Global | Healthcare and life sciences


In the life sciences industry, GxP is an abbreviation referencing the various “good practice” regulations and guidelines that apply to organisations that manufacture products that are consumed or used by humans or animals. This includes medical, cosmetic, tobacco, products or devices and food products. The “x” variable in GxP covers a wide range of processes utilized in the development, manufacturing, and distribution of regulated products such as Good Manufacturing Practices (GMP), Good Clinical Practices (GCP), Good Laboratory Practices (GLP), Good Storage Practices (GSP), etc. 

Different industry specific regulators define GxP regulations. For example: Food & Drug Administration (FDA) for the USA, European Medicines Agency (EMA) for Europe, the UK Medicines & Healthcare Products Regulatory Agency and Japan’s Pharmaceuticals and Medical Devices Agency (PMDA). This means that each country or region may have their own defined GxP regulations and guidelines. Particular GxP criteria can be found in government agency regulations and guidance (e.g. Federal Food, Drug, and Cosmetic Act) and industry best-practice frameworks. Though GxP may cover any number of specified topics, for regulatory oversight purposes, government agencies have almost uniformly adopted requirements related to product manufacturing processes, documentation procedures, staff qualifications and training, and distribution/storage. For global life sciences organizations doing business in the US GxP requirements can generally be found in the  U.S.: FDA  Code of Federal Regulations (“CFR”), in Europe; in the Eudralex EU Pharmaceutical Legislation or in Japan; in the Act on Securing Quality, Efficacy and Safety of Products Including Pharmaceuticals and Medical Devices.

Google Cloud’s administrative, physical, and technical controls help our life sciences customers meet their quality, documentation, and security objectives. In addition to the underlying infrastructure and operations managed by Google, Google Cloud products also provide capabilities which can make it easier for our customers to meet applicable GxP requirements. For more information on using Google Cloud in GxP systems, please view our GxP whitepaper.

For Google as a Cloud Service Provider, many of the regulatory requirements over the security and quality of electronic records and signatures (ERES) are met through our independent, third-party compliance validation programs, such as ISO 9001, ISO/IEC 27001, ISO/IEC 27017, ISO/IEC 27018, NIST 800-53 and BSI C5:2020

ISO/IEC 27001

Learn more

ISO/IEC 27017

Learn more

ISO/IEC 27018

Learn more