Professional Documents
Culture Documents
SUSTAINABLE
PERFORMANCE AND COMPLIANCE
Contents
Today’s World
Data Integrity Needs & Necessities
Noncompliance Highlights
Takeaways and
The way forward
Today's world of GMP
Focus on quality systems / concepts -
challenged , changed
Continuous improvement continues to
remain the focus….
Risk to the user is at the center….
Increased inspections
Change in the post inspection expectations
What do these pictures indicate
Some D questions ?????
No of warning letters 38 22 19 46 69
US warning letters 0/13 0/4 1/3 8/11 12/20
citing Data Integrity 0% 0% 33% 73% 60%
Year
2018 –
4 WLs
so far
with
2 direct
on DI
others
explicit !
EU violations data 2017
DATA INTEGRITY
DATA INTEGRITY
Even if 100 countries do a wrong thing,
its still a wrong thing
Diagnosis or prognosis ?
Problems seen globally - from domestic to international
Small to large, new to well established firms
Individual employee to a conspiracy
Isolated to pervasive frequency
In premarket and post market data
Clinical trial data to production data
Human errors of omission as well as commission
All types of regulated products affected
Identified thru inspections, policies and audits
THE BEGINNING
DATA INTEGRITY
– CONCEPTS,
FUNDAMENTALS
AND
ESSENTIALS
Understanding – Data
Integrity
What is data
facts and statistics collected
together for reference or
analysis.
What is integrity
the quality or condition of being
whole or undivided;
completeness.
Reality check
Data Integrity Definitions
The property that data has not been altered in an unauthorized manner
NIST (data integrity).Data integrity covers data in storage, during
processing, and while in transit
QUALITY SYSTEM
HYBRID RECORDS
PAPER PAPER ELECTRONIC ELECTRONIC
RECORDS RECORDS RECORDS RECORDS
ALCOA - RECAP
Attributable – data are identified with a specific subject and a specific observer and
recorder. (Password, audit trail and e-signature)
Legible – data are readable and understandable by humans (reports, tables, and
listings)
Original – data are recorded for the first time. (Source data and meta data)
Accurate – data are correct (Calculations, algorithms, analyses, and transmissions)
Meta Data “data about data”
Provides information about one or more aspects of the data
Used to summarize basic information about data
Makes tracking and working with specific data easier –
Examples :
Means of creation of the data
Purpose of the data
Time and date of creation
Creator or author of the data
Location on a computer network where the data was created
Standards used
File size
A picture is worth a thousand
words ……
A picture is worth a thousand
words ……
A picture is worth a thousand
words ……
Unearthed during an audit
Unaceptable storage
Unaceptable archival
During overseas audits too ….
And So on…
65
This too…
Companies 20 %
Data Integrity findings were
reported
C A U S E S ….
Lack of understanding
Willingness to please
Sloppiness
Inadequate Quality Systems to
Detect, Correct and Prevent
Intentional – data fraud ( Tidying / falsification )
M H R A – F R A U D ….
Documents presented during the inspection were found
to have differing information compared to the equivalent
documents found in an incineration area.
This issue related to:
batch records, analytical reports and area / equipment log
books
data submitted to EDQM for CEP dossier submission
Results in an inability to rely on any other information
presented in submissions or during inspection, as it‘s
authenticity is in question
„Tidying‟
DQ = D ( I + M )
Data Quality = Data Integrity + Data Management
Need both to better the important component of
final
PQ
Product Quality
Data Management
How data is collected and reported
How data is reviewed
How the integrity of data is protected
How calculation errors are handled
How alarms are managed
Who has the authority to invalidate data
What happens to this data? (i.e., discarded, archived with sample
analysis package, etc.)
How electronic data is protected from editing, changing, deletion?
How are passwords assigned and protected?
REGULATORY REFRENCES
Regulatory References
21 CFR Part 11
11.1 Scope:
―Electronic records and
signatures…to be
trustworthy, reliable, and
generally equivalent to
paper records and
handwritten signatures
executed on paper.‖
Regulatory References
21 CFR Part 11
11.10 Controls for closed systems:
―Persons who used closed systems to create, modify,
maintain, or transmit electronic records shall employ
procedures and controls designed to ensure the
authenticity integrity and when authenticity, integrity,
and, appropriate, the confidentiality of electronic
records, and to ensure the signer cannot readily
repudiate the signed record as not genuine.‖
Regulatory References
11.10 Controls for closed systems:
Validate systems (EU Annex 11: System (7))
Generate accurate and complete copies of records (EU
Annex 11: System (12))
Protect records (EU Annex 11: System (13, 14))
Limit system access (EU Annex 11: System (8))
Employ audit trails (EU Annex 11: System (10))
Regulatory References
21 CFR Part 11
11.50 Signature manifestations:
Signature integrity encompasses:
Printed name
Date and time
Meaning of signature
Regulatory References
21 CFR Part 11
Subpart C – Electronic Signatures:
Signature integrity also encompasses:
Uniqueness to an individual
Use of 2 identification components
Only 1 component required ―during a single, continuous
period of controlled system access‖
Fraudulent use ―requires collaboration of two or more
individuals‖
Regulatory References
21 CFR Part 11
11.70 Signature/record linking:
Signatures must be linked to
their respective records such
that the signatures ―cannot be
excised, copied or otherwise
transferred to copied, falsify an
electronic record by ordinary
means.‖
Regulatory References
21 CFR Part 11
11.30 Controls for identification
codes/passwords:
…………..
―Persons who use electronic
signatures based upon use of
identification codes in
combination with passwords shall
employ controls to ensure their
security and integrity.‖
Regulatory References
21 CFR Part 11
11.30 Controls for identification codes / passwords:
Uniqueness
Retirement of electronic signature components
Maintenance
Loss management procedures
―Use of transaction safeguards to prevent unauthorized use
of passwords and/or identification codes, and to detect and
report in an immediate and urgent manner any attempts at
their unauthorized use…‖
What is „audit trail?‟
Loose-leaf sheets/folders •Can group by experiment, •Can lose sheets, harder to prove
maintain order authenticity
•Easy to record data during
experiments
• More flexible to hold
various types of data
Electronic notebook •Easy to read •Must back up data, harder to prove
•Easy to do calculations authenticity
•Can be manipulated after the fact.
Barker, Kathy. At the Bench: A Laboratory Navigator. Cold Spring Harbor: Cold Spring Harbor
Laboratory Press (2005), 90. 125
Impact spreads
Regulators – Any answers ?
1. Will a citation fix the problem ?
2. Will an Import Alert resolve the issue ?
3. Can you enjoin these companies with the original
faith ?
4. Will a seizure or prosecution resolve it ?
5. Is punishment the only answer ?
How to overcome
The first principle – BE HONEST
The second principle – have a value based quality
system and culture
Personal integrity at all levels automatically leads to
data integrity
Realise, implement and always practice good
documentation
The third principle - CONSISTENCY
How to overcome
Individual development for institutional development –
Trust and accountability
Must put a much higher value on human life than we do
at present
No two different sets of standards — for domestic and
exports market
Active WHISLE BLOWER Mechanism ?, Honour the
messenger…..
Take local actions in terms of global compliance findings
Learnings from recent trends