Data Integrity Compliance for Paper Forms and Electronic Data Created in Regulated Laboratories and Manufacturing – Where Forms are Used Today in Regulated GxP Environments

  

Guest Author: Heather Longden

Ms. Heather Longden has thirty (30) years of experience in regulatory compliance in the pharmaceutical industry and is an expert in data integrity, data management, 21 CFR Part 11, GxPs, and computer system validation. She is a leader at the GAMP® Americas Steering Committee and serves on the the ISPE Boston Area Chapter Board and Education Program Committee (EPC).

In this moths blog, I will dive deeper into why and where paper/printed forms are still used in Pharma manufacturing and testing facilities who are purporting to meet regulatory GxP requirements.

But first, a couple of definitions and notes. In most cases, I will be referring to forms that are printed, completed in pen, and then stored as paper records. However, when those forms are then scanned and stored electronically as PDF files, I will still refer to them as paper forms, regardless of the format of the archived ‘copy’.

Forms issued, completed AND stored electronically will be discussed later, as they generally have their own compliance requirements to address.

Good documentation practice is essential for all records required by a regulatory predicate rule. Some companies still refer to this as GDP, however, since the introduction of Good Distribution Practice, which claimed the GDP acronym, documentation regulations now use the term GDocP. Continue reading “Data Integrity Compliance for Paper Forms and Electronic Data Created in Regulated Laboratories and Manufacturing – Where Forms are Used Today in Regulated GxP Environments”

Data Integrity Compliance for Paper Forms and Electronic Data  Created in Regulated Laboratories and Manufacturing – A Review of Two Recent FDA Warning Letters

  

Guest Author: Heather Longden

Ms. Heather Longden has thirty (30) years of experience in regulatory compliance in the pharmaceutical industry and is an expert in data integrity, data management, 21 CFR Part 11, GxPs, and computer system validation. She is a leader at the GAMP® Americas Steering Committee and serves on the the ISPE Boston Area Chapter Board and Education Program Committee (EPC).

Reading a newly published FDA Warning letter (1)

“https://www.fda.gov/inspections-compliance-enforcement-and-criminal-investigations/warning-letters/nortec-quimica-sa-639894-12082022”

I was surprised and ‘not surprised’ to see ‘analytical worksheets’ mentioned in the midst of some basic electronic data integrity observations.

… the “analytical worksheet forms” used for recording testing results in the quality control (QC) laboratory are not controlled as there was no unique number, signature, or any other traceable element on the forms themselves to identify when or by whom it was issued.

It is not clear or obvious if this observation refers to paper forms or electronic forms, but in fact, it really makes no difference to the Quality Units’ responsibility to review and ‘reconcile’ forms and documents. In this specific example, the inspector was concerned about the correct assignment of ‘Attributability’ or the first A in ALCOA+. This is likely because other observations on electronic laboratory records also suggested issues with attributability. Continue reading “Data Integrity Compliance for Paper Forms and Electronic Data  Created in Regulated Laboratories and Manufacturing – A Review of Two Recent FDA Warning Letters”

21 CFR Part 11 Compliance for Spreadsheets

Since the FDA’s Data Integrity guidance came out in April 2016, there has been a lot of interest on the topic. Indeed, the number of warning letters for drug GMPs increased by 12% in FY2017 as compared to the previous year. 65% of these warning letters cited data integrity violations.

In a world awash with data, where does one start to improve data integrity? From an IT perspective, data is generally classified as:

  • Structured data, that normally resides in a relational database such as SQL or Oracle. Enterprise applications such as ERP, MES and LIMS typically store their data in such relational databases and are examples of structured data.
  • Unstructured data, that refers to files residing on users’ local machines or network drives. Common examples of unstructured data include spreadsheets, Word/PDF documents, drawings, instrument lab or other raw data files in CSV or TXT format.

Data integrity assurance requires a number of components that include, but are not limited to, security, audit trails and electronic signatures. Applying a risk-based approach to data would lead to the following general conclusions: Continue reading “21 CFR Part 11 Compliance for Spreadsheets”

Sustainable Business Practice leading to Quality and Compliance Enhancements

Companies that use spreadsheets for business process that involve GCP, GLP or GMP outcomes often look to tighten up good practice by focusing on the most immediate
problem(s) at hand. Typically that involves one or more of the following processes:

1. Validate of the spreadsheet
2. Verify that the use of the spreadsheet complies with Predicate rules and 21 CFR Part 11 requirements for security, audit trail and e-Signature sign offs
3. Validate the application providing the controls

All three processes are important and play a critical role in the proper use of spreadsheets in labs, clinical trials, research or manufacturing and in meeting requirements of 21 CFR Part 11. Continue reading “Sustainable Business Practice leading to Quality and Compliance Enhancements”