Dr Markus Dathe, F. Hoffmann-La Roche AG, Switzerland
Dr Bob McDowall, R D McDowall Ltd., UK
Dr Christine Mladek, Boehringer Ingelheim, Germany
The objectives of this ECA educational course are:
- To provide tools to enable GMP regulated analytical laboratories to map their processes and identify risks and vulnerabilities to their records
- To understand the role of the new version of USP <1058> for analytical instrument qualification and the role in data integrity
- Take the attendees through key stages of chromatographic processes highlighting the areas where control is required
- Outline quality metrics for data integrity that could be used to monitor chromatographic analysis
Note that this course will not present or discuss basic data integrity topics such as the applicable regulations, regulatory guidance documents or the ALCOA principles
Quality by Design throughout the life of an analytical procedure is the new approach to method development and validation. The USP will be writing <1220> to complement <1224>, <1225> and <1226>. ICH Q2(R1) is also due to be updated as a consequence. The FDA method validation guidance issued in 2015 includes a section on lifecycle management, as well as the amendment of USP <1225>.
Data falsification and fraud as a result of poor data management practices and manipulation of chromatography data system (CDS) files continues to be a major regulatory topic. It is not confined to India and China but a global issue. Data management includes generating “complete data” to comply with 21 CFR 211 but also good chromatographic integration practices – when can manual integration be performed and when can’t it? What measures should GMP regulated analytical laboratories have in place to ensure the integrity of their chromatographic data? What should a second person reviewer do to ensure that procedures are complied with, data meet the ALCOA+ requirements and that audit trails are reviewed. The course will include the latest FDA, WHO, MHRA, PIC/S and GAMP guidance on the subject and other guidance documents due to be published or updated.
High performance liquid chromatography is a key analytical technique used in nearly all analytical laboratories in the pharmaceutical industry from analytical development to quality control. As such it is regulated with sections in all of the major pharmacopoeias (Ph.Eur., USP, etc.) as well as the subject of an FDA reviewer guidance document. However, HPLC and the associated CDS applications have been the source of major non-compliances involving data falsification and fraud since the Able Laboratories fraud case in 2005. Therefore, attendees will be given practical advice on ways to ensure chromatographic data integrity and carry out effective second person reviews.
This HPLC course will deal with helping attendees understand the latest USP and DI requirements for the successful application of HPLC in a regulated GMP laboratory. The emphasis will be on the following:
- Data process mapping as a technique to identify risks and vulnerabilities to data and records
- Understanding the changes in the new USP <1058> for Analytical Instrument Qualification (AIQ)
- The use of log books in ensuring data integrity in the chromatography laboratory
- The role of suppliers in ensuring data integrity for chromatographs and CDS application software
- Controlling chromatographic integration in a GMP context: when can integration parameters and manual integration be performed?
- Understanding the requirements for complete data and raw data
- Second person review for ensuring chromatographic data integrity
- Metrics for monitoring data integrity in HPLC laboratories
This course is intended for experienced chromatographers, HPLC Laboratory supervisors, QC Laboratory Managers and employees in Quality Assurance.
Introduction to the Course
The background and content of the course will be presented to set the scene for the two days.
Data Process Mapping: Why and How?
- Description of a data integrity model for data governance and data integrity in an organisation
- An analytical data life cycle
- Regulatory issues with HPLC and CDS
- Compliance requirements for a CDS
Major Changes in the new Version of USP <1058> for AIQ and Their Impact on Data Integrity – Part 1 URS to OQ
- What is data process mapping?
- Why is it important?
- Emphasis on process, manual and computerised system assessment.
- Don’t forget the whole analytical and data life cycles. Many labs focus on quick fixes and not long-term solutions: get rid of paper! Simple example of HPLC to spreadsheet to LIMS what are record vulnerabilities – lead into workshop. Risk management as further steps (e.g. to CAPA or not to CAPA?).
Ensuring HPLC Data Integrity: What Records Should Log Books Contain?
- The updated USP <1058> has major changes that impact data integrity.
- The new version of USP <1058> requires a user requirements specification, risk assessment to determine the Group based on intended use
- A separate DQ phase followed by OQ testing against URS requirements.
- The requirements should cover both the chromatograph as well as the CDS application.
- Harmonisation of USP <1058> with Annex 15 clauses 2.5, 3.2 and 3.3.
