Insight AX
Back to Pet Projects
active

Controlled Drug Licence & GDP Compliance Management System

This project started as a small PoC, just to see how can I use modern automation agentic tools like Claude Code together with Azure, Power Platform and Dynamics 365 F&O eco-system. It is now a pretty well-rounded solution, ready to roll-out and based on a real-world case-study of a licence management system for a Dutch wholesaler dealing with controlled drugs and it covers user stories around: (1) representing legal requirements (Opium Act exemption, wholesale licence, import/export permits, etc.), (2) onboarding and qualifying customers, (3) transaction time checks, and (4) ongoing monitoring and audit...

Technologies

.NET 8 LTS (C# 12)ASP.NET Core 8.0Web APIMVCMicrosoft DataverseDynamics 365 Finance & OperationsOData v4Virtual EntitiesAzure App ServiceAzure FunctionsAzure Blob StorageAzure Cache for RedisAzure Logic AppsAzure API ManagementBicep (Infrastructure as Code)Azure DevOps Pipelines (CI/CD)Microsoft Entra IDAzure AD B2CAzure Managed IdentityAzure Key VaultApplication Insights and Log AnalyticsxUnit, Moq, and FluentAssertions (Testing)TestContainersPolly (via Microsoft.Extensions.Http.Resilience)Simple.OData.ClientCommandLineParserFluentValidationAzurite

Project Overview

A comprehensive licence management and GDP compliance system for Dutch pharmaceutical wholesalers handling controlled drugs. The system provides:

• Real-time compliance validation for controlled drug transactions

• Licence lifecycle management (capture, verification, monitoring)

• Customer qualification tracking with approval workflows

• GDP compliance (sites, credentials, inspections, CAPA, equipment qualifications)

• GDP documentation management (SOPs, training records, change control)

• GDP operational validation (site/provider eligibility, equipment requalification)

• Audit trails and reporting for regulatory compliance

• CLI tooling for transaction validation, customer/licence lookup, and report generation

Key Features

• Stateless architecture (no local data storage for business data)

• Composite data model architecture: domain entities span D365 F&O (master data) + Dataverse (compliance extensions)

• Azure cloud-native (App Service, Functions, Blob Storage, API Management)

• RESTful APIs for ERP/WMS integration

• Web UI for compliance staff

• CLI tool for debugging, scripting, and automation

• Automated expiry monitoring and alerts

• In-memory repositories for local development without external dependencies

• Full Infrastructure as Code (Bicep) with CI/CD via Azure DevOps Pipelines

• TDD approach with comprehensive test coverage (1,432 automated tests across 6 projects)

How It Works

The architecture integrates Azure App Services, Dataverse for compliance configuration, and Dynamics 365 Finance & Operations for business operations, transactions and master data. A robust automated pipeline handles the schema provisioning for twenty-seven custom entities, ensuring consistency across development, testing, and production environments.

Functional areas include licence management, transaction validation, and GDP oversight, featuring dedicated modules for equipment qualification, staff training, and change control. I have also an example of a successful infrastructure deployment to Azure, highlighting the use of Bicep for resource management and Managed Identity for secure authentication. Monitoring and health checks are integrated throughout the platform to track credential expiry and system performance.

[To-Do: Demo Video]

Please use a link below to go to GitHub and dive into technical details or use Ask AI button below to help you learn more.

Please note, we’re using Discussions at GitHub as a place to connect with other members of our community. Ask questions you’re wondering about. Share ideas. Engage with other members. Contribute, so we can build together 💪.

Solution OverviewView on GitHubDownload Presentation
Subscribe to get updates about this project and related work.