preparing for successful data integrity audits in the …asqraleigh.org/conference/2017/mary chris...

Preparing for Successful Data Integrity Audits in the Pharmaceutical and Medical

Device IndustriesMary Chris Easterly

ASQ Raleigh, QIT 2017

General data integrity concepts Regulatory focus for inspections How to audit paper and electronic records

Overview

General Data Integrity Concepts

GMP Data Integrity Definitions and Guidance for Industry, MHRA (Medicines & Healthcare products Regulatory Agency, United Kingdom),March, 2015https://www.gov.uk/government/uploads/system/uploads/attachment_data/file/412735/Data_integrity_definitions_and_guidance_v2.pdf

Draft GxP Data Integrity Definitions and Guidance for Industry, MHRA, July, 2016https://www.gov.uk/government/uploads/system/uploads/attachment_data/file/538871/MHRA_GxP_data_integrity_consultation.pdf

Guidance on good data and record management practices, World Health Organization, May, 2016http://www.who.int/medicines/publications/pharmprep/WHO_TRS_996_annex05.pdf

Draft Data Integrity and Compliance with GMP Guidance for Industry, Food & Drug Administration, April, 2016https://www.fda.gov/ucm/groups/fdagov‐public/@fdagov‐drugs‐gen/documents/document/ucm495891.pdf

Draft Good Practices for Data Management and Integrity in Regulated GMP/GDP Environments, Pharmaceutical Inspection Convention Pharmaceutical Inspection Co‐operation Scheme (PIC/S), August, 2016

Data Integrity Requirements


Data Integrity:The extent to which all data are complete, consistent and accuratethroughout the data lifecycle


DATAAll original records, including source

data, metadata, subsequent transformations and reports, generated or recorded at the time of the activity. Allows full and complete reconstruction

and evaluation of the activity.

RAW DATAOriginal records and

documentation, retained in the format in which they were originally generated

(paper or electronic)

Original record: Data as the file or format in which it was originally generated, preserving the integrity (accuracy, completeness, content and meaning) of the record original paper record of manual observation electronic raw data file from a computerized system


Data must be: Attributable to the person generating the data

Legible Contemporaneous Original record Accurate


ALCOA, with additional emphasis on data being: Complete Consistent Enduring Available

General Data Integrity ConceptsGood Doc Practices

PrinciplePaper Electronic

Attributable Initials/signature by person who performed activity

Electronic signature (username + password)

Legible Indelible inkNo erasure or correction fluid/tapeChanges are corrected properly

Data is visible in fields

Contemporaneous Recorded at time of activityNo pre‐ or post‐dating

Record is saved when data is enteredTime/date stampsSynchronized time (for accuracy)

Original Paper formNo post‐its or temporary method of recording then transcribing data

Data generated by computerized systemIncludes metadataNot able to modify original data

Accurate Data recorded is accurateCalculations are checkedSecond person verification

Data transfers from original data system accurately (e.g., to LIMS, archival)Calculations correctSecond person verification

DI is not a new expectation of regulatory bodies. Predicate rules: 21 CFR 211, ICH Q7, 21 CFR Part 11, EudraLex Annex 11


§211.68: Changes in records are made by authorized personnelBackup data are exact and complete, and secure from alteration, inadvertent erasures, or loss

§211.160 Laboratory activities are documented at the time of performance

§211.188 Documentation that significant steps were accomplished including identification of person performing and supervising the steps

§211.194 Laboratory records include all data secured in the course of each test

EudraLex Vol. 4, 4.9

Changes made to entry are signed and dated; alteration permits reading of original information

EudraLex Vol. 4, Annex 11

Audit trails (record of all GMP‐related changes and deletions) need to be available and regularly reviewed

Regulatory Focus for Inspections

Primary Considerations for CGMP Enforcement: Is drug adulterated? Most important – patient risk High risk FDA takes quick action Sub‐ or super‐potent Contamination Sterility concerns Other defects


‐ Paula R. Katz, CDER, India Pharmaceutical Forum


‐ Paula R. Katz, CDER, India Pharmaceutical Forum

54 warning letters

47 import alerts

4 untitled letters

2016 OMQ Enforcement Actions

2016 Warning Letters: 19 ‐ Data Integrity Lack of control over access

to computerized systems Non‐contemporaneous

record‐keeping Deletion, falsification,

alteration, or othermanipulation

FDA concerns with data integrity: Shared login accounts: cannot identify a unique individual System administrator role: assign to personnel

independent from those responsible for record content All electronic data generated to satisfy a CGMP

requirement is a CGMP record Using actual samples during “system suitability” or test or

equilibration runs is a means of testing into compliance


‐ Paula R. Katz, CDER, PDA Data Integrity Workshop

FDA recommends audit trails that capture changes to critical data be reviewed with each record and before final approval of the record

