TL;DR
Thorsten Meyer AI announced QAtrial as Day 12 of its 19-day Built in Public series. The open-source platform is described as a self-hostable GxP quality and compliance tool that records AI provenance, human review, e-signatures and audit trails, while leaving validation duties with users.
Thorsten Meyer AI has announced QAtrial, an open-source quality and compliance platform for regulated life-sciences work that is designed to make AI-assisted outputs traceable, reviewable and electronically signed in GxP environments.
The company describes QAtrial as a self-hostable, AGPL-3.0 platform for regulated quality assurance workflows, including CAPA, electronic signatures and traceability matrices. The announcement says each AI-assisted output records the model, version and purpose that produced it, then routes the work through human review, e-signature and an audit log.
According to the source material, QAtrial is designed to align with 21 CFR Part 11 and EU Annex 11, two core regulatory frameworks for electronic records, signatures and computerised systems in regulated environments. The announcement stresses that alignment does not mean the software is validated, certified or a guarantee of compliance.
The product is part of Thorsten Meyer AI’s Built in Public series and is described as completing the portfolio’s Open / Reg family alongside Glasspane. The source positions QAtrial for on-premises or air-gapped GxP settings where regulated data must remain under the user’s control.
AI With Audit Evidence
The announcement matters because regulated life-sciences teams face a hard tradeoff: AI can reduce repetitive documentation work, but regulators and quality leaders need evidence showing how records were created, reviewed and approved.
QAtrial’s stated approach treats the AI model as a recorded contributor rather than an anonymous generator. If implemented and validated by the user, that could help teams use AI for drafting, cross-referencing and traceability support while keeping formal responsibility with qualified reviewers.
The provider-agnostic design is also material for regulated users. The source argues that being tied to a single model provider can create validation risk if models shift underneath a controlled system. QAtrial’s claim is that purpose-scoped routing and provenance per output can help users document which model was used for which task.

EU Annex 11 Guide to Computer Validation Compliance for the Worldwide Health Agency GMP
As an affiliate, we earn on qualifying purchases.
As an affiliate, we earn on qualifying purchases.
GxP Demands Traceable Records
GxP quality systems in manufacturing, laboratory and clinical settings depend on validated systems, signed records and traceability from requirements to tests and results. In those environments, the audit trail is central because teams must be able to show who did what, when and why.
The source frames standard AI tooling as poorly matched to that requirement because many systems produce outputs without a durable record of the model, version, prompt purpose and review status tied to a controlled workflow. QAtrial is presented as an answer to that gap, not as a replacement for validation.
The announcement’s example workflow shows an AI-assisted CAPA draft moving from draft to review, e-signature and audit log, with a traceability matrix linking a requirement, risk, test and result.
“You can’t put an unaccountable black box into a regulated process.”
— Thorsten Meyer AI announcement
Validation Still Falls To Users
It is not yet clear from the announcement whether QAtrial has production users, independent audits, validation templates or published qualification evidence. The source does not state that any regulator has reviewed or approved the platform.
The company says QAtrial is designed to align with 21 CFR Part 11 and EU Annex 11, but also states that it is not validated, certified or legal or regulatory advice. Any organization adopting it would still need to qualify the system, validate its use, control configuration and review AI-assisted outputs for errors.
Repository And Adoption Signals
The next test for QAtrial will be the public details around its repository, implementation guidance and evidence from real GxP evaluation. Readers should watch for documentation on installation, audit-log controls, e-signature behavior, model routing, validation support and security practices.
For regulated teams, the near-term question is whether the platform can be qualified inside controlled environments without creating new compliance burden. The announcement says human review remains part of the workflow, so adoption will depend on both technical controls and the procedures users build around them.
Key Questions
What is QAtrial?
QAtrial is described by Thorsten Meyer AI as an open-source, self-hostable quality and compliance platform for regulated life-sciences QA work, including CAPA, e-signatures and traceability matrices.
Does QAtrial make a company compliant?
No. The announcement says the tool is designed to support compliance programs and align with frameworks such as 21 CFR Part 11 and EU Annex 11, but it is not validated, certified or a guarantee of compliance.
How does QAtrial use AI?
The platform is presented as using AI to assist with drafting and compliance documentation while recording the model, version and purpose behind each output. The source says human review and e-signature remain part of the process.
Why is provenance central to the product?
In regulated QA, teams must be able to show how records were produced and approved. QAtrial’s stated value is that AI-assisted work is tied to source, model, review and audit-trail evidence.
What remains unknown?
The announcement does not confirm production deployments, regulator review, third-party certification or completed validation packages. Those details remain open.
Source: Thorsten Meyer AI