FDA : Ensuring data integrity is an important component of industry s

Transcription

1 DATA INTEGRITY & BPL M. M. Brunetti, RTC SpA, Pomezia 26 ottobre 2017 a marzo 2015 MHRA emette una Guidance su DI (GMP) a Settembre 2015 WHO emette una draft Guidance on good data and record management Final 15 June 2016 (GXP) aprile 2016 FDA emette una draft Guidance su DI (GMP Q&A) luglio 2016 MHRA emette una draft Guidance su DI & GXP agosto 2016 PIC/S emette una draft Guidance su DI (GMP) agosto 2016 EMA (sito web): Q&A su DI (GMP) cos è FDA (GMP): requirements for complete, consistent and accurate data MHRA (GXP): The extent to which all data are complete, consistent and accurate through the data lifecycle From initial data generation and recording through processing (including transformation or migration), use, retention, archiving, retrieval and destruction. scopo FDA : Ensuring data integrity is an important component of industry s responsibility to ensure the safety, efficacy, and quality of drugs, and of FDA s ability to protect the public health ALCOA cos è Attributable: The identity of the person/s completing a record should be unambiguous Legible (traceable and permanent): Data should be readable, understandable, allow reconstruction. It should not be possible to modify or recreate data without an audit trail which preserve the original record (Don t forget paper docs here) Contemporaneous: Data are recorded at the time they are generated or observed. The availability of records in the right place at the right time removes the need for staff to use loose scraps of paper, or their memory, to retain information for retrospectively completion in the official records Original or true copy: Original records includes the first or source capture of data. Accurate: Data should be correct, truthful, complete, valid and reliable.

2 (WHO) ALCOA - plus Attributable Legible Contemporaneous Original or true copy Accurate ALCOA - plus Complete Consistent Enduring Available paper requirements = electronic requirements FDA : the requirements for record retention and review do not differ depending on the data format; paper-based and electronic data record-keeping systems are subject to the same requirements To emphasize CCEA requirements, implicit basic ALCOA principles (WHO - glossary) Data Governance: The totality of arrangements to ensure that data, irrespective of the format in which they are generated, recorded, processed, retained and used to ensure a complete, consistent and accurate record through the data life cycle Data life cycle: All phases of the process by which data are created, recorded, processed, reviewed, analysed and reported, transferred, stored and retrieved and monitored until retirement and disposal. the risk. - FDA Quando un dato electronico diventa un dato CGMP? GXP When generated to satisfy a CGMP requirement, all data become a CGMP record You must document, or save, the data at the time of performance Not acceptable to record data on pieces of paper that will be discarded after the data are transcribed WL: Substitution of results following failing lab results; failure to record critical values at time activities were performed - Nov 2015 (WHO) 6.3: Management should create a work environment in which staff are encouraged to communicate failure and mistakes, including data reliability issues, so that CAPAs can be taken and the quality of an organisation s products and services enhanced. This includes ensuring adequate information flow between staff at all levels. Senior management should actively discourage any management practices that might reasonably be expected to inhibit the active and complete reporting of such issues, for examples, hierarchical constraint and blame cultures. L elemento culturale è il più difficile da gestire. - FDA Come dovrebbe essere limitato l accesso ai CS? FDA recommends you to restrict the ability to alter specifications, process parameters, or manufacturing or testing methods by technical means where possible (for example by limiting permissions to change settings or data). FDA suggests that the system administrator role, including any rights to alter files and settings, be assigned to personnel independent from those responsible for the record content. WL: Failure to prevent unauthorised access or changes to data Feb 2015