Regular review of audit trails should include, at a minimum, changes to: History of finished product test results Sample run sequences Sample identification Critical process parameters


‐ Paula R. Katz, CDER, PDA Data Integrity Workshop

2 kinds of data integrity problems Top down, pervasive, dictated by management Bottom up, isolated, one or a few operators or analysts

If FDA finds DI issue in one place, assume it’s everywhere unless a credible audit determines otherwise

When something doesn’t look right, take a tangent and zero in on it


‐ Takahashi: Look Out for These Data Integrity Issues

Examples of what doesn’t look right: Test results for a one batch used to release other batches

(too many tests run in the time available)

Audit trail disabled until passing test results were obtained Failing and passing batches of active pharmaceutical ingredient blended to produce passing results lab and management knew about this practice

Created falsified training records that were requested during the inspection



Look for data that is too good No complaints, deviations, or out‐of‐specification

investigations



26 Active Pharmaceutical Ingredient FDA warning letters 12 focused primarily on data integrity concerns 4 focused secondarily on data integrity concerns Quality System records Only 2 of 17 complaints in complaint log; complete list found

on warehouse floor Many production deviations in a GMP Anomalies folder that

were not investigated or reported


‐ Bowman Cox, FDA GMP Warning Letters Review

Active Pharmaceutical Ingredient FDA warning letters Laboratory records and computerized systems Unofficial test records and deleted unknown peaks in

chromatograms – potential impurities Reference standard tested instead of 12 month stability

sample Retested samples until in‐specification results were

reported



Active Pharmaceutical Ingredient FDA warning letters Laboratory records and computerized systems Microbiologist did not record test results contemporaneously QC worksheet completed after FDA investigators asked for it Gas chromatograph clock set back to make it appear stability

test was done months earlier; failing tests deleted HPLC system configured to automatically delete aborted

tests, and turn back clock for passing results



2 Drug Product FDA warning letters focused on data integrity concerns Laboratory records and computerized systems

Trial HPLC injections; data stored separately from reported test results

Administrator privileges given to analysts, who changed time and date settings then overwrote and deleted HPLC test data

Unreported gas chromatography results, including out of specification test results for a raw material



2 Drug Product FDA warning letters focused on data integrity concerns Other records Batch record pages destroyed and replaced with

backdated revised pages Workers in production failed to record activities

contemporaneously Workers incinerated GMP documentation



How to Audit Electronic and Paper Records

Every quality audit is a data integrity audit. Outside auditors have the lowest probability of finding

Data Integrity Issues; internal auditors have the highest probability.

How to Audit Paper and Electronic Records

Request auditee to provide at opening meeting: List of all GMP computerized systems


Laboratory • LIMS (Laboratory Information Management System)• Chromatography, including HPLC, GC• Standalone vs. networked systems

Manufacturing • Manufacturing Requirements Planning• Building Automation Systems – monitor and alarm for

environmental conditions• Automated production equipment

Enterprise/ Quality System

• Complaints, training, deviations, change control, document control

Data Storage • Backups, archiving, retrieval of data after retirement

Request auditee to provide at opening meeting: Procedures for laboratory data generation, review, and approval; CofA

generation Procedure for providing, changing, and removing user access to e‐systems Procedure for investigating

deviations Certificate of Analysis (CofA)

for specific released batch –select a test that uses computerized systems: Trace from generation of

data to CofA


If you have concerns about putting instructions for how to handle DI issues into an SOP, know that all companies have some type of DI

occurrence. It’s part of human nature.

During opening meeting, select automated test from CofA: For specific instrument: SOPs for use of equipment, data archival, system

administration, user access/security levels Qualification of equipment showing how aspects of system

use were qualified Flowchart of data flow for computerized system, including

data backup and archival Who has access to modify or delete data from generation to archival?


Data Governance/Data Management: Procedure/Program/Plan for Data Integrity

Computerized systems not fully compliant? Gap analysis and remediation plan

Employee training on DI principles and their responsibilities Oversight of contractors and suppliers

Ensure contract laboratories and manufacturers have DI program and procedures

DI included in audits of contractors and suppliers DI included in quality agreement with contractors and suppliers

DI included in all Internal Audits


During audit walkthrough, for selected system: System administrator, user, second person reviewer present Ask for demonstration of system to generate, manipulate,

and review data Review related paper logbooks (equipment maintenance,

use)


During audit walkthrough: Review configuration settings for computerized system Password changes: change at first logon, # days to change Users with specific access types

Generic system administrator username should not be enabled Number of people with system administrator access (should be minimal)

Which people have system admin access (personnel with responsibility for data generated?)

Functions that specific access types perform


During audit walkthrough: Users with active accounts – current employees?

