You've installed your chromatography data system in your laboratory, you've implemented user access controls and audit trails…..job done? Well, you're part way there.
The past couple of years have seen a significant increase in expectations from the regulatory bodies regarding Data Integrity within the pharma industry and has culminated with clearer guidance from the MHRA, FDA and PIC/S. Most companies are aware of the regulations and have taken significant steps forward in ensuring their computerised systems are compliant. There is however a common trend for companies to focus on one set of guidelines. In fact each set of guidelines should be used in harmony to design, deploy and validate your systems.
The following links provide access to the latest guidance on Data Integrity:
UK Medicines & Healthcare products Regulatory Agency (MHRA) - https://www.gov.uk/government/uploads/system/uploads/attachment_data/file/412735/Data_integrity_definitions_and_guidance_v2.pdf
European Medicines Agency (EMA) -http://www.ema.europa.eu/ema/index.jspcurl=pages/regulation/q_and_a/q_and_a_detail_000027.jsp
US Food and Drug Administration (FDA) - http://www.fda.gov/downloads/drugs/guidancecomplianceregulatoryinformation/guidances/ucm495891.pdf
Pharmaceutical Inspection Convention (PIC/S)
World Health Organisation (WHO) - http://www.who.int/medicines/areas/quality_safety/quality_assurance/Guidance-on-good-data-management-practices_QAS15-624_16092015.pdf
With many companies focusing on the critical areas of user control and audit trails it is important to remember that it doesn't end there. A couple of key points to take into consideration are:
It’s not just about your CDS, user access and audit trails. Yes, these are key areas to address but don't forget about your standalone systems such as UV and it’s critical that you must also consider the full data lifecycle.
The EMA guidance notes provide a lot more detail with regards to the expectations on data lifecycle. It's not just about how you control the data whilst within a specific system but what you do with that data outside of that system.
Validating a CDS adds little value if you then transfer this data into an uncontrolled system or you don't have adequate processes in place for backup and archiving of your electronic data. Systems such as LIMS (Laboratory Information Management Systems) can added significant value to your laboratory options in terms of efficiency but also with regards to ensuring that the integrity of your laboratory data is maintained.
A factor in the validation of any computerised systems is the risk assessment. This must identify the potential weaknesses in your system, how you intend to mitigate, test and review these.
If you are asked ‘can you completely assure that the integrity of your electronic data is infallible?’, the answer can't be ‘yes’. More important is that you understand the residual risks within your system, continue to review these and implement further mitigating procedures where required. This approach must be used to give yourself and the regulators confidence that the data has been generated and maintained in accordance with the appropriate regulatory guidance.
Broughton is an approved GMP contract laboratory regularly inspected by both the MHRA and FDA. Download our Quality Policy and Compliance Certificates.