Data integrity PIC S
good practices for data management and integrity in regulatory GMP/GDP environments
good practices for data management and integrity in regulatory GMP/GDP environments
Create successful ePaper yourself
Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.
Impact to product with actual or potential risk to patient health: Critical
deficiency:
Product failing to meet Marketing Authorisation specification at
release or within shelf life.
Reporting of a ‘desired’ result rather than an actual out of
specification result when reporting of QC tests, critical product or
process parameters.
Wide-ranging misrepresentation or falsification of data, with or
without the knowledge and assistance of senior management, the
extent of which critically undermines the reliability of the
Pharmaceutical Quality System and erodes all confidence in the
quality and safety of medicines manufactured or handled by the site.
Impact to product with no risk to patient health: Major deficiency:
Data being misreported, e.g. original results ‘in specification’, but
altered to give a more favourable trend.
Reporting of a ‘desired’ result rather than an actual out of
specification result when reporting of data which does not relate to
QC tests, critical product or process parameters.
Failures arising from poorly designed data capture systems (e.g.
using scraps of paper to record info for later transcription).
No impact to product; evidence of moderate failure: Major deficiency:
Bad practices and poorly designed systems which may result in
opportunities for data integrity issues or loss of traceability across a
limited number of functional areas (QA, production, QC etc.). Each
in its own right has no direct impact to product quality.
No impact to product; limited evidence of failure: Other deficiency:
Bad practice or poorly designed system which result in opportunities
for data integrity issues or loss of traceability in a discrete area.
Limited failure in an otherwise acceptable system, e.g. manipulation
of non-critical data by an individual.
11.2.5 It is important to build an overall picture of the adequacy of the key elements
(data governance process, design of systems to facilitate compliant data
recording, use and verification of audit trails and IT user access etc.) to make
a robust assessment as to whether there is a company-wide failure, or a
deficiency of limited scope/ impact.
11.2.6 Individual circumstances (exacerbating / mitigating factors) may also affect
final classification or regulatory action. Further guidance on the classification
of deficiencies and intra-authority reporting of compliance issues will be
available in the PIC/S Guidance on the classification of deficiencies PI 040.
PI 041-1 58 of 63 1 July 2021