Introduction to the Course
- What will be covered in the course
- Introduction to the teaching team
- Roles of Quality Assurance and Quality Control defined and discussed
Regulatory Guidance for Data Integrity Quality Oversight
- Review of data integrity guidances: PIC/S, WHO, EMA, MHRA, GAMP Guide for quality assurance role in data integrity and data governance
- Building a framework for quality oversight for Data Integrity (DI) in a GMP analytical laboratory within the QMS
- How culture can impact data integrity
- Identifying key QA roles in the Data Integrity programme
Knowing and Managing Data Integrity Risk
- Data Process Mapping for Paper and Computerised Processes in the laboratory
- Identifying risk to records and mitigating them
Case Study 1: Data Process Mapping
- Review of data process maps for paper and hybrid process
- Identification of record and data integrity risks
- Proposals for risk mitigation
- Course feedback and discussion
Role of Quality Assurance in Control of Master Templates and Blank Forms
- Overview of regulatory guidance for blank forms – 1993 to date
- Process flows for master templates and blank form use
- Identifying the QA role in the process
- Look at alternative options from paper
Raising Data Integrity Concerns
- Process for handling concerns outlined
- Confidentiality of the people and process
- How to handle whistle blowers
Recap of Day 1 and Introduction to Day 2
Case Study 2: Handling Data Integrity Concerns
- How should a concern be raised and to whom?
- How will the matter be kept confidential?
- Generating a high-level scope and action plan
Overview of Data Integrity Audits and Investigations
- Regulatory guidance
- Approaches for DI audits – computer system inventories, paper processes and critical data identified
- Preventing overlap with computer system periodic reviews
- Dealing with data integrity violations: the DI Investigation
Case Study 3: Identifying Data Integrity Audit Priority and Frequency
- From a list of processes and systems attendees will identify the priority order of processes and systems to be audited
- From the priority, the audit schedule will be developed
- Frequency of DI audit of critical systems and paper processes
Case Study 4: Developing the Data
- Integrity Audit Coverage
- Scope of the data integrity audit
- What will you audit?
- How will you audit a computerised system vs. a paper process?
Case Study 5: Data Integrity
- Investigation – Determining the Scope
- A data integrity violation has been found during a data integrity audit and an investigation is to be launched
- In a facilitated discussion, the course will define the scope and boundaries of the Investigation
Case Study 6: Data Integrity
- Investigation – Findings, Root Cause and CAPAs
- A list of findings from the investigation will be given and attendees must determine if they are poor data management errors or falsification
- Identification of the root cause
- What are the CAPAs: immediate fixes and long-term remediation actions?
Post Live Online Training: Case Studies Audit Trail Review for CDS/Laboratory Systems
What Is An Audit Trail and Why is Its Review Important?
- Part 11 and Annex 11 / Chapter 4 requirements for audit trail
- Regulatory requirements for audit trail review
- Guidance documents for audit trail review
- Do I really need an audit trail?
- Static data and dynamic data impacts on audit trail functionality
When is an Audit Trail not an Audit Trail?
- What do we look for in an application for auditing?
- Pros and cons for event logs and audit logs?
- Audit trail(s)?
- Part 11 compliant system – does this help data integrity?
Case Study 1: Which Audit Trail to review?
- Attendees will be presented with an overview of the audit trails within an application and the content of each one. Which audit trails should be reviewed and when in the context of the work performed by the laboratory data system?
What are GMP-Relevant Data?
- Annex 11 requires that audit trails monitor GMP-relevant data – what are GMP relevant data?
- What are critical data?
Case Study 2: Identifying GMP-Relevant Data
- Attendees will be presented with a list of records to identify if they are GMP records and how critical they are to help focus the second person review of audit trail data.
Review of Audit Trail Entries
- What are we looking for in an audit trail review?
- Process versus system: avoiding missing data integrity issues
- Regulatory requirement is “frequent review” of audit trails
- What do we need to validate and what to check?
- Suspected data integrity violation - What do we need to do?
Case Study 3: Reviewing Audit Trail Entries
- Attendees will be provided with the output of an audit trail to review and see if any potential issues are identified for further investigation.
Controls to aid Second Person Review of Audit Trails
- Procedural controls for data review
- Technical considerations for audit trail review e.g. identifying data that has been changed or modified – how the system can help documenting the audit trail review has occurred
- Review by exception – how technical controls can help
- Have you specified and validated these functions?