Compliance

Regulatory Readiness Built Into the Architecture

In regulated laboratories, compliance cannot be an afterthought. Virgil's architecture and documentation were designed from first principles to satisfy the requirements of GxP, 21 CFR Part 11, GDPR, CLIA, CAP, and ISO 27001 so your team can focus on science, not paperwork.

Regulatory Standards

GxP (GLP · GMP · GCP)

Good Practice compliance is foundational to Virgil. Every workflow progresses through a defined lifecycle: Draft, In Review, Approved, and Effective, with immutability enforced at each stage. Changes create new versions and never overwrite existing records.

21 CFR Part 11

Electronic records and electronic signatures that satisfy FDA requirements. Virgil provides tamper-evident audit trails, user attribution on every change, and multi-level approval workflows with separation of duties.

GDPR

Data protection by design. Tenant isolation ensures complete data separation. On-premises and air-gapped deployment options guarantee that sensitive data never leaves your jurisdiction. Data residency compliance for EU, US, and APAC regions.

CLIA & CAP

Clinical laboratory standards are supported through configurable compliance rules, audit trails, and validation documentation that meet accreditation requirements.

How Virgil Delivers Compliance

Immutable Audit Trails

Every action during workflow creation, modification, review, and approval is permanently recorded. The audit trail captures who performed each action, when it occurred, and exactly what changed. This record is tamper-evident, and any attempt to alter history is detectable.

When AI assists in authoring a workflow, its contributions are distinctly attributed and logged separately from human edits. Regulatory reviewers can clearly identify which steps were AI-suggested and which were human-authored.

Electronic Signatures

21 CFR Part 11 compliant electronic signatures with:

  • Signature meaning tied to each approval action
  • Timestamp recording when signatures were applied
  • Non-repudiation ensuring signers cannot deny their approvals
  • Multi-level approval workflows with configurable chains of authority
  • Separation of duties enforcement across authoring, review, and approval roles

Workflow Lifecycle Management

Workflows progress through controlled states with strict transition rules:

1

Draft

The only editable state. Authors compose and refine the workflow with AI assistance and team collaboration.

2

In Review

Submitted for approval. All validation checks must pass before submission. Can be returned to Draft with documented rationale.

3

Approved

Approval chain completed with electronic signatures. Workflow definition is locked and immutable.

4

Effective

Available for production use. Any changes require a new version through its own complete validation cycle.

Automated Validation

Virgil validates workflows automatically at multiple stages, checking structural correctness, regulatory compliance, resource conflicts, and parameter compatibility. Validation documentation is generated automatically and suitable for regulatory submissions.

Configurable Compliance Levels

Different laboratories operate under different regulatory requirements. Early-stage research has different needs than GxP manufacturing or CLIA clinical operations. Virgil’s compliance stringency is configurable per tenant without programming, allowing organizations to apply the right level of rigor for each context.

Compliance Without Compromise

See how Virgil can reduce your compliance overhead while strengthening your audit posture.

Request a Demo