company settles with the printer without paying for the printing, that represents only about 5% of the total distributed cost of the product sitting on the store shelf. The loss is huge.

The loss includes the cost of the contents, the production cost, the cost of distribution, the cost of collecting and destroying the defective product, and eventually the cost to rerun the production again.

If the QC department at the printer or the brand company or the production company would have checked the printing, everyone could have saved a lot of money, time, and environmental impact.

Now let’s get the lawyers involved so we can blame someone and recoup the losses. Whose fault is it? Who is in the wrong?

The print job that the brand company thought was as easy as printing on a photocopier has become a huge liability.

So you pay for lawyers and may save the cost of the print job, but you’re still at risk for the loss to your supply chain and customers. What if the consumer gets injured or dies because of the printing error? It won’t be the printer who is liable.

So, next time you think there is no need to QC the print job, remember who carries all the risk.

Here is a list of the most common print errors:

  1. The right label on the wrong package
  2. The barcode is missing/wrong
  3. The colors are wrong
  4. One of the ink colors is faded
  5. An older version is printed
  6. The position of print is off
  7. Blurry text
  8. Spelling mistakes
  9. Missing logo
  10. Smears, ink splatter, smudges
  11. Cut-off section
  12. Folded wrong

Put simply, proofreading protects the brand company against errors like these by helping to verify shipments from the printer. The above cautionary tale is an example of what can go wrong when both parties fail to do their due diligence.

It is undeniably a misconception, considering printers as being one step removed from photocopiers. Truth be told, it’s much more complicated than that, and, yet, expectations of pristine packaging on the part of the end user remain a very real thing.

Numerous touchpoints along the workflow are necessary to get the job done, but also increase the risk of conversion errors, while manual proofreading can only catch so many mistakes before fatigue and human error sets in. Digital proofreading software is one logical solution that maximizes cost-effectiveness as it pertains to quality control, resulting in a less-strained relationship between printers, brand companies, and of course their customers.

Cut Costs Not Quality: Proofreading Software Makes it Possible

Labeling errors can cause massive losses in almost any industry. There is an alternative option, though: Avoiding them through automation.

Human proofreaders may still be the go-to for creative and informative long-form content where style, consistent narrative, and grammar are key. When it comes to labels for packaging, there are better options.

Studies and good sense tell us a human being who is tasked with visually scanning similar items for hours on end is guaranteed to make errors. The only ways to decrease the number is to use software and limit the workload of each individual proofreader or to limit the workload of each individual proofreader by multiplying the size of the workforce. Only one of these options makes long-term financial sense.

Learn from Pharma’s Mistakes: Automate Quality Control

Bottles with wrong labels

In 2012, a pharmaceutical company voluntarily recalled a huge deployment of cough syrup because of labeling errors. The Food and Drug Administration identified the product as being mislabeled with incorrect indications as to the amount of the active ingredient being used.

A mistake of this magnitude is serious. The losses are believed to be in the millions, but they would certainly have been even greater had there been any injuries.

There are (a lot of) other cases.

In 2013, Vita Health was forced to recall a whole range of products for labeling inconsistencies. A separate recall of potassium chloride injections took place in 2014. A labeling error there led to the injections potentially having been packaged with shipments of others containing gentamicin sulfate.

The consequences could have been much worse, with each of these firms escaping potential injury and wrongful-death lawsuits by taking action in time. Such a development would have constituted a bigger blow not just to their profit margin, but lasting reputation as well. Taking action even earlier could have spared them from any financial inconvenience altogether, though.

No Risk of Massive Recalls with Proofreading Software

Every company that manufactures and packages large amounts of products and does not automate the proofreading process is needlessly exposing themselves to the possibility of a profit-crushing recall.

Quality Control Software Doing Packages Comparison

Automated proofreading software scans your labels with a very low to non-existent risk of errors. In fact, more than 95% of cases in which packaging software failed to correctly scan a packing label occurred due to the label being improperly presented to the reader mechanism. That means that either human error or a fault in a conveyor or other device was the culprit instead.

These automated packaging systems recognize and extract data from the image on your labels. This data is then compared directly to the original document. If there is any variance relative to the pre-set expected label, the system will alert the employee(s).

