DATA INTEGRITY BPL - SSFA€¦ · DATA INTEGRITY DATA INTEGRITY ––scopo scopo FDA : Ensuring data integrity is an important component of industry’s responsibility to ensure

DATA DATA INTEGRITYINTEGRITYINTEGRITYINTEGRITY

& & BPLBPL

M. M. Brunetti, RTC SpA, email: [email protected], Pomezia 26 ottobre 2017

DATA INTEGRITYDATA INTEGRITY


� aprile 2016 FDA emette una draft Guidance su DI

� a marzo 2015 MHRA emette una Guidance su DI(GMP)

� a Settembre 2015 WHO emette una draft Guidance on good data and record managementFinal – 15 June 2016 (GXP)

� aprile 2016 FDA emette una draft Guidance su DI (GMP – Q&A)

� luglio 2016 MHRA emette una draft Guidance su DI & GXP

� agosto 2016 PIC/S emette una draft Guidance su DI (GMP)

� agosto 2016 EMA (sito web): Q&A su DI (GMP)

DATA INTEGRITY DATA INTEGRITY –– scoposcopo

�FDA : Ensuring data integrity is an important component of industry’s responsibility to ensure the safety, responsibility to ensure the safety, efficacy, and quality of drugs, and of FDA’s ability to protect the public health

DATA INTEGRITY DATA INTEGRITY –– cos’ècos’è�FDA (GMP): requirements for complete, consistent and accurate data

� MHRA (GXP): The extent to which all data are complete, consistent and data are complete, consistent and accurate through the data lifecycle

From initial data generation and recording through processing (including transformation or migration), use, retention, archiving, retrievaland destruction.

ALCOA

Attributable : The identity of the person/s completing a record should be unambiguous

Legible (traceable and permanent): Data should bereadable, understandable, allow reconstruction. It should notbe possible to modify or recreate data without an audit trail whichpreserve the original record (Don’t forget paper docs here)

DATA INTEGRITY DATA INTEGRITY –– cos’ècos’è

Contemporaneous : Data are recorded at the time they are generated or observed. The availability of records in the right placeat the right time removes the need for staff to use loose scraps of paper, or their memory, to retain information for retrospectively completion in the official records

Original or true copy : Original records includes the first or source capture of data.

Accurate : Data should be correct, truthful, complete, validand reliable.

DATA INTEGRITY (WHO)DATA INTEGRITY (WHO)

ALCOA - plus

Attributable

Legible

Contemporaneous

ALCOA - plus

Complete

Consistent

EnduringContemporaneous

Original or true copy

Accurate

Enduring

Available

To emphasize CCEA requirements,implicit basic ALCOA principles


paperpaper requirementsrequirements = electronic = electronic requirementsrequirements

�FDA : the requirements for record retention and review do not differ depending on the data format; review do not differ depending on the data format; paper-based and electronic data record-keepingsystems are subject to the same requirements

DATA INTEGRITY (WHO DATA INTEGRITY (WHO -- glossaryglossary))

Data Governance : The totality of arrangements toensure that data, irrespective of the format in whichthey are generated, recorded, processed, retainedand used to ensure a complete, consistent and and used to ensure a complete, consistent and accurate record through the data life cycle

Data life cycle: All phases of the process by whichdata are created, recorded, processed, reviewed, analysed and reported, transferred, stored and retrieved and monitored until retirementand disposal. ……the risk ….

DATA INTEGRITY (WHO)DATA INTEGRITY (WHO)§ 6.3: Management should create a work

environment in which staff are encouraged tocommunicate failure and mistakes, including data reliability issues, so that CAPAs can be taken and the quality of an organisation’s products and servicesenhanced . This includes ensuring adequateenhanced . This includes ensuring adequateinformation flow between staff at all levels. Senior management should actively discourage anymanagement practices that might reasonably beexpected to inhibit the active and complete reportingof such issues , for examples, hierarchical constraintand blame cultures.

L’elemento culturale è il più difficile da gestire.

