Deletion of Data: Does it have to be regulated in a SOP?
Recommendation
12-14 November 2024
Barcelona, Spain
Data Governance and Auditing the Analytical Process from Sampling to Reportable Value
Does there have to be a procedure in place for deleting data? Deleting GMP-relevant data is considered critical. The deletion of GMP-relevant data in a computerised system must be recorded by an audit trail. Annex 11 of the EU-GMP Guidelines states: "12.4 Management systems for data and for documents should be designed to record the identity of operators entering, changing, confirming or deleting data including date and time."
Basically, it must be possible to recognize who is deleting data within such systems. Deleting data endangers data integrity and is a critical step. Work steps must be described in standard operating procedures (SOPs):
Chapter 4 of the EU-GMP Guidelines - Required GMP Documentation: "Procedures: (Otherwise known as Standard Operating Procedures, or SOPs), give directions for performing certain operations."
Deleting data that is no longer required is allowed. Deletion is the last step in the data life cycle. Safe procedures must be established for the deletion of GMP data.
Data should normally only be deleted after the end of their retention period. There are very few exceptions as to when data may be deleted before the end of its retention period. This includes, for example, data that has been migrated to another system. The deletion of data must be described in detail in a relevant SOP.
Sources:
EU GMP Guide - Chapter 4
EU GMP Guide - Annex 11
Related GMP News
04.09.2024Switzerland: Changes for the Qualification of QPs (Responsible Person; RP in Switzerland)
04.09.2024Insufficient Root Cause Analysis leads to FDA Warning Letter
28.08.2024Switzerland to implement Measures to combat Shortages of Medicines
26.06.202410 points on how the FDA's CDER monitors the Quality of Medicinal Products
08.05.2024EMA Plans for the next three Years
30.04.2024Lean GMP: is "right-sizing" GMP and Compliance possible?