GMP and Critical Data

Basically, certain data terms should be described in an SOP, and here you should also find instructions on how to deal with these data types. Essentially, these are the following data types:

• Raw data 
• Source data 
• Critical data

This means that we should also define these data types in an SOP for our operation.

In the GMP Guidance, the term critical data only appears in one place - EU GMP Guidance Chapter 4, 4.27 ... "A system should be in place to indicate special observations and any changes to critical data."

The EU GMP Annex 11 also mentions "critical data" only in one place - Annex 11, 6. "Accuracy Checks: For critical data entered manually, there should be an additional check on the accuracy of the data."

So here we are talking about the modification of critical data and the correct entry of critical data into a computerised system.

We do not find a legal definition of critical data in EU GMP. This means that we should define the term in an SOP. There is also appropriate guidance on this. For example, in VDI/VDE 3516 Sheet 5 Validation in the GxP environment - Types of raw data, we find the following definition: "Critical data: Data that have a potential impact on patient safety, product quality and data integrity."

Further assistance can be found in EFG 11's AiM (Aide-Mémoire) - Monitoring Computerised Systems (only German). Here one can find the following question with answer:

"6-1 What data has been defined as critical in an assessment? Which data are to be considered critical should be defined in advance. In principle, data and the associated metadata are GMP-critical if they are needed to trace or assess a GxP activity."

From this description it can be indirectly inferred that there are actually no GMP-relevant data that are not critical. Both descriptions are therefore not insignificantly different and the question thus arises:

Are there any GMP-relevant data at all that are not critical? It can actually be assumed that GMP relevance also entails criticality, albeit to different degrees. This is confirmed by references in PIC/S PI 041 and the EMA Q&A on data integrity.

According to PIC/S PI 041, not all data have the same significance for product quality and patient safety. PIC/S PI 041 gives examples here. The data on the active ingredient content is more critical than the data on the cleaning protocol for the warehouse.

EMA Q&A DATA INTEGRITY: "How can data criticality be assessed?
The decision which data influences may differ in importance, and the impact of the data to a decision may also vary. Points to consider regarding data criticality include:

What decision does the data influence?"

Accordingly, we can define different levels of criticality, at least critical and less critical. The criticality of data depends on what the data is used for. For example, data used to determine batch release decisions is certainly critical.
Classifying data according to different criticality can make sense. This is also indicated, for example, in the concept paper on the amendment of EU-GMP Annex 11.

"[6] Guidelines should be included for classification of critical data and critical systems."

In principle, it can certainly be stated that all GMP-relevant data are critical in different ways. The decisive factor is whether data are GMP-relevant or not.