Data integrity PIC S

Recommendations

Info

where appropriate, or used as a “summary report” where the requirements ofa “true copy” are not met (e.g. summary of complex analytical data).7.7.2 It is conceivable for raw data generated by electronic means to be retainedin an acceptable paper or pdf format, where it can be justified that a staticrecord maintains the integrity of the original data. However, the data retentionprocess should record all data, (including metadata) for all activities whichdirectly or indirectly impact on all aspects of the quality of medicinal products,(e.g. for records of analysis this may include: raw data, metadata, relevantaudit trail and result files, software / system configuration settings specific toeach analytical run, and all data processing runs (including methods andaudit trails) necessary for reconstruction of a given raw data set). It wouldalso require a documented means to verify that the printed records were anaccurate representation. This approach is likely to be onerous in itsadministration to enable a GMP/GDP compliant record.7.7.3 Many electronic records are important to retain in their dynamic format, toenable interaction with the data. Data should be retained in a dynamic formwhere this is critical to its integrity or later verification. Risk managementprinciples should be utilised to support and justify whether and how long datashould be stored in a dynamic format.7.7.4 At the receiving site, these records (true copies) may either be managed in apaper or electronic format (e.g., PDF) and should be controlled according toan approved QA procedure.7.7.5 Care should be taken to ensure that documents are appropriatelyauthenticated as “true copies” in a manner that allows the authenticity of thedocument to be readily verified, e.g. through the use of handwritten orelectronic signatures or generated following a validated process for creatingtrue copies.Item How should the “true copy” be issued and controlled?1. Creating a “true copy” of a paper document.At the company who issues the true copy:- Obtain the original of the document to be copied- Photocopy the original document ensuring that no information fromthe original copy is lost;- Verify the authenticity of the copied document and sign and date thenew hardcopy as a “true copy”;The “True Copy” may now be sent to the intended recipient.Creating a “true copy” of a electronic document.A ‘true copy’ of an electronic record should be created by electronic means(electronic file copy), including all required metadata. Creating pdf versionsof electronic data should be prohibited, where there is the potential for lossof metadata.The “True Copy” may now be sent to the intended recipient.A distribution list of all issued “true copies” (soft/hard) should be maintained.PI 041-1 18 of 63 1 July 2021
Specific elements that should be checked when reviewing records: Verify the procedure for the generation of true copies, and ensure thatthe generation method is controlled appropriately. Check that true copies issued are identical (complete and accurate)to original records. Copied records should be checked against theoriginal document records to make sure there is no tampering of thescanned image. Check that scanned or saved records are protected to ensure dataintegrity. After scanning paper records and verifying creation of a ‘true copy’: Where true copies are generated for distribution purposes, e.g. tobe sent to a client, the original documents from which the Wheretrue copies are generated for distribution purposes, e.g. to be sentto a client, the original documents from which the scanned imageshave been created should be retained for the respective retentionperiods by the record owner. Where true copies are generated to aid document retention, it maybe possible to retain the copy in place of the original recordsdocuments from which the scanned images have been created.2. At the company who receives the true copy:- The paper version, scanned copy or electronic file should bereviewed and filed according to good document managementpractices.The document should clearly indicate that it is a true copy and not an originalrecord.Specific elements that should be checked when reviewing records: Check that received records are checked and retained appropriately. A system should be in place to verify the authenticity of “true copies”e.g. through verification of the correct signatories.7.7.6 A quality agreement should be in place to address the responsibilities for thegeneration and transfer of “true copies” and data integrity controls. Thesystem for the issuance and control of “true copies” should be audited by thecontract giver and receiver to ensure the process is robust and meets dataintegrity principles.7.8 Limitations of remote review of summary reports7.8.1 The remote review of data within summary reports is a common necessity;however, the limitations of remote data review should be fully understood toenable adequate control of data integrity.7.8.2 Summary reports of data are often supplied between physically remotemanufacturing sites, Market Authorisation Holders and other interestedparties. However, it should be acknowledged that summary reports areessentially limited in their nature, in that critical supporting data and metadatais often not included and therefore original data cannot be reviewed.PI 041-1 19 of 63 1 July 2021
Page 1 and 2: PHARMACEUTICAL INSPECTION CONVENTIO
Page 3 and 4: 9.10 Management of Hybrid Systems .
Page 5 and 6: 3.5 The principles of data manageme
Page 7 and 8: o automation; oro the use of techno
Page 9 and 10: process consistency (e.g. biologica
Page 11 and 12: should clearly demonstrate that rep
Page 13 and 14: Staying continuously and actively i
Page 15 and 16: 6.7 Dealing with data integrity iss
Page 17: Data IntegrityAttributeRequirementt
Page 21 and 22: generation of working copies of doc
Page 23 and 24: 4. ExpectationDocuments should be s
Page 25 and 26: 8.5.2 Records should be appropriate
Page 27 and 28: Where appropriate, the reason for t
Page 29 and 30: 8.9 Direct print-outs from electron
Page 31 and 32: 8.11.2 A record/register should be
Page 33 and 34: 9.2.2 Validation alone does not nec
Page 35 and 36: osystems used in the decision proce
Page 37 and 38: Check that end-user testing include
Page 39 and 40: read by the new software. Where nec
Page 41 and 42: - User access controls should ensur
Page 43 and 44: potential security weaknesses) and
Page 45 and 46: 9.6 Audit trails for computerised s
Page 47 and 48: - in the case of changes or modific
Page 49 and 50: 9.8 Review of data within computeri
Page 51 and 52: to access electronically stored dat
Page 53 and 54: Appropriate quality risk management
Page 55 and 56: Area for reviewComparison of analyt
Page 57 and 58: Accurate [4.1], [6.17] [5.40], [5.4
Page 59 and 60: 12 REMEDIATION OF DATA INTEGRITY FA
Page 61 and 62: 12.2.1.2 Evidence of open communica
Page 63: MetadataIn-file data that describes

Data integrity PIC S

Create successful ePaper yourself

Delete template?

Save as template?