Training and access approval records Unique username/password (not shared)

Recorded password ‐ under keyboard, behind monitor, in drawers

Audit trail turned on; users cannot turn it off Contents of trash can

Data files that did not pass testing specifications? User ability to change computer or server time/date


During audit walkthrough: Data folders & files Look at data chronologically

Aborted runs – reason documented in e‐record or paper record

Sequential files with same or slightly modified name Files hidden in folders separate from official test data Dates and times on files Tests performed match paper use logbooks for

instrument


During audit walkthrough: Paper records: Documents posted, on counters, in trash cans, in drawers Personal notebooks in production and laboratory areas

Do they include GMP information?

Controlled issuance and reconciliation of laboratory forms ALCOA plus principles


Management Responsibility Work environment: staff encouraged to communicate

failures and mistakes, including data reliability issues Corrective and preventive actions taken Ensure adequate information flow between staff at all

levels Actively discourage management practices that might

inhibit the active and complete reporting of such issues (hierarchical constraints and blame cultures)


Data that is too good to be true Paper records from computerized systems are considered

original (raw) data although they do not include metadata

Red Flags

Our employees would never falsify data

The FDA reviewed our computer

systems and had no observations

We have never had a data

integrity issue

Our computer systems are

Part 11 compliant

Auditors need to determine: Is occurrence of a data integrity issue isolated or a

pattern for an individual, operational unit, or an entire organization?

Is occurrence a bad practice or intentional manipulation?


What is the risk to the product quality?

MHRA GMP Inspection Deficiency Data Trend 2016 https://www.gov.uk/government/uploads/system/uploads/attachment_data/file/609030/MHRA_GMP_Inspection_Deficiency_Data_Trend_2016.pdf

Current Expectations and Guidance, including Data Integrity and Compliance With CGMP, Sarah Barkow, PhD, Team Lead, CDER/OC/OMQ Guidance & Policy, ISPE DI Workshop, June 5, 2016 https://www.fda.gov/downloads/aboutfda/centersoffices/officeofmedicalproductsandtobacco/cder/ucm518522.pdf

Compliance Trends, Paula R. Katz, J.D., Dir., Mfg. Quality Guidance & Policy Staff, Office of Mfg. Quality, Office of Compliance, CDER, India Pharmaceutical Forum, Mumbai, India, Feb. 24, 2017 https://www.fda.gov/downloads/AboutFDA/CentersOffices/OfficeofMedicalProductsandTobacco/CDER/UCM549445.pdf

Additional Sources of Information

Regulatory Perspective: Data Integrity Guidance, PDA Data Integrity Workshop, Paula R. Katz, J.D., Dir., Mfg. Quality Guidance and Policy Staff, CDER/Compliance, Sep. 14, 2016 https://www.fda.gov/downloads/AboutFDA/CentersOffices/OfficeofMedicalProductsandTobacco/CDER/UCM539554.pdf

Takahashi: Look Out for These Data Integrity Issues, Pink Sheet & Gold Sheet, by Bowman Cox (subscription required), Mar. 28, 2014

FDA GMP Warning Letters Review: API Supplier Warnings Surge on Data Integrity Concerns, Pink Sheet, by Bowman Cox (subscription required), Apr. 26, 2017

FDA GMP Warning Letters Review: Foreign Drug Product Firms Hit Hard on GMP Basics, Pink Sheet, by Bowman Cox (subscription required), Apr. 27, 2017

Additional Sources of Information

Backup Slides

Uncontrolled documentation was noted throughout production engineering notebooks with set up details and passwords, crib notes on the wall of the goods in area, scraps of paper containing numbers of components brought onto line.

Printouts of particle count data from HEP filter testing were not transferred from thermal paper to non‐volatile media to ensure the integrity of the record throughout the retention period.

DI Observations ‐ EU

Following a software update, data was lost from an autoclave control system. The system backup was unable to recover lost data as the backup was only performed on a 3 monthly basis.

The backup CD/DVD for the autoclave control system was not stored within a controlled environment to assure its integrity.

Data from the integrity test was not backed up. The system was observed to overwrite previous data.

Backups were permitted to be made on the same computer drive which failed to ensure that a separate copy was available following drive failure or corruption.


Access to files and the system clock on the hard drive were available to all users

The lock screen used a shared password. If a user had logged into the software behind the lock screen and another user opened the computer, they could perform actions under the initial user’s login.

Users had more authorisation on the chromatography data system than was permitted according to the Sop.

Access control systems were not considered GMP systems despite their intended purpose to control access to GMP areas.


HPLC software in the laboratory was not configured for GMP compliance: Unique user passwords were not enforced Users were permitted to :

Change the default audit trail Change the default “require user comments” Copy non‐related projects Use annotation tools


Control of dosimeter readings was deficient: Dosimeters could be reread and individual thicknesses

be input into the system if a variation of 6% was identified for a location; this did not result in a deviation to review the validity of previous acceptable results

New thickness readings had no second person verification to ensure accuracy of the data used
