header-image

Data Integrity - Requirements for a GMP-compliant Data Life Cycle & full-day pre-course session Audit Trail Review
Im Auftrag der ECA Academy

11-14 December 2018, Berlin, Germany

Seminar-Nr. 16498

Sprecher

Bob McDowall, R.D. McDowall Ltd.

Karl-Heinz Menges, Regierungspräsidium Darmstadt

Yves Samson, Kereon AG

Zielsetzung

  • You will learn the current regulatory requirements and regulatory expectations for an audit trail (review)
  • All GMP-relevant data (changes and deletions) should be audit trailed – you will learn how to identify GMP-relevant data
  • Event and audit logs: you will understand the differences between and what the regulators expect
  • How should an audit trail review be performed? You will get familiar with the content and the frequency of an audit trail review

  • Understand the current FDA and EU GMP regulations and guidance impacting data integrity from paper records to hybrid and electronic systems.
  • Understand the FDA requirements for data integrity, MHRA Data Integrity guidance July 2016 and WHO guidance from September 2015.
  • Learn what is required for a data governance system from senior management through to staff in laboratories, manufacturing and quality assurance.
  • Understand the data life cycle and how it is linked with the business process and where problems can occur for both paper records, hybrid systems and electronic systems.

Hintergrund

Audit Trail Reviews are required by international regulations like US 21 CFR Part 11 and EU GMP Guide Annex 11: Clause 9 requests:

“Consideration should be given, based on a risk assessment, to building into the system the creation of a record of all GMP-relevant changes and deletions (a system generated “audit trail”). For change or deletion of GMP-relevant data the reason should be documented. Audit trails need to be available and convertible to a generally intelligible form and regularly reviewed”

Regulators focus on the (creation), modification and deletion of (GMP-relevant) data while many IT systems are not able to generate audit trails at all or they are not able to generate audit trails for GMP-relevant data.

Therefore, this course is designed to support you to identify GMP-relevant data and how to perform and document an Audit Trail review as part of a second person review.

Data Integrity is a global problem and currently a major concern with FDA and European Regulatory Agencies. Multiple FDA warning letters and EU GMP non-compliance reports have highlighted major data integrity failures and falsification in companies globally. The regulatory concern has been responded by the FDA issuing Compliance Program Guide that covers Pre-Approval Inspections. This document became effective in May 2012. The CPG objective 3 covers the laboratory data integrity audit. Furthermore in August 2014, the FDA issued Level 2 guidance on their web site about the sharing of login credentials for computerized systems and the use of test injections for testing into compliance.

In Europe, the UK’s MHRA issued two versions of a Guidance for Industry on Data Integrity in January and March 2015. This document outlines a data integrity governance system and principles for defining quality and data integrity into processes and systems. In addition, the guidance defines 19 terms and provides expectations and examples for many of them and therein is where the document’s value lies. A new draft version of the Guidance was published in July 2016. The WHO guidance is complimentary to the MHRA guidance in that it provides guidance for data governance and also expectations for records in both paper and electronic form.

As the regulators are tightening their inspection approaches it is important that managers, supervisors and users in regulated GMP laboratories understand the issues around data integrity and begin programs to ensure that their processes and systems ensure data integrity.

Zielgruppe

This course is designed for managers and staff from health care industries as well for auditors who are responsible for the organisation and execution of audit trail (reviews) in their companies.

