Data integrity PIC S
good practices for data management and integrity in regulatory GMP/GDP environments
good practices for data management and integrity in regulatory GMP/GDP environments
Create successful ePaper yourself
Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.
Remote access to unsupported systems should be carefully evaluated due
to inherent vulnerability risks.
Potential risk of not meeting expectations/items to be checked
Verify that system updates are performed in a controlled and timely
manner. Older systems should be reviewed critically to determine
whether appropriate data integrity controls are integrated, or,
(where integrated controls are not possible) that appropriate
administrative controls have been implemented and are effective.
9.4 Data Transfer
Item: Data transfer and migration
1. Expectation
Interfaces should be assessed and addressed during validation to ensure
the correct and complete transfer of data.
Interfaces should include appropriate built-in checks for the correct and
secure entry and processing of data, in order to minimise data integrity
risks. Verification methods may include the use of:
o Secure transfer
o Encryption
o Checksums
Where applicable, interfaces between systems should be designed and
qualified to include an automated transfer of GMP/GDP data.
Potential risk of not meeting expectations/items to be checked
Interfaces between computerised systems present a risk whereby
data may be inadvertently lost, amended or transcribed incorrectly
during the transfer process.
Ensure data is transferred directly to the secure location/database
and not simply copied from the local drive (where it may have the
potential to be altered).
Temporary data storage on local computerised systems (e.g.
instrument computer) before transfer to final storage or data
processing location creates an opportunity for data to be deleted or
manipulated. This is a particular risk in the case of ‘standalone’
(non-networked) systems. Ensure the environment that initially
stores the data has appropriate DI controls in place.
Well designed and qualified automated data transfer is much more
reliable than any manual data transfer conducted by humans.
2. Expectation
Where system software (including operating system) is installed or
updated, the user should ensure that existing and archived data can be
PI 041-1 38 of 63 1 July 2021