DATA INTEGRITY DATA INTEGRITY -- FDAFDAQuando un dato electronico diventa un dato CGMP? … GXPCGMP? … GXP

� When generated to satisfy a CGMP requirement, alldata become a CGMP record

� You must document, or save, the data at the time ofperformanceperformance

� Not acceptable to record data on pieces of paperthat will be discarded after the data are transcribed

WL: Substitution of results following failing labresults; failure to record critical valuesat time activities were performed -Nov 2015

DATA INTEGRITY DATA INTEGRITY -- FDAFDACome dovrebbe essere limitato l’accesso ai CS ??

� FDA recommends you to restrict the ability to alter specifications, process parameters, or manufacturing or testing methods by technicalmeans where possible (for example by limitingpermissions to change settings or data).

� FDA suggests that the system administrator role, including any rights to alter files and settings, beassigned to personnel independent from thoseresponsible for the record content.

WL: Failure to prevent unauthorisedaccess or changes to data – Feb 2015

DATA INTEGRITY DATA INTEGRITY -- FDAFDAPerché l’uso di shared login preoccupa la FDA ??

� You must implement documentation that ensureactions are attributable to a specific individual

� When logic credentials are shared, a uniqueindividual cannot be identifiedindividual cannot be identified

On paper you would sign/initial and date your work or the review of other’s work

WL: A password shared by four or five individualswas in use – Dec 2015

DATA INTEGRITY DATA INTEGRITY -- FDAFDAQuanto spesso va controllato l’ audit trail ??

� FDA recommend that audit trails that capturechanges to critical data be reviewed with eachrecord and before final approval of the record.

� Audit trails subject to regular review should� Audit trails subject to regular review shouldinclude changes to: history of finished product test results, sample run and sequences, sample identification, critical process parameters.

WL: Lack of audit trails for labinstruments and turning off audit trails – Apr 2015

DATA INTEGRITY & FRODEDATA INTEGRITY & FRODE

Esiste la percezione errata che la data integrity abbia a che fare con la frode

Data integrity : non lasciare la Data integrity : non lasciare la possibilità di frodare

Frode: manipolazione del dato

La manipolabilità del dato è violazione della data integrity

DATA INTEGRITY & FRODEDATA INTEGRITY & FRODEEsiste la percezione errata che la data integrity abbia a che fare solo con i dati elettronici

Data integrity: il dato va gestito e controllato in ogni sua forma, cartacea o elettronicain ogni sua forma, cartacea o elettronica

Eliminare i sistemi computerizzati e tornare al dato cartaceo non elimina la necessità di data integrity, ma ne aumenta il peso e la difficoltà

Difficoltà su come assicurare la data integrity più che su cosa

DATA INTEGRITY DATA INTEGRITY Altri concetti importantiAltri concetti importanti

� MHRA – Metadata (red text)

Example (i): sodium choride batch 1234, 3.5 mg, J. Smith 01/07/14.

Example (ii): Trial subject A123, sample refX789 taken 30/06/14 at 14:56hrs. INR , 3.5 mg. Analyst J Smith 01/07/14.

Data: 3.5


� MHRA – Audit Trail

The relevance of data retained in the audit trailsshould be considered by the company to permitrobust data review/verification. It is not necessaryfor audit trail review to include every system activity (e.g. user log on/off, keystrokes , ecc.) and activity (e.g. user log on/off, keystrokes , ecc.) and may be achieved by review of appropriate designedand validated system reports.

Where relevant audit trail functionality does not exists (e.g. within legacy systems and spreadsheets) an equivalent level of control may be achieved for example by the use of log books, protecting each version and change control.


� FDA: static vs dinamic data/records format

� Static is used to indicate a fixed-datadocument such as a paper record or anelectronic image, and dinamic means that the record format allows interaction between the record format allows interaction between the user and the record content.

� For example, a dynamic chromatographic record mayallow the user to change the baseline and reprocess the chromatographic data so that the resulting peaks mayappear smaller or larger, It may also allow the user tomodify formulas or entries in a spreadsheet used tocompute test results or other information such ascalculated yield.


