Data integrity PIC S
good practices for data management and integrity in regulatory GMP/GDP environments
good practices for data management and integrity in regulatory GMP/GDP environments
Create successful ePaper yourself
Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.
to access electronically stored data backups or copies during the
retention period
- Routine backup copies should be stored in a remote location
(physically separated) in the event of disasters.
- Back-up data should be readable for all the period of the defined
regulatory retention period, even if a new version of the software
has been updated or substituted for one with better performance.
- Systems should allow backup and restoration of all data, including
meta-data and audit trails.
Potential risk of not meeting expectations/items to be checked
Check that data storage, back-up and archival systems are
designed to capture all data and relevant metadata. There should
be documented evidence that these systems have been validated
and verified.
The extent of metadata captured should be based on risk
management principles, and users should ensure that all metadata
critical in the reconstruction of activities or processes are captured.
Check that data associated with superseded or upgraded systems
is managed appropriately and is accessible.
2. Expectation
The record retention procedures should include provisions for retaining
the metadata. This allows for future queries or investigations to
reconstruct the activities that occurred related to a batch.
3. Expectation
Data should be backed-up periodically and archived in accordance with
written procedures. Archive copies should be physically (or virtually, where
relevant) secured in a separate and remote location from where back up
and original data are stored.
The data should be accessible and readable and its integrity maintained for
all the period of archiving.
There should be in place a procedure for restoring archived data in case an
investigation is needed. The procedure in place for restoring archived data
should be regularly tested.
If a facility is needed for the archiving process then specific environmental
controls and only authorised personnel access should be implemented in
order to ensure the protection of records from deliberate or inadvertent
alteration or loss. When a system in the facility has to be retired because
problems with long term access to data are envisaged, procedures should
assure the continued readability of the data archived. For example, it could
be established to transfer the data to another system.
Potential risk of not meeting expectations/items to be checked
There is a risk with archived data that access and readability of the
data may be lost due to software application updates or superseded
equipment. Verify that the company has access to archived data,
PI 041-1 51 of 63 1 July 2021