Data integrity PIC S

Recommendations

Info

- Data should be entered in a specified format that is controlled by thesoftware, validation activities should verify that invalid data formatsare not accepted by the system.- All manual data entries of critical data should be verified, either bya second operator, or by a validated computerised means.- Changes to entries should be captured in the audit trail andreviewed by an appropriately authorised and independent person.For automated data capture: (refer also to table 9.3)- The interface between the originating system, data acquisition andrecording systems should be validated to ensure the accuracy ofdata.- Data captured by the system should be saved into memory in aformat that is not vulnerable to manipulation, loss or change.- The system software should incorporate validated checks to ensurethe completeness of data acquired, as well as any relevantmetadata associated with the data.Potential risk of not meeting expectations/items to be checked Ensure that manual entries of critical data made into computerisedsystems are subject to an appropriate secondary check. Validation records should be reviewed for systems using automateddata capture to ensure that data verification and integrity measuresare implemented and effective, e.g. verify whether an auto savefunction was validated and, therefore, users have no ability todisable it and potentially generate unreported data.2. ExpectationAny necessary changes to data should be authorised and controlled inaccordance with approved procedures.For example, manual integrations and reprocessing of laboratory resultsshould be performed in an approved and controlled manner. The firm’squality unit should establish measures to ensure that changes to data areperformed only when necessary and by designated individuals. Original(unchanged) data should be retained in its original context.Any and all changes and modifications to raw data should be fullydocumented and should be reviewed and approved by at least oneappropriately trained and qualified individual.Potential risk of not meeting expectations/items to be checked Verify that appropriate procedures exist to control anyamendments or re-processing of data. Evidence shoulddemonstrate an appropriate process of formal approval for theproposed change, controlled/restricted/defined changes andformal review of the changes made.PI 041-1 48 of 63 1 July 2021
9.8 Review of data within computerised systemsItem:Review of electronic data1. ExpectationThe regulated user should perform a risk assessment in order to identify allthe GMP/GDP relevant electronic data generated by the computerisedsystems, and the criticality of the data. Once identified, critical data shouldbe audited by the regulated user and verified to determine that operationswere performed correctly and whether any change (modification, deletionor overwriting) have been made to original information in electronic records,or whether any relevant unreported data was generated. All changes shouldbe duly authorised.An SOP should describe the process by which data is checked by a secondoperator. These SOPs should outline the critical raw data that is reviewed,a review of data summaries, review of any associated log-books and hardcopyrecords, and explain how the review is performed, recorded andauthorised.The review of audit trails should be part of the routine data review within theapproval process.The frequency, roles and responsibilities of audit trail review should bebased on a risk assessment according to the GMP/GDP relevant value ofthe data recorded in the computerised system. For example, for changesof electronic data that can have a direct impact on the quality of themedicinal products, it would be expected to review audit trails prior to thepoint that the data is relied upon to make a critical decision, e.g. batchrelease.The regulated user should establish an SOP that describes in detail how toreview audit trails, what to look for and how to perform searches etc. Theprocedure should determine in detail the process that the person in chargeof the audit trail review should follow. The audit trail review activity shouldbe documented and recorded.Any significant variation from the expected outcome found during the audittrail review should be fully investigated and recorded. A procedure shoulddescribe the actions to be taken if a review of audit trails identifies seriousissues that can impact the quality of the medicinal products or the integrityof data.Potential risk of not meeting expectations/items to be checked Check local procedures to ensure that electronic data is reviewedbased on its criticality (impact to product quality and/or decisionmaking). Evidence of each review should be recorded and availableto the inspector. Where data summaries are used for internal or external reporting,evidence should be available to demonstrate that such summarieshave been verified in accordance with raw data.PI 041-1 49 of 63 1 July 2021
Page 1 and 2: PHARMACEUTICAL INSPECTION CONVENTIO
Page 3 and 4: 9.10 Management of Hybrid Systems .
Page 5 and 6: 3.5 The principles of data manageme
Page 7 and 8: o automation; oro the use of techno
Page 9 and 10: process consistency (e.g. biologica
Page 11 and 12: should clearly demonstrate that rep
Page 13 and 14: Staying continuously and actively i
Page 15 and 16: 6.7 Dealing with data integrity iss
Page 17 and 18: Data IntegrityAttributeRequirementt
Page 19 and 20: Specific elements that should be ch
Page 21 and 22: generation of working copies of doc
Page 23 and 24: 4. ExpectationDocuments should be s
Page 25 and 26: 8.5.2 Records should be appropriate
Page 27 and 28: Where appropriate, the reason for t
Page 29 and 30: 8.9 Direct print-outs from electron
Page 31 and 32: 8.11.2 A record/register should be
Page 33 and 34: 9.2.2 Validation alone does not nec
Page 35 and 36: osystems used in the decision proce
Page 37 and 38: Check that end-user testing include
Page 39 and 40: read by the new software. Where nec
Page 41 and 42: - User access controls should ensur
Page 43 and 44: potential security weaknesses) and
Page 45 and 46: 9.6 Audit trails for computerised s
Page 47: - in the case of changes or modific
Page 51 and 52: to access electronically stored dat
Page 53 and 54: Appropriate quality risk management
Page 55 and 56: Area for reviewComparison of analyt
Page 57 and 58: Accurate [4.1], [6.17] [5.40], [5.4
Page 59 and 60: 12 REMEDIATION OF DATA INTEGRITY FA
Page 61 and 62: 12.2.1.2 Evidence of open communica
Page 63: MetadataIn-file data that describes

Data integrity PIC S

You also want an ePaper? Increase the reach of your titles

Delete template?

Save as template?