Data integrity PIC S

Recommendations

Info

Check that access to archived documents is restricted to authorisedpersonnel ensuring integrity of the stored records.Check for the presence of records of accessing and returning ofrecords.The storage methods used should permit efficient retrieval ofdocuments when required.2. ExpectationAll hardcopy quality records should be archived in:- secure locations to prevent damage or loss,- such a manner that it is easily traceable and retrievable, and- a manner that ensures that records are durable for their archived life.Specific elements that should be checked when reviewing records: Check for the outsourced archived operations if there is a qualityagreement in place and if the storage location was audited. Ensure there is some assessment of ensuring that documents will stillbe legible/available for the entire archival period. In case of printouts which are not permanent (e.g. thermal transferpaper) a verified (‘true’) copy should be retained. Verify whether the storage methods used permit efficient retrieval ofdocuments when required.3. ExpectationAll records should be protected from damage or destruction by:- fire;- liquids (e.g. water, solvents and buffer solution);- rodents;- humidity etc; and.- unauthorised personnel access, who may attempt to amend, destroyor replace records.Specific elements that should be checked when reviewing records: Check if there are systems in place to protect records (e.g. pestcontrol and sprinklers). Note: Sprinkler systems should be implemented according to localsafety requirements; however, they should be designed to preventdamage to documents, e.g. documents are protected from water. Check for appropriate access controls for records.8.11 Disposal of original records or true copies8.11.1 A documented process for the disposal of records should be in place toensure that the correct original records or true copies are disposed of afterthe defined retention period. The system should ensure that current recordsare not destroyed by accident and that historical records do not inadvertentlymake their way back into the current record stream (e.g. historical recordsconfused/mixed with existing records.)PI 041-1 30 of 63 1 July 2021
8.11.2 A record/register should be available to demonstrate appropriate and timelyarchiving or destruction of retired records in accordance with local policies.8.11.3 Measures should be in place to reduce the risk of deleting the wrongdocuments. The access rights allowing disposal of records should becontrolled and limited to few persons.9 SPECIFIC DATA INTEGRITY CONSIDERATIONS FORCOMPUTERISED SYSTEMS9.1 Structure of the Pharmaceutical Quality System and control of computerisedsystems9.1.1 A large variety of computerised systems are used by companies to assist ina significant number of operational activities. These range from the simplestandalone to large integrated and complex systems, many of which have animpact on the quality of products manufactured. It is the responsibility of eachregulated entity to fully evaluate and control all computerised systems andmanage them in accordance with GMP 10 and GDP 11 requirements.9.1.2 Organisations should be fully aware of the nature and extent of computerisedsystems utilised, and assessments should be in place that describe eachsystem, its intended use and function, and any data integrity risks orvulnerabilities that may be susceptible to manipulation. Particular emphasisshould be placed on determining the criticality of computerised systems andany associated data, in respect of product quality.9.1.3 All computerised systems with potential for impact on product quality shouldbe effectively managed under a Pharmaceutical Quality System which isdesigned to ensure that systems are protected from acts of accidental ordeliberate manipulation, modification or any other activity that may impact ondata quality and integrity.9.1.4 The processes for the design, evaluation, and selection of computerisedsystems should include appropriate consideration of the data managementand integrity aspects of the system. Regulated users should ensure thatvendors of systems have an adequate understanding of GMP/GDP and dataintegrity requirements, and that new systems include appropriate controls toensure effective data management. Legacy systems are expected to meetthe same basic requirements; however, full compliance may necessitate theuse of additional controls, e.g. supporting administrative procedures orsupplementary security hardware/software.9.1.5 Regulated users should fully understand the extent and nature of datagenerated by computerised systems, and a risk based approach should betaken to determining the data risk and criticality of data (including metadata)and the subsequent controls required to manage the data generated. Forexample:10 PIC/S PE 009 Guide to Good Manufacturing Practice for Medicinal Products, specifically Part I chapters 4, Part IIchapters 5, & Annex 1111 PIC/S PE 011 GDP Guide to Good Distribution Practice for Medicinal Products, specifically section 3.5PI 041-1 31 of 63 1 July 2021
Page 1 and 2: PHARMACEUTICAL INSPECTION CONVENTIO
Page 3 and 4: 9.10 Management of Hybrid Systems .
Page 5 and 6: 3.5 The principles of data manageme
Page 7 and 8: o automation; oro the use of techno
Page 9 and 10: process consistency (e.g. biologica
Page 11 and 12: should clearly demonstrate that rep
Page 13 and 14: Staying continuously and actively i
Page 15 and 16: 6.7 Dealing with data integrity iss
Page 17 and 18: Data IntegrityAttributeRequirementt
Page 19 and 20: Specific elements that should be ch
Page 21 and 22: generation of working copies of doc
Page 23 and 24: 4. ExpectationDocuments should be s
Page 25 and 26: 8.5.2 Records should be appropriate
Page 27 and 28: Where appropriate, the reason for t
Page 29: 8.9 Direct print-outs from electron
Page 33 and 34: 9.2.2 Validation alone does not nec
Page 35 and 36: osystems used in the decision proce
Page 37 and 38: Check that end-user testing include
Page 39 and 40: read by the new software. Where nec
Page 41 and 42: - User access controls should ensur
Page 43 and 44: potential security weaknesses) and
Page 45 and 46: 9.6 Audit trails for computerised s
Page 47 and 48: - in the case of changes or modific
Page 49 and 50: 9.8 Review of data within computeri
Page 51 and 52: to access electronically stored dat
Page 53 and 54: Appropriate quality risk management
Page 55 and 56: Area for reviewComparison of analyt
Page 57 and 58: Accurate [4.1], [6.17] [5.40], [5.4
Page 59 and 60: 12 REMEDIATION OF DATA INTEGRITY FA
Page 61 and 62: 12.2.1.2 Evidence of open communica
Page 63: MetadataIn-file data that describes

Data integrity PIC S

You also want an ePaper? Increase the reach of your titles

Delete template?

Save as template?