The fix may include reprinting or relabeling, but it’s infinitely better to be forced to do it early than when it’s too late. And, in most cases, this simple remedy reduces errors to within a fraction of a percent to zero. Technology like this is a critical component of modern food and drug packaging and will most likely become similar for every major manufacturing and packaging operation by the end of the decade.

Even in the best-case scenario, the alternative means overworked and underpaid proofreaders who labor under the constant fear of making mistakes. Or it means running a group of professional proofreaders who are not overworked but cannot produce a product commensurate with the expense. For any moderate to large-scale operation, this should be unacceptable.

Using software on the other hand alleviates huge amounts of overhead and removes the risk of a disastrous recall. For any operation, this should be cold, hard logic.

Why Error-Free Packaging, Labeling Is a Must

Pristine, error-free packaging and labeling undeniably looks good, but it’s more than that. It’s a necessity… regardless of the industry in question. It of course conveys brand strength, but, more importantly, it’s about respecting regulations that were put in place for a reason.

Mislabeling Misadventures

The strength of those regulations (and the severity of the penalties for breaking them) depends on the country. For example, in the United States, the Fair Packaging and Labeling Act with the Uniform Packaging and Labeling Regulation (UPLR; and National Institute of Standards and Technology Handbook 130) require consumer commodities to clearly disclose packaging’s contents and manufacturer info. The goal is for customers to be able to make informed purchasing decisions through the comparison of accurate price and quantity information on packaging.

Additional regulations meanwhile outlaw deceptive packaging and labeling. At both the federal and state levels, false advertising and labeling laws exist, with offenders risking additional liability to any victims. Victims can include consumers who are harmed by the product or businesses further down the supply chain who unwittingly purchased the product. If, on the other hand, a party down the supply chain discovers the fraud but fails to take action, they could be responsible too.

The aforementioned laws are admittedly not all-encompassing. State laws can differ and the FPLA sometimes delegates regulatory and enforcement responsibilities to the agencies who oversee individual industries instead. For example, the Food and Drug Administration regulates packaging and labeling in the food & beverage, cosmetics, medical devices, and pharmaceuticals sectors.

Food and Drugs as a Case Study

Taking the food & beverage sector as an example, put simply, the packaging must contain what the label says it does. If the FDA has reason to believe packaging is inaccurate, that it falsely claims the product inside is 100% fruit juice for example, imports can be detained without physical examination. The product effectively gets prevented from being distributed (and sold).

When a manufacturer is the guilty party, the FDA may issue a warning. In the event the manufacturer does not comply and correct the issue, the FDA takes additional legal action to ensure the product gets removed from market, without it being permitted to return until the issue has been corrected. Criminal fines and even prosecution may result depending on the infraction.

Fines up to $500,000 for misdemeanors that result in death can be doled out. A misdemeanor, which would not require proven intent, can also result in up to one year in prison. A felony, which implies intent or a subsequent violation after the first, can lead to a maximum of three years instead.

In the case of the pharmaceutical industry, which is also under the purview of the FDA and whose customers depend on packaging for accurate dosage information, it’s easy to see why penalties need to be especially severe. A single misplaced period can have huge negative ramifications.

Performing Labeling and Packaging Inspections

A packaging or label error doesn’t have to be fraudulent to be costly. In fact, a great deal of mistakes are simply caused by human error. Market research indicates that 60% of product recalls are caused by workers. And it’s easy to see why. Typos can easily be created and then missed due to proofing fatigue during the artwork-creation and printing processes.

It only reinforces the need for failsafes, like a digital inspection platform, to improve upon the efficiency of a company’s quality control. Performing labeling and packaging inspections at each stage of the workflow reduces the risk of a recall and the number of required revision cycles, so products get to market faster, without any errors.

Inspections are going to be performed anyway, including potentially by the governing body in question itself. It only makes sense that a company would want to put its best foot forward in preparation. Having previously integrated robust quality systems is one key to success in such an instance. Not having to correct an error after the fact is another key to success in general.

There is obviously a difference between fraudulent practices and innocent errors that simply do not get caught in time. Unfortunately, they can each have severe consequences. What separates them from one another is how, instead of actively trying to skirt regulations, companies can actively try to prevent mistakes. It just takes a conscious effort to improve upon internal processes.