Programm

Audit Trail Review


Why Is An Audit Trail and Its Review Important?
  • Part 11 and Annex 11 / Chapter 4 requirements for audit trail
  • Regulatory requirements for audit trail review
  • Guidance documents for audit trail review
  • Do I really need an audit trail?
Audit trail vs. system log
  • Audit trail content
  • Log files
  • What and when should I review?
  • Meaningful audit trails for a meaningful review
What are GMP-relevant Data?
  • Annex 11 requires that audit trails monitor
  • GMP-relevant data – what are GMP-relevant data?
Review of Audit Trail Entries
  • Guidance for frequent is “frequent review” of audit trails
  • Process versus system: avoiding missing data integrity issues when only focussing on a per system review
  • What are we looking for in an audit review?
  • Suspected data integrity violation - What do we need to do?
Technical Controls to Aid Second Person Review of Audit Trails
  • Technical considerations for audit trail review e.g.
  • Identifying data that has been changed or modified – how the system can help
  • Documenting the audit trail review has occurred
  • Review by exception – how technical controls can help
  • Have you specified and validated these functions?
Workshop 1: Which Audit Trail to Review?
Attendees will be presented with an overview of the audit trails within an application and the content of each one. Which audit trails should be reviewed and when?

Workshop 2: Identifying GMP Relevant Data
Attendees will be presented with a list of records to identify if they are GMP records and how critical they are to help focus the second person review of audit trail data.
Examples from production, laboratory and QA examples of GMP-relevant data will be provided.

Workshop 3: Reviewing Audit Trail Entries
Attendees will be provided with the output of an audit trail to review and see if any potential issues are identified for further investigation.

Data Integrity


Why is Data Integrity Important? – Setting the Scene
  • Summary of falsification observed by FDA and EU inspectors 2005 – to date
  • FDAISA act 2012 and October 2014 Guidance for Industry and the impact on inspections
  • Inspection of computerised systems is changing: from paper to on-line
  • MHRA expectation for data governance; data integrity guidance documents 2016
  • FDA Level 2 guidance on data integrity: 2010 and 2014 postings
  • Impact of WHO guidance for data integrity
Data Integrity – EU GMP Requirements
  • EU GMP Chapter 4 – documentation
  • EU GMP Annex 11 computerised systems
  • Data integrity definitions
  • Difference between paper and electronic systems
Principles of Data Integrity
  • The ALCOA+ criteria for data integrity
  • Data life cycle in the process workflow – managing controls
  • Paper versus hybrid versus electronic systems
  • Validation of computerised systems for data integrity controls
  • Scope: production information versus laboratory data: why are laboratory data higher risk?
Facilitated Discussion / Workshop on Key Data Integrity Topics
  • Recording results on paper
  • Configuration of software applications
  • Unique user identities for all users
  • Unauthorised access
  • Appropriate access privileges for each user role
  • Is my chromatographic system ready? Role of “test” injections
  • Audit trails – options for older systems
  • Manual chromatographic integration
  • Standalone versus network systems
  • Protecting electronic records of standalone systems
WHO, MHRA and GAMP Data Integrity Guidances - Key Points
  • Data Governance System within the Pharmaceutical Quality System
  • Data Life Cycle
  • Spectrum of Systems: Paper to Electronic Systems with data integrity audit
  • The GAMP Records and Data Integrity Guide
FDA Draft Guidance for Industry ‘Data Integrity and Compliance with cGMP’
  • Background
  • Questions and Answers regarding Data Integrity
Role of Management in Data Integrity
  • Role of Senior, Production and Department Management in ensuring data integrity within an organisation and its suppliers
  • Data governance within a Quality System
  • Failures to address poor data integrity practices and no training
Development and Scope of a Data Governance System
  • Within a PQS, what is the scope of a data governance system?
  • Who are involved?
  • What are their roles?
Implementing Data Integrity Training
  • Scope of data integrity training
  • What cover in the training?
  • Checking training effectiveness
  • Integrating data integrity training with GMP training
US 21 CFR 211 and EU GMP Chapter 4: Complete data vs raw data vs primary record
  • Why complete data and raw data are important for understanding data integrity
  • EU GMP Chapter 4 requirements for raw data
  • 21 CFR 211 requirements for laboratory records: complete data
  • FDA Level 2 guidance: paper versus e-records
  • Complete data / raw data / primary record example
Case study: Data Integrity questions as part of an inspection
  • Lab System
  • QA System
  • Manufacturing Syste
m
Data Integrity in paper documentation
  • GMP requirements for good documentation practice
  • Application to paper documents
  • Common problems from FDA 483 observations and warning letters and how to avoid them
User Account Management and Application Configuration
  • Separation of roles and responsibilities between IT and the business
  • Documentation of the configuration of an application e.g. audit trail, user types and access privileges
  • User account management: the dos and don’ts
  • User identities must be unique
  • Regular review of each system users and privileges
IT Support for Data Integrity
  • IT facilities, environmental controls and physical security
  • Qualified IT infrastructure and validated IT systems
  • Backup and recovery / Change control
  • IT support including database administration
  • Impact of IT infrastructure on data integrity
Software Suppliers Responsibility for Data Integrity Compliance
  • Regulatory requirements for software systems: procedural and technical
  • Role of software suppliers
  • Regulations push v market needs pull
  • Implementing technical requirements for software: architecture, database and application
  • Marketing literature versus marketing bullshit
Case study: Can Spreadsheets meet Data Integrity requirements?
  • Problems with spreadsheets
  • Good Practice for using spreadsheets in a regulated environment
  • Building data integrity features into a spreadsheet
Supply Chain Data Integrity – Organisational Interfaces
  • Approaches to ensuring data integrity of your suppliers
  • Role of technical agreements and audits
Key Learning Points and Final Discussion
  • Summary of Data Integrity Requirements and Key Learning Points
  • Final Discussions and close of the course