Role of Suppliers in Data Integrity
- Instrument and column log books are essential records for ensuring data integrity.
- What records should a log book contain?
- How often should these log books be reviewed?
- Must a log book be paper or can a log be electronic?
Complete Data and Raw Data for HPLC Analysis
- What is the role of a supplier in data integrity for specifications of liquid chromatographs?
- USP <1058> calls for suppliers to publish meaningful specifications.
- CDS software needs an architecture where data are acquired directly to the network, has a database and adequate technical controls for data integrity.
- IQ and OQ qualification protocols executed by a supplier’s engineer need to be reviewed before and after execution and ensure that records are complete, consistent and accurate.
Processing and Controlling Chromatographic Integration and Data
- FDA 21 CFR 211 regulations require complete data
- EU GMP Chapter 4 mentions raw data.
- What do these terms mean and what is their impact on HPLC records from regulated analyses?
- What about hybrid systems are paper or electronic records the main records?
- Definition of e-records for an HPLC analysis.
Major Changes in the new Version of USP <1058> for AIQ and their Impact on Data Integrity – Part 2 What Does PQ Really Mean?
- Process methods and data integration
- Training in process methods with the focus on integration
- Automatically processing versus manual intervention: when can I manually integrate a peak?
- Process requirements for reporting data – audit trail, integration, calculation e.g. custom fields etc.
- Training in chromatographic integration in a regulated environment.
- Manual intervention versus manual intervention: when can I manually integrate a peak?
Second Person Review and its Importance in Ensuring Data Integrity
- PQ is perhaps the most misunderstood part of the 4Qs model.
- The updated USP <1058> states that PQ consists of calibration, service, maintenance and monitoring of instrument performance.
- The new USP <1058> links PQ back to the instrument URS. How will you comply with this?
Metrics for HPLC Data Integrity
- Second person review (3rd and 4th eyes of the 4 eyes principle) is key to ensuring data integrity.
- Who should perform this task and what training and experience should they have?
- How to review HPLC analysis records and cross-correlation and consistency checks to be performed.
- What is review by exception and how should it be conducted?
- Differences to a normal GMP review?
- How can CDS support the review?
- To monitor and review chromatographic analysis and data integrity, regulatory guidance documents from WHO, MHRA and PIC/S require metrics to be generated.
- However, the PIC/S guidance contains a warning about metrics influencing analyst working and impacting DI.
- What metrics could be generated and reviewed for HPLC analysis?
- Why should metrics be generated automatically?
Workshop Audit Trail Review for CDS/Laboratory Systems
Why Is An Audit Trail and Its Review Important?
When is an Audit Trail not an Audit Trail?
- Part 11 and Annex 11 / Chapter 4 requirements for audit trail
- Regulatory requirements for audit trail review
- Guidance documents for audit trail review
- Do I really need an audit trail?
- Static data and dynamic data impacts on audit trail functionality
Workshop 1: Which Audit Trail to Review?
- What do we look for in an application for auditing?
- Pros and cons for event logs and audit logs?
- Audit trail(s)?
- Part 11 compliant system – does this help data integrity?
What are GMP-Relevant Data?
- Attendees will be presented with an overview of the audit trails within an application and the content of each one. Which audit trails should be reviewed and when in the context of the work performed by the laboratory data system?
Workshop 2: Identifying GMP Relevant Data
- Annex 11 requires that audit trails monitor GMP-relevant data – what are GMP relevant data?
- What are critical data?
Review of Audit Trail Entries
- Attendees will be presented with a list of records to identify if they are GMP records and how critical they are to help focus the second person review of audit trail data.
Workshop 3: Reviewing Audit Trail Entries
- What are we looking for in an audit trail review?
- Process versus system: avoiding missing data integrity issues
- Regulatory requirement is “frequent review” of audit trails
- What do we need to validate and what to check?
- Suspected data integrity violation - What do we need to do?
Attendees will be provided with the output of an audit trail to review and see if any potential issues are identified for further investigation.
Controls to Aid Second Person Review of Audit Trails
- Procedural controls for data review
- Technical considerations for audit trail review e.g. Identifying data that has been changed or modified – how the system can help documenting the audit trail review has occurred
- Review by exception – how technical controls can help
- Have you specified and validated these functions?