Recently FDA observed a lot of cGMP violation in pharmaceutical manufacturing facilities worldwide. Most of the violations are related to data integrity. However 21 CFR part 211 and 212 explain the requirements of FDA data integrity but still, companies are facing problems in documentation and electronic record maintenance.
1. Data must be evaluated by the quality department. Invalid data must be recorded with supporting data. Invalid test results must be investigated, documented with proper justification. Electronic data should be reviewed and retained the same as paper records.
2. Computer systems should be validated. The criteria of validation should be based on the indented use of the computerized system and its impact on product quality.
3. The computer system must be used by authorized personnel. Any used must not be authorized to modify or delete the data. Computer system access rights should be given to individuals according to their work. A list of authorized individuals should be maintained.
4. It is difficult to identify when personnel uses the same login credentials. FDA does not allow sharing login information between the computer system users. Personnel can share read-only user accounts to view data by which the user can’t modify or create data on the computer system.
5. Blank forms, log books and protocols used to fill data in manufacturing and quality control must be controlled. There should be an issuance record or these forms. There should be a reconciliation record for these issued documents.
6. Review if the audit trail is similar to the review if the paper documents. The audit trail should be reviewed by the personnel responsible for printed documents review. The personnel supervising the activity can also review the audit trails.
Related: ALCOA to ALCOA Plus for Data Integrity
8. According to FDA electronic records can be used as true copies of the paper documents. However, the original record and all supporting data must be preserved in its original form.
9. In standalone, computer systems like FTIR where electronic records are dynamic and can be changed after reprocessing, printed data must be stored after proper review of another person. In instruments like pH meter, balance, conductivity meter etc. those create printed records, the printed data must be retained.
10. Electronic signatures on electronic documents can be used instead of handwritten signatures. But this must be appropriately controlled and must not be misused. Electronic signatures must be identified when used on documents and it should be properly documented.
Related: FDA’s Top Data Integrity Issues Found During Inspections
11. Any electronic data become a cGMP record if any modification in data is recorded. For HPLC analysis data should be automatically recorded after each step instead of once at end of the process and any modification must be recorded in the audit trail. Injection sequence, incomplete and aborted injections should also be recorded in the audit trail.
12. FDA has issued warning letters to the firms on issues with the system suitability. System suitability should be performed by the firm’s written procedure. FDA considers it data security and integrity violation to use the actual sample for system suitability test. System suitability test must be done by multiple injections of standard solution.
13. Written procedures must be followed for chromatography analysis. Complete analysis data including notebooks, charts, graphs, spectrum and other analysis related data are FDA requirements.
14. Any falsification or alteration of data must be investigated and any effect on product quality must be determined. Necessary corrective action must be taken after determination of the root cause.
16. Paper and electronic records both are subjected to FDA inspection. This applies to computer generated and stored electronic data including the interdepartmental emails to release the batch. The firm must allow the FDA to review electronic communication records.
17. To minimize the data security issues firm may appoint a third-party auditor to find the issues that can harm the product quality. The firm may have an anonymous reporting system to report the data integrity lapses where anyone can report the issue to management without disclosing his/her identity.
Read full Data Integrity FDA Guideline Document here.
1. Data must be evaluated by the quality department. Invalid data must be recorded with supporting data. Invalid test results must be investigated, documented with proper justification. Electronic data should be reviewed and retained the same as paper records.
2. Computer systems should be validated. The criteria of validation should be based on the indented use of the computerized system and its impact on product quality.3. The computer system must be used by authorized personnel. Any used must not be authorized to modify or delete the data. Computer system access rights should be given to individuals according to their work. A list of authorized individuals should be maintained.
4. It is difficult to identify when personnel uses the same login credentials. FDA does not allow sharing login information between the computer system users. Personnel can share read-only user accounts to view data by which the user can’t modify or create data on the computer system.
5. Blank forms, log books and protocols used to fill data in manufacturing and quality control must be controlled. There should be an issuance record or these forms. There should be a reconciliation record for these issued documents.
6. Review if the audit trail is similar to the review if the paper documents. The audit trail should be reviewed by the personnel responsible for printed documents review. The personnel supervising the activity can also review the audit trails.
Related: ALCOA to ALCOA Plus for Data Integrity
8. According to FDA electronic records can be used as true copies of the paper documents. However, the original record and all supporting data must be preserved in its original form.
9. In standalone, computer systems like FTIR where electronic records are dynamic and can be changed after reprocessing, printed data must be stored after proper review of another person. In instruments like pH meter, balance, conductivity meter etc. those create printed records, the printed data must be retained.
10. Electronic signatures on electronic documents can be used instead of handwritten signatures. But this must be appropriately controlled and must not be misused. Electronic signatures must be identified when used on documents and it should be properly documented.
Related: FDA’s Top Data Integrity Issues Found During Inspections
11. Any electronic data become a cGMP record if any modification in data is recorded. For HPLC analysis data should be automatically recorded after each step instead of once at end of the process and any modification must be recorded in the audit trail. Injection sequence, incomplete and aborted injections should also be recorded in the audit trail.
12. FDA has issued warning letters to the firms on issues with the system suitability. System suitability should be performed by the firm’s written procedure. FDA considers it data security and integrity violation to use the actual sample for system suitability test. System suitability test must be done by multiple injections of standard solution.
13. Written procedures must be followed for chromatography analysis. Complete analysis data including notebooks, charts, graphs, spectrum and other analysis related data are FDA requirements.
14. Any falsification or alteration of data must be investigated and any effect on product quality must be determined. Necessary corrective action must be taken after determination of the root cause.
16. Paper and electronic records both are subjected to FDA inspection. This applies to computer generated and stored electronic data including the interdepartmental emails to release the batch. The firm must allow the FDA to review electronic communication records.
17. To minimize the data security issues firm may appoint a third-party auditor to find the issues that can harm the product quality. The firm may have an anonymous reporting system to report the data integrity lapses where anyone can report the issue to management without disclosing his/her identity.
Read full Data Integrity FDA Guideline Document here.
No comments:
Post a Comment
Please don't spam. Comments having links would not be published.