The Ideal Quality Management System: Automate, Customize, Compare, and Report

Quality management systems come in many shapes and sizes. Each is largely dependent on the industry to which a given application caters. There are nevertheless basic standards that must be met across the board.

In the packaging design and printing industry, an effective platform like GlobalVision compares two documents against one another to detect differences and prevent errors on the final product. Meanwhile, in the manufacturing industry, a tool like InspectionXpert enables the easy ballooning and data entry of figures/ characteristics on CAD/ inspection drawings.

There’s obviously a huge difference between their respective functionalities. Despite the disparity in how tools like the above are used though, there is a concrete, consistent checklist of features companies in the market for a new platform should have.

Automated for Greater Efficiency

As technology develops more and more, automation only gains steam in the workplace regardless of the sector. As a result, companies are becoming more empowered to better allocate human resources where they’re most needed instead of having workers perform mundane tasks that can more efficiently be done through automation.

For example, Safety Culture operates as a leading provider of solutions for site inspections and safety audits. The company’s software automatically syncs gathered data between mobile devices and desktops to provide actionable analytics in real time, while updated inspection forms can be automatically shared with team members.

Of course, “automatically” implies without user input, but that’s not necessarily the case here, nor can it be when it comes to quality management. Inspections still must be conducted by actual personnel. Whatever the scenario, it’s only logical that something that gets detected as having gone awry must first get verified as needing to be fixed in person. It’s at that point that it actually is (fixed). Quality-management software can’t reasonably be expected to make the fixes… just indicate where fixes are required.

While GlobalVision bills itself as a digital proofreading application, in which technicians click to perform inspections and then go through the results themselves, there is a definite automated (instead of automatic) element. Instead of manually proofreading artwork files, leading companies in various industries trust the platform to eliminate the propensity for human error by comparing an already approved master to a sample, pixel by pixel (during a graphics inspection, for example). Proofing subsequently takes seconds instead of hours or days.

Similarly, a fair portion of the legwork in InspectionXpert is done by the individual in front of the keyboard. Nevertheless, the application automates several critical inspection planning processes: the identification and extraction of characteristics, the correlation of imported data to ballooned inspection drawings, and the application of relevant balloons to newer versions. The end result, as with GlobalVision? Fewer mistakes, just in a different context.

Customize to Personalize Preferences

The ability to mold a given application to fit your company’s internal processes can be a deal breaker when choosing a solution. It makes life easier on everyone contributing to the workflow when settings can be custom-configured once for perpetual use (and re-configured when necessary). It also adds to the overall user-friendliness of the application.

This can take the form of something as simple as customizable balloon numbering or custom project templates to save time when switching between clients with InspectionXpert. In much the same vein, GlobalVision’s Job Wizard lets companies and printers, in particular, run inspections more efficiently by selecting one of many different pre-set workflow configurations. The option to have the Job Wizard load upon start-up ensures no one tester deviates from the company’s accepted inspection conventions.

SafetyCulture meanwhile allows for custom checklist form to be created from scratch. Smart and dynamic fields can also be added to each form, thereby promoting inspections that are more thorough. This is of course all in addition to the basic options a user would expect to be able to alter based on personal preferences, which applies to each of the above systems too.

Compare to Improve Performance

Running comparisons almost goes hand in hand with quality management to the point that it arguably represents GlobalVision’s primary functionality. The ability to compare the artwork, text, Braille, and color in a master and sample (or check the barcodes and spelling in either a master or sample) is at its core why printers and internal quality assurance departments rely on the software in the first place. Without it, they would have to go back to manually proofing.

With InspectionXpert, it’s more of a complementary feature. If a revision of the drawing on which you’re working exists, instead of starting over you can overlay one on top of the other and compare them. From there, you can save a PDF of the two and then make any necessary adjustments.

Meanwhile, Safety Culture admittedly doesn’t really lend itself to the comparison of revisions as it’s not that type of system. However, the ability to track performance improvements, comparing current and previous inspection results, is in large part what make its generated reports so informative.

