Data integrity PIC S

Recommendations

Info

and that they maintain access to the necessary software to enablereview of the archived data.Where external or third party facilities are utilised for the archivingof data, these service providers should be subject to assessment,and all responsibilities recorded in a quality technical agreement.Check agreements and assessment records to verify that dueconsideration has been given to ensuring the integrity of archivedrecords.4. ExpectationIt should be possible to print out a legible and meaningful record of all thedata generated by a computerised system (including metadata).If a change is performed to records, it should be possible to also print outthe change of the record, indicating when and how the original data waschanged.Potential risk of not meeting expectations/items to be checked Check validation documentation for systems to ensure that systemshave been validated for the generation of legible and completerecords. Samples of print-outs may be verified.5. ExpectationProcedures should be in place that describe the process for the disposal ofelectronically stored data. These procedures should provide guidance forthe assessment of data and allocation of retention periods, and describethe disposal of data that is no longer required.Potential risk of not meeting expectations/items to be checked Check that the procedures clearly stipulate the conditions for thedisposal of data, and that care is taken to avoid the inadvertentdisposal of required data during its lifecycle.9.10 Management of Hybrid SystemsItem:Management of Hybrid Systems1. Hybrid systems require specific and additional controls in reflection of theircomplexity and potential increased vulnerability to manipulation of data. Forthis reason, the use of hybrid systems is discouraged and such systemsshould be replaced whenever possible.Each element of the hybrid system should be qualified and controlled inaccordance with the guidance relating to manual and computerisedsystems as specified above.PI 041-1 52 of 63 1 July 2021
Appropriate quality risk management principles should be followed whenassessing, defining, and demonstrating the effectiveness of controlmeasures applied to the system.A detailed system description of the entire system should be available thatoutlines all major components of the system, the function of eachcomponent, controls for data management and integrity, and the manner inwhich system components interact.Procedures and records should be available to manage and appropriatelycontrol the interface between manual and automated systems, particularlysteps associated with:- manual input of manually generated data into computerisedsystems;- transcription (including manual) of data generated by automatedsystems onto paper records; and- automated detection and transcription of printed data intocomputerised systems.Potential risk of not meeting expectations/items to be checked Check that hybrid systems are clearly defined and identified, andthat each contributing element of the system is validated. Attention should be paid to the interface between the manual andcomputerised system. Inspectors should verify that adequatecontrols and secondary checks are in place where manualtranscription between systems takes place. Original data should be retained following transcription andprocessing. Hybrid systems commonly consist of a combination of computerisedand manual systems. Particular attention should be paid toverifying:o The extent of qualification and/or validation of thecomputerised system; and,o The robustness of controls applied to the management ofthe manual element of the hybrid system due to thedifficulties in consistent application of a manual process.2. Procedures should be in place to manage the review of data generated byhybrid systems which clearly outline the process for the evaluation andapproval of electronic and paper-based data. Procedures should outline:- Instructions for how electronic data and paper-based data iscorrelated to form a complete record.- Expectations for approval of data outputs for each system.- Risks identified with hybrid systems, with a focus on verification ofthe effective application of controlsPotential risk of not meeting expectations/items to be checked Verify that instructions for the review of hybrid system data is inplace.PI 041-1 53 of 63 1 July 2021
Page 1 and 2: PHARMACEUTICAL INSPECTION CONVENTIO
Page 3 and 4: 9.10 Management of Hybrid Systems .
Page 5 and 6: 3.5 The principles of data manageme
Page 7 and 8: o automation; oro the use of techno
Page 9 and 10: process consistency (e.g. biologica
Page 11 and 12: should clearly demonstrate that rep
Page 13 and 14: Staying continuously and actively i
Page 15 and 16: 6.7 Dealing with data integrity iss
Page 17 and 18: Data IntegrityAttributeRequirementt
Page 19 and 20: Specific elements that should be ch
Page 21 and 22: generation of working copies of doc
Page 23 and 24: 4. ExpectationDocuments should be s
Page 25 and 26: 8.5.2 Records should be appropriate
Page 27 and 28: Where appropriate, the reason for t
Page 29 and 30: 8.9 Direct print-outs from electron
Page 31 and 32: 8.11.2 A record/register should be
Page 33 and 34: 9.2.2 Validation alone does not nec
Page 35 and 36: osystems used in the decision proce
Page 37 and 38: Check that end-user testing include
Page 39 and 40: read by the new software. Where nec
Page 41 and 42: - User access controls should ensur
Page 43 and 44: potential security weaknesses) and
Page 45 and 46: 9.6 Audit trails for computerised s
Page 47 and 48: - in the case of changes or modific
Page 49 and 50: 9.8 Review of data within computeri
Page 51: to access electronically stored dat
Page 55 and 56: Area for reviewComparison of analyt
Page 57 and 58: Accurate [4.1], [6.17] [5.40], [5.4
Page 59 and 60: 12 REMEDIATION OF DATA INTEGRITY FA
Page 61 and 62: 12.2.1.2 Evidence of open communica
Page 63: MetadataIn-file data that describes

Data integrity PIC S

Create successful ePaper yourself

Delete template?

Save as template?