Dieses Seminar/Webinar kann nicht gebucht werden. Alternative Termine für dieses Seminar/Webinar und ähnliche Veranstaltungen finden Sie in der Übersicht nach Thema..

Für viele Seminare und Webinare gibt es auch Aufzeichnungen, die Sie jederzeit bestellen und anschauen können. Diese Aufzeichnungen finden Sie in einer themensortierten Liste.

Oder senden Sie uns Ihre Anfrage einfach über das folgende Kontaktformular.

* auch unkompliziert per Kreditkarte bezahlbar
American Express Visa Mastercard

icon
Weitere Termine vor Ort
Weitere Termine vor Ort nicht verfügbar
icon
Weitere Termine online
Weitere Termine online nicht verfügbar
icon
Aufzeichnung nicht verfügbar

Haben Sie noch Fragen?

Wir stehen Ihnen für weitere Auskünfte gerne zur Verfügung.
Tel.: +49 6221 84 44 0
E-Mail: info@concept-heidelberg.de

Frau mit Headset

Zurück

Teilnehmerstimmen - das sagen andere über unsere Seminare:

Guter, breit gefächerter Überblick mit interessanten Verknüpfungen zur Praxis,
welche die Theorie super veranschaulicht.”
Marina Kicoranovic, Labor Hartmann GmbH
GMP/Basis-Einstiegsschulung (B 14), September 2023

Die Referenten waren sehr gut! Sie haben sehr klar gesprochen, nur sehr wenige englische Begriffe
verwendet (super) und waren sehr praxisbezogen.”
Astrid Gießler, Regierungspräsidium Karlsruhe
Live Online Seminar - Basiskurs Computervalidierung & Datenintegrität im GxP Umfeld (B 3), Juni 2023

Sehr guter Bezug zur Schulung für einen GMP-Anfänger. Habe mich sehr gut abgeholt gefühlt.”
Dr. Harald Werner, Infraserv GmbH & Co. Höchst KG
GMP-Basisschulung (B 1), Juni 2023

NEWSLETTER

Bleiben Sie informiert mit dem GMP Newsletter von Concept Heidelberg!

GMP Newsletter

Concept Heidelberg bietet verschieden GMP Newsletter die Sie auf Ihren Bedarf hin zusammenstellen können.

Hier können Sie sich kostenfrei registrieren.

Kontakt

Kontaktieren Sie uns

Haben Sie Fragen?

Concept Heidelberg GmbH
Rischerstraße 8
69123 Heidelberg

Tel. :+49622184440
Fax : +49 6221 84 44 84
E-Mail: info@concept-heidelberg.de

zum Kontaktformular