Generate Reports for Future Reference

It makes sense that, leading to more-thorough inspections, Safety Culture’s iAuditor reports are just as in-depth. As one would expect, they can be broken down by a wide variety of filters, making any required data incredibly accessible, just like the reports themselves. Reports can be set to be sent out instantly to multiple recipients through multiple delivery methods in multiple formats and then downloaded at any time off Safety Culture’s secure servers.

Reports are also a big InspectionXpert selling point, especially the ability to create those of the custom variety. Users can create reports in formats like AS9102 and Production Part Approval dimensional results, but aren’t limited to common templates. They can use Microsoft Excel and import specially designed ones tailored to individual customers.

GlobalVision reports, which are both saved in the application’s Audit Trail and can be shared as part of the approval/ rejection process, can also be customized. Testers/ technicians can fill in header information as required and opt to include different elements like thumbnails of the differences, the Master as a reference, and a signature field that can be manually signed. Electronic signatures are also a licensable option for enhanced data integrity, to further address the need to meet FDA 21 CFR Part 11 compliance on the part of quality-control professionals.

Overall, there are many factors to consider when searching for the right quality management application. It definitely must strike the right balance between user-friendliness and a comprehensive feature set, as there is usually some trade-off between the two. However, the required features undeniably vary from industry to industry. Meanwhile the overriding need to improve internal efficiency and performance metrics are universal. The abilities to automate, customize, compare, and document, together, make it possible.

Old-School Acetates Offer Up Only Inefficiency for Proofreaders

The idea of transparent, acetate overlays probably takes you back to college. The clear plastic sheets, on which notes could be scribbled and then displayed at the front of the class using an overhead projector, were godsends to professors thanks to their time-saving simplicity… even if that simplicity left something to be desired from a technological standpoint.

Issues with Acetates

In the printing industry, in the present, it’s a similar situation. Acetates’ speed advantage has somewhat withstood the test of time, at least with regard to manual proofreading. Unfortunately, their overall ineffectiveness has forced the tool to fall by the wayside. In their place, automated systems and digital proofreading platforms have been adopted into the mainstream, highlighting the clear-cut advantages they share over acetates in the process.

During their heyday, acetates mostly originated from printers, who supplied them to clients. The purpose behind them was straight-forward: to check for inaccuracies once a shipment had come in. And, in principle, using them was easy. As the overlay comprised a to-scale print of each insert/ packaging component, all you had to do was place it on top of one to find inconsistencies

Easier said than done though, it turns out. A lot of complications could creep in, compromising the integrity of the proofreading process. For example, while overlaying an acetate hypothetically draws immediate attention to (unintended) inserted characters or defects on a sample underneath, the same isn’t true for characters or portions of characters that are missing.

Of Acetates and Automation

After all, the acetate, which is assumed to be 100% accurate based on the file the customer had already approved, would be physically covering up any characters that should be there but accidentally got removed at some point in the file-preparation process. That leads to another issue, namely when the acetate itself gets printed.

Generally speaking, the acetate is only created by the printer after the file has been converted into a TIFF file to make the printing plates. During the conversion process, errors can be introduced into the file. As the file gets prepared, trapping/ color separations/ barcodes get added, meaning the customer is taking a chance they are overlaying a bad acetate on top of a bad final print. Considering the potential ramifications of a typo, that might be too large a risk.

Ultimately, there are too many uncertainties surrounding the acetate to use it as a substitute for the master file to compare to a sample. The proofreading method admittedly has it benefits, namely its speed. However, if the goal is to compare samples to what has been approved internally, digital proofing systems can accomplish that same task… faster too.

Out with the Old, in with the Digital

Digital files can be loaded in (or hard copies scanned in) and then compared to one another, in a matter of seconds or minutes. That’s compared to hours and days when inspecting shipments from the printer. Ironically, it’s a similar process, as one file gets digitally overlaid on top of the other and the two get inspected pixel by pixel for differences.

Both ways are arguably better than manually going over a master and a sample by eye, character by character. However, there’s simply no comparison between a digital inspection system and acetate overlays.

For print suppliers, printing an acetate is one more expensive step at which errors can be introduced. More materials, labor, and oversight are required to print the acetates in the first place. They also have to be stored in case of a reprint, which can be wasteful, especially compared to the size a digital file takes up.