� MHRA: static vs dinamic data/records format

Example 2: chromatographic system provide dynamicelectronic records in database format with the abilit y totrack , trend and query data. This allows the reviewertrack , trend and query data. This allows the reviewer(with proper access permissions) to interact with the data (e.g. view hidden fields and expand the baseline) toview the integration more clearly. Once printed or converted to static file format (e.g. .pdfs), chromatography records lose the interaction capability.

FDA - About raw data (chromatograms) – slide


� MHRA: Application Manager (AM) access

� AM rights (permitting activities such as deletion, DB amendment or system configuration changes) should not be assigned to individuals with a direct intere st in the data (data generation, data review or approval) . the data (data generation, data review or approval) .

� Where this is unavoidable in the company structure, a similar level or control may be achieved by the u se of a dual user accounts with different privileges.

� All changes performed under system administrator access should be visible to, and approved whitin, t he quality system).


� MHRA: Excluding data.

� Data may be excluded where it can bedemonstrated through sound science that the data is anomalous or non-representative.In all cases , this justification should beIn all cases , this justification should bedocumented and considered during data reviewand reporting.

� All data (even if excluded) should be retainedwith the original data set, and be available in a format that allows the validity of the decision toexclude the data to be confirmed.


� MHRA – True copy DefinitionA copy of original information that beenverified as an exact (accurate and complete) copy having all of the same attributes and copy having all of the same attributes and information as the original.

The copy may be verified by dated signatureor by validated electronic signature.

A true copy may be retained in a differentelectronic file format to the original record, ifrequired, but must retain the equivalentstatic/dynamic nature of the original record.


� MHRA – True copy

Original records and true copies must preserve the integrity (accuracy, completeness, content and meaning) of the record. True copies of original recordsmay be retained in place of the original record (e.g. may be retained in place of the original record (e.g. scan of a paper record ), provided that a documentedsystem is in place to verify and record the integrity ofthe copy. Companies should consider any riskassociated with the destruction of original records.


� MHRA – True copy

Data must be retained in a dynamic form where this iscritical to its integrity or later verification . It is conceivablefor some data generated by electronic means to be retaine din an acceptable paper or pdf format, where it can bejustified that a static record maintains the integrity of the justified that a static record maintains the integrity of the original data. Howevere the data retention process must beshown to include verified copies of all raw data, metadata, relevant audit trail and result files, any variable SW/sy stem configuration settings specific to each record, and allprocessing runs (including methods and audit trails) necessary for reconstruction of data set . It would also berequired a documented means to verify that the printedrecords were an accurate representation.


� MHRA – Establishing data criticality & inherentintegrity risk

The inherent risk to data integrity related to equipmentand computerised systems may differ …. based on the and computerised systems may differ …. based on the degree to which the data (or the system generating or using the data) can be configured, and thereforepotentially manipulated (fig. 1).


� MHRA – Establishing data criticality & inherentintegrity risk

� The degree of effort and resources applied to the organis ationaland technical control of data lifecycle elements should beand technical control of data lifecycle elements should becommensurate with its criticality in terms of impact to q ualityattributes.

� When manually recorded data requires stringent oversight , consideration should be given to risk-reducing supervisor ymeasures. Examples include contemporaneous second person verifica tion ofdata entry, or cross checks of related information sou rces (e.g. equipment log books).


� MHRA – Establishing data criticality & inherentintegrity risk – fig. 1

� FDA - About raw data (chromatograms ) – slide� FDA - About raw data (chromatograms ) – slide

� WHO – Appendix 1, page 192

DATA INTEGRITY DATA INTEGRITY -- esempiesempi

non validated CS

in use

no audittrail sharing PW

destroyingoriginal data

user role

documentationafter the event

uncontrolledchange of

data

equipment notcalibrated

user rolesetting notadequate

backdating

audit trail off



Documents

DATA INTEGRITY BPL - SSFA€¦ · DATA INTEGRITY DATA INTEGRITY ––scopo scopo FDA : Ensuring data integrity is an important component of industry’s responsibility to ensure