Recent FDA Warning Letter – May 2016
- “Failure to exercise sufficient controls over computerized systems to prevent unauthorized access or changes to data, and to provide controls to prevent omission of data.”
- “The computerized system lacked access controls and audit trail capabilities.”
- “All employees had administrator rights and shared one user name.”
- “Electronic data could have been manipulated or deleted without traceability.”
PIC/S Data Integrity
- Section 2.4
- Data Integrity “…is fundamental in a pharmaceutical quality system which ensures that medicines are of the required quality. Poor data integrity practices and vulnerabilities undermine the quality of records and evidence, and may ultimately undermine the quality of medicinal products.”
- Section 3.4
- “This guide is not intended to impose additional regulatory burden upon regulated entities, rather it is intended to provide guidance on the interpretation of existing PIC/S GMP/GDP requirements relating to current industry practice.”
- 9. Specific data integrity considerations for computerised systems
- 9.1 Structure of QMS and control of computerised systems
- 9.2 Qualification and validation of computerised systems
- 9.3 System security for computerised systems
- 9.4 Audit trails for computerised systems
- 9.5 Data capture/entry for computerised systems
- 9.6 Review of data within computerised systems
- 9.7 Storage, archival and disposal of electronic data
- Quality Management System
- Validation (Data Protection)
- Security (Software Functions Security Procedures)
- Audit Trail (Software Functions)
- Data Capture (Sensor Location Sensor Calibration)
- Data Review(Review Of Data)
- Data Storage(IT Procedures)
for Enterprise Monitoring Systems
Data Capture
- Sensor Location
- Verifications:
- Is the correct sensor installed?
- Model
- Serial Number
- Is the sensor in the correct location?
- Is the sensor fixed in place?
- Sensor Calibration
- Verifications:
- Calibration Management SOP
- SOP approved?
- SOP applies to CMS sensors?
- Calibration Certificate
- Passed calibration?
- Shows valid calibration dates?
- Stored appropriately?
- Sensor
- Calibration sticker present?
- Review of Data
- Verifications
- Data Review SOP approved?
- SOP includes the following:
- Responsibilities for Data Review.
- Clear definitions of acceptable data.
- Actions to take for unacceptable data
Data Protection
- Software Functions
- Software Function Verifications
- Access Control Features
- Uniquely identifies user
- Example: username
- Controls entry to program
- Example: password
- Controls access within program
- Example: user profile
- Uniquely identifies user
- Audit Trail
- Records all changes to data.
- Secure Reporting Format
- Provides data in format that cannot be edited.
- Example: .PDF File
- Security Procedures
- Verifications
- Site Physical Security SOP
- Password Management SOP
- Periodic User Review SOP
- Audit Trail Review SOP
- All SOPs must be:
- Approved?
- Include the monitoring system?
- Verifications
- IT Procedures
- Verifications
- Change Management SOP
- Disaster Recovery SOP
- Data Back-Up SOP
- Daily (Local)
- Weekly (Protected Local)
- Monthly (Protected Off-Site)
- All SOPs must be:
- Approved?
- Include the monitoring system?
- Verifications
Latest Publications
- MHRA – March 2015
- “GMP Data Integrity Definitions and Guidance for Industry”
- PIC/S – August 2016 (Draft)
- “Good Practices for Data Management and Integrity in Regulated GMP/GDP Environments”
- WHO – May 2016
- “Guidance on Good Data and Record Management Practices”
- FDA – April 2016 (Draft)
- “Data Integrity and Compliance with cGMP – Guidance for Industry”
www.seoho.biz
㈜서호 전북 전주시 덕진구 혁신로 586 (54851)
Tel. 063-214-9325 / Fax. 063-214-9328