It all translates to higher costs passed on to the client, who have to first proofread the acetate to ensure its accuracy before even starting to proof samples. Doing so using an acetate means devoting more resources than you otherwise would because you’re actually proofing at a slower pace relative to how you would with a digital system.

It turns out, sometimes the technologically advanced solution is the simplest one instead.

Cartoon of the quality management system for ISO regulation

Quality Management System Definition

A quality management system (QMS) is a term that refers to a system in charge of documenting all processes, responsibilities, and procedures for achieving quality objectives and policies. A QMS allows companies to direct and coordinate their operations to meet both regulatory and customer requirements while also improving its efficiency and effectiveness on a regular basis.

ISO 9001:2015 is the international standard that specifies all the requirements needed to implement a quality management system. In fact, most people use the term QMS as a synonym for the ISO 9001 family even though the latter is only a document that describes the former.

But why is it so important to implement a QMS, you might wonder? Quality management systems actually serve plenty of purposes, including:

  • Engaging staff.
  • Lowering costs.
  • Reducing wasted materials.
  • Setting company-wide direction.
  • Identifying and facilitating training opportunities.
  • Improving processes.

Benefits of Quality Management Systems

What are the advantages of using a Quality Management System?

Once implemented, quality management systems have the power to affect all aspects of your company’s performance. However, the design and implementation of a QMS will bring you two overarching benefits:

  1. Meeting the organization’s requirements, which ensures that your company complies with industry regulations and provisions of services and products in the most cost-effective way. In the end, this will create room for growth, expansion, and profit.
  2. Meeting customer’s needs, which will help to build trust in your company, in turn engaging even more customers, sales, and profits.

Other advantages include preventing errors, reducing costs, helping to communicate a willingness to produce consistent results, improving your company’s offerings, and ensuring all processes are completely controlled and defined.



Quality Management Standards

As we previously mentioned, the ISO 9001:2015 standard describes all the requirements that a company must meet to implement their own quality management system. By far ISO 9001:2015 is the most implemented and recognized QMS standard on the planet that counts for complete international acceptance.

However, there are plenty of other QMS standards available, such as the ISO 14000 family that deals with environmental management systems, the rest of the ISO 9000 family (including both ISO 9004 and ISO 9000), ISO/TS 16949 for QMS intended for automotive-related products, ISO 13485 for medical devices, and ISO 19011 for auditing management systems.

Requirements to Implement a QMS

All quality management systems must address a company’s unique set of needs; however, we can name a few general elements that all QMS have in common, such as:

  • The creation of a quality manual.
  • The existence of quality objectives and policies.
  • A set of procedures, records, and instructions about all internal processes, data management, quality analysis, improvement opportunities, and customer satisfaction.

Each aspect of a QMS is intended to serve a specific purpose that in the end will help to achieve the final goal: meeting both the organization’s and customer’s needs.

How to Implement a Quality Management System

Before establishing a QMS, you must consider several elements. To begin, make sure that your decision to implement a quality management system is a strategic choice only influenced by your needs, objectives, services, and products provided. Now that you’re clear about what to do, here are the basic steps to implement a QMS:

  • Design and Build: They deal with the structure of the QMS, along with the plan for implementation and all its processes.
  • Deploy: In this stage, you’ll need to break each process into multiple sub processes. It also includes staff education and documentation, training tools, and metrics.
  • Control and Measure: These stages are accomplished by systematic, routine audits of your QMS.
  • Review and Improve: In this stage, you’ll deal with the results of the audits. The goal is to determine the efficiency and effectiveness of all your processes regarding your objectives.


A product’s quality can be measured in terms of durability, reliability, and performance. Quality is a crucial element that differentiates your company from its competitors. By implementing proper quality management systems, you are ensuring that all necessary changes in your processes are implemented, which eventually leads to superior quality products and, in the end, bigger profits.

Maintaining Data Integrity with GlobalVision Software

Read our whitepaper on how GlobalVision complies with data integrity requirements, such as:
electronic signatures, different access levels and security, and audit trail with full traceability.

Related articles:

What is data integrity? 

Automated Quality Control

Quality inspection system