Course No 15392
If you have any questions, please contact us:
Tel.: +49 (0)6221 / 84 44 0 E-Mail: email@example.com
Bob McDowall, R.D.McDowall Ltd.
Karl-Heinz Menges, Regierungspräsidium Darmstadt
Yves Samson, Kereon AG
Understand the current FDA and EU GMP regulations and guidance impacting data integrity from paper records to hybrid and electronic systems
Understand the FDA requirements for data integrity and MHRA Data Integrity guidance March 2015
Learn what is required for a data governance system from senior management through to staff in laboratories, manufacturing and quality assurance
Understand the data life cycle and how it is linked with the business process and where problems can occur for both paper records, hybrid systems and electronic systems
Data Integrity is a global problem and currently a major concern with FDA and European Regulatory Agencies. Multiple FDA warning letters and EU GMP non-compliance reports have highlighted major data integrity failures and falsification in companies globally. The regulatory concern has been responded by the FDA issuing Compliance Program Guide that covers Pre-Approval Inspections. This document became effective in May 2012. The CPG objective 3 covers the laboratory data integrity audit. Furthermore in August 2014, the FDA issued Level 2 guidance on their web site about the sharing of login credentials for computerized systems and the use of test injections for testing into compliance.
In Europe, the UK’s MHRA in December 2013 gave notice to regulated users to begin conducting data integrity audits of their own systems and those of their suppliers from the beginning of 2014. In January and March 2015, MHRA issued two versions of a Guidance for Industry on Data Integrity. This document outlines a data integrity governance system and principles for defining quality and data integrity into processes and systems. In addition, the guidance defines 19 terms and provides expectations and examples for many of them and therein is where the document’s value lies.
As the regulators are tightening their inspection approaches it is important that managers, supervisors and users in regulated GMP laboratories understand the issues around data integrity and begin programs to ensure that their processes and systems ensure data integrity.
Managers and staff from Manufacturing, QC/QA and Analytical Development Laboratories of pharmaceutical companies
Contract Research Organisation and Contract Manufacturing Organisation manufacturing, laboratory and QA personnel
Auditors (internal and external) responsible for performing self-inspections or external audits and needing to understand and assess data integrity
Why is Data Integrity Important? – Setting the Scene
Summary of falsification observed by FDA and EU inspectors 2005 – to date
FDAISA act 2012 and October 2014 Guidance for Industry and the impact on inspections
Inspection of computerised systems is changing: from paper to on-line
MHRA expectation for data governance; data integrity guidance documents 2015
FDA Level 2 guidance on data integrity: 2010 and 2014 postings
Impact of WHO guidance for data integrity
Data Integrity – EU GMP Requirements
EU GMP Chapter 4 – documentation
EU GMP Annex 11 computerised systems
Data integrity definitions
Difference between paper and electronic systems
Principles of Data Integrity
The ALCOA+ criteria for data integrity
Data life cycle in the process workflow – managing controls
Paper versus hybrid versus electronic systems
Validation of computerised systems for data integrity controls
Scope: production information versus laboratory data: why are laboratory data higher risk?
WHO and MHRA Data Integrity Guidances - Key Points
Data Governance System within the Pharmaceutical Quality System
Data Life Cycle
Spectrum of Systems: Paper to Electronic Systems with data integrity audit
Role of Management in Data Integrity
Role of Senior, Production and Department Management in ensuring data integrity within an organisation and its suppliers
Data governance within a Quality System
Failures to address poor data integrity practices and no training
Development and Scope of a Data Governance System
Within a PQS, what is the scope of a data governance system?
Who are involved?
What are their roles?
Implementing Data Integrity Training
Scope of data integrity training
What cover in the training?
Checking training effectiveness
Integrating data integrity training with GMP training
US 21 CFR 211 and EU GMP Chapter 4: Complete data vs raw data vs primary record
Why complete data and raw data are important for understanding data integrity
EU GMP Chapter 4 requirements for raw data
21 CFR 211 requirements for laboratory records: complete data
FDA Level 2 guidance: paper versus e-records
Complete data / raw data / primary record example
Case study: Data Integrity questions as part of an inspection
Ensuring Data Integrity in a Chromatography System
Configuration of CDS software
SOP for integration
Using samples for testing the System
Audit Trails and their Review
Understanding Annex 11 requirements for audit trails
Differences between Part 11 and Annex 11 requirements for audit trail
Default comments versus free text as reasons for change
Review of audit trail entries: how to comply with Annex 11
Reality v regulation: are audit trails in commercial products ready for Annex 11?
User Account Management and Application
Separation of roles and responsibilities between IT and the business
Documentation of the configuration of an application e.g. audit trail, user types and access privileges
User account management: the do’s and don’ts
User identities must be unique
Regular review of each system users and privileges
IT Support for Data Integrity
IT facilities, environmental controls and physical security
Qualified IT infrastructure and validated IT systems
Backup and recovery / Change control
IT support including database administration
Impact of IT infrastructure on data integrity
GMP meets the Cloud
Regulatory compliance requirements to consider before going to the cloud
Are ISO 27001 or SSAE 16 adequate to meet GMP regulations?
Whose responsibility is data integrity when using the cloud?
Cloud suppliers: are you dealing with a single entity?
How to select a cloud supplier
Case study: Can Spreadsheets meet Data Integrity requirements?
Problems with spreadsheets
Good Practice for using spreadsheets in a regulated environment
Building data integrity features into a spreadsheet
Supply Chain Data Integrity
Approaches to ensuring data integrity of your suppliers
Role of technical agreements and audits
Key Learning Points and Final Discussion
Summary of Data Integrity Requirements and Key Learning Points
Final Discussions and close of the course
Facilitated Discussion / Workshop on Key Data
Recording results on paper
Configuration of software applications
Unique user identities for all users
Appropriate access privileges for each user role
Is my chromatographic system ready? Role of “test” injections
Audit trails – options for older systems
Manual chromatographic integration
Standalone versus network systems
Protecting electronic records of standalone systems
Workshop: Analysis of an FDA Warning Letter
Working in teams, attendees will analyse one of several FDA warning letters to identify key areas of regulatory concern
Group discussion of regulatory concerns identified
Workshop: Assessing a System for Data Integrity
Using a checklist based on the data integrity criteria, attendees will assess a system for data integrity