3 - FDA Perché l uso di shared login preoccupa la FDA? You must implement documentation that ensure actions are attributable to a specific individual When logic credentials are shared, a unique individual cannot be identified On paper you would sign/initial and date your work or the review of other s work WL: A password shared by four or five individuals was in use Dec FDA Quanto spesso va controllato l audit trail? FDA recommend that audit trails that capture changes to critical data be reviewed with each record and before final approval of the record. Audit trails subject to regular review should include changes to: history of finished product test results, sample run and sequences, sample identification, critical process parameters. WL: Lack of audit trails for lab instruments and turning off audit trails Apr 2015 & FRODE Esiste la percezione errata che la data integrity abbia a che fare con la frode Data integrity: non lasciare la possibilità di frodare Frode: manipolazione del dato La manipolabilità del dato è violazione della data integrity & FRODE Esiste la percezione errata che la data integrity abbia a che fare solo con i dati elettronici Data integrity: il dato va gestito e controllato in ogni sua forma, cartacea o elettronica Eliminare i sistemi computerizzati e tornare al dato cartaceo non elimina la necessità di data integrity, ma ne aumenta il peso e la difficoltà Difficoltà su come assicurare la data integrity più che su cosa MHRA Metadata (red text) Example (i): sodium choride batch 1234, 3.5 mg, J. Smith 01/07/14. Example (ii): Trial subject A123, sample ref X789 taken 30/06/14 at 14:56hrs. INR, 3.5 mg. Analyst J Smith 01/07/14. Data: 3.5 MHRA Audit Trail The relevance of data retained in the audit trails should be considered by the company to permit robust data review/verification. It is not necessary for audit trail review to include every system activity (e.g. user log on/off, keystrokes, ecc.) and may be achieved by review of appropriate designed and validated system reports. Where relevant audit trail functionality does not exists (e.g. within legacy systems and spreadsheets) an equivalent level of control may be achieved for example by the use of log books, protecting each version and change control.

4 FDA: static vs dinamic data/records format Static is used to indicate a fixed-data document such as a paper record or an electronic image, and dinamic means that the record format allows interaction between the user and the record content. For example, a dynamic chromatographic record may allow the user to change the baseline and reprocess the chromatographic data so that the resulting peaks may appear smaller or larger, It may also allow the user to modify formulas or entries in a spreadsheet used to compute test results or other information such as calculated yield. MHRA: static vs dinamic data/records format Example 2: chromatographic system provide dynamic electronic records in database format with the ability to track, trend and query data. This allows the reviewer (with proper access permissions) to interact with the data (e.g. view hidden fields and expand the baseline) to view the integration more clearly. Once printed or converted to static file format (e.g..pdfs), chromatography records lose the interaction capability. FDA - About raw data (chromatograms) slide MHRA: Application Manager (AM) access AM rights (permitting activities such as deletion, DB amendment or system configuration changes) should not be assigned to individuals with a direct interest in the data (data generation, data review or approval). Where this is unavoidable in the company structure, a similar level or control may be achieved by the use of a dual user accounts with different privileges. All changes performed under system administrator access should be visible to, and approved whitin, the quality system). MHRA: Excluding data. Data may be excluded where it can be demonstrated through sound science that the data is anomalous or non-representative. In all cases, this justification should be documented and considered during data review and reporting. All data (even if excluded) should be retained with the original data set, and be available in a format that allows the validity of the decision to exclude the data to be confirmed. MHRA True copy Definition A copy of original information that been verified as an exact (accurate and complete) copy having all of the same attributes and information as the original. The copy may be verified by dated signature or by validated electronic signature. A true copy may be retained in a different electronic file format to the original record, if required, but must retain the equivalent static/dynamic nature of the original record. MHRA True copy Original records and true copies must preserve the integrity (accuracy, completeness, content and meaning) of the record. True copies of original records may be retained in place of the original record (e.g. scan of a paper record), provided that a documented system is in place to verify and record the integrity of the copy. Companies should consider any risk associated with the destruction of original records.

5 MHRA True copy Data must be retained in a dynamic form where this is critical to its integrity or later verification. It is conceivable for some data generated by electronic means to be retained in an acceptable paper or pdf format, where it can be justified that a static record maintains the integrity of the original data. Howevere the data retention process must be shown to include verified copies of all raw data, metadata, relevant audit trail and result files, any variable SW/system configuration settings specific to each record, and all processing runs (including methods and audit trails) necessary for reconstruction of data set. It would also be required a documented means to verify that the printed records were an accurate representation. MHRA Establishing data criticality & inherent integrity risk The inherent risk to data integrity related to equipment and computerised systems may differ. based on the degree to which the data (or the system generating or using the data) can be configured, and therefore potentially manipulated (fig. 1). MHRA Establishing data criticality & inherent integrity risk The degree of effort and resources applied to the organisational and technical control of data lifecycle elements should be commensurate with its criticality in terms of impact to quality attributes. When manually recorded data requires stringent oversight, consideration should be given to risk-reducing supervisory measures. Examples include contemporaneous second person verification of data entry, or cross checks of related information sources (e.g. equipment log books). MHRA Establishing data criticality & inherent integrity risk fig. 1 FDA - About raw data (chromatograms) slide WHO Appendix 1, page 192 non validated CS in use - esempi destroying original data no audit trail sharing PW uncontrolled change of data user role setting not adequate equipment not calibrated backdating documentation after the event audit trail off

6