Introduction to the Course
Regulatory Guidance for Data Integrity Quality Oversight
- What will be covered in the course
- Introduction to the teaching team
- Roles of Quality Assurance and Quality Control defined and discussed
Knowing and Managing Data Integrity Risk
- Review of data integrity guidances: PIC/S, WHO, EMA, MHRA, GAMP Guide for quality assurance role in data integrity and data governance
- Building a framework for quality oversight for DI in a GMP analytical laboratory within the QMS
- How culture can impact data integrity
- Identifying key QA roles in the Data Integrity programme
Role of Quality Assurance in Control of Master Templates and Blank Forms
- Data Process Mapping for Paper and Computerised Processes
- Identifying risk to records and mitigating them
- Overview of regulatory guidance for blank forms – 1993 to date
- Process flows for master templates and blank form use
- Identifying the QA role in the process
- Look at alternative options from paper
Data Process Mapping
Raising Data Integrity Concerns
- Review of data process maps for paper and hybrid process
- Identification of record and data integrity risks
- Proposals for risk mitigation
- Course feedback and discussion
- Process for handling concerns outlined
- Confidentiality of the people and process
- How to handle whistle blowers
Handling Data Integrity Concerns; a Case Study
- How should a concern be raised and to whom?
- How will the matter be kept confidential?
- Generating a high-level scope and action plan
Recap of Day 1 and Introduction to Day 2
Overview of Data Integrity Audits and Investigations
- Regulatory guidance
- Approaches for DI audits – computer system inventories, paper processes and critical data identified
- Preventing overlap with computer system periodic reviews
- Dealing with data integrity violations: the DI investigation
From a list of processes and systems attendees will identify the priority order of processes and systems to be audited
From the priority, the audit schedule will be developed
Frequency of DI audit of critical systems and paper processes
- Identifying Data Integrity Audit Priority and Frequency
Developing the Data Integrity Audit Coverage
- Scope of the data integrity audit
- What will you audit?
- How will you audit a computerised system v a paper process?
A data integrity violation has been found during a data integrity audit and an investigation is to be launched
In a facilitated discussion, the course will define the scope and boundaries of the investigation
- Data Integrity Investigation – Determining the Scope
Data Integrity Investigation – Findings, Root Cause and CAPAs
- A list of findings from the investigation will be given and attendees must determine if they are poor data management errors or falsification
- Identification of the root cause
- What are the CAPAs: immediate fixes and long-term remediation actions?
Key Learning Points
Post-conference Workshop “Audit Trail Review for CDS/Laboratory Systems”
Why Is An Audit Trail and Its Review Important?
Part 11 and Annex 11 / Chapter 4 requirements for audit trail
Regulatory requirements for audit trail review
Guidance documents for audit trail review
Do I really need an audit trail?
Static data and dynamic data impacts on audit trail functionality
When is an Audit Trail not an Audit Trail?
What do we look for in an application for auditing?
Pros and cons for event logs and audit logs?
Part 11 compliant system – does this help data integrity?
Workshop 1: Which Audit Trail to Review?
Attendees will be presented with an overview of the audit trails within an application and the content of each one. Which audit trails should be reviewed and when in the context of the work performed by the laboratory data system?
What are GMP-Relevant Data?
Annex 11 requires that audit trails monitor GMP-relevant data – what are GMP relevant data?
What are critical data?
Workshop 2: Identifying GMP Relevant Data
Attendees will be presented with a list of records to identify if they are GMP records and how critical they are to help focus the second person review of audit trail data.
Review of Audit Trail Entries
What are we looking for in an audit trail review?
Process versus system: avoiding missing data integrity issues
Regulatory requirement is “frequent review” of audit trails
What do we need to validate and what to check?
Suspected data integrity violation - What do we need to do?
Workshop 3: Reviewing Audit Trail Entries
Attendees will be provided with the output of an audit trail to review and see if any potential issues are identified for further investigation.
Controls to Aid Second Person Review of Audit Trails
Procedural controls for data review
Technical considerations for audit trail review e.g. Identifying data that has been changed or modified – how the system can help documenting the audit trail review has occurred
Review by exception – how technical controls can help
Have you specified and validated these functions?