Data Integrity in a GxP-regulated Environment - Pauwels Consulting Academy

Data Integrity in a GxP-regulated environment

Dec. 6 2016Angelo Rossi

Sr. Regulatory Compliance Consultant

22

Workshop objectivesAgenda

• Definitions and concepts of data integrity• Change in regulatory focus• Lesson from recent FDA warning letters• Regulations and guidelines - highlights• Data Integrity for Computerized System: a practical example• How to achieve an acceptable data integrity control

33

Definition of Data Integrity

• In the context of a GxP environment, data integrity can be defined as the act of maintaining and assuring the accuracy and consistency of data over its entire life-cycle. Data integrity is a critical aspect to the design, implementation and usage of any system which stores, processes or retrieves data.

• Data integrity also refers to the protection of the original data from accidental or intentional modification, falsification, or deletion (McCulloch, Woodson and Long, 2014).

In a GxP environment

44

Industry & Data Integrity issuesData Integrity Inspection statistics

• In recent years, regulatory inspections by both US and European investigators have reported a significant increase in the number and types of data integrity issues.

• The FDA issued 19 warning letters (excluding those issued to compounding pharmacies), 74% of these regarding data integrity associated deficiencies

• Even though the total number of warning letters decreased during 3 years time period, the percentages adressing data integrity increased

55

Change in Regulatory Focus

As a consequence, recently, regulatory inspections are looking more closely at international facilities for altered and manipulated records, and authorities…

introduced guidance to outline data integrity expectations to support the existing regulations

increased the level of inspections and controls (with specialized staff) focusing on systems’ data management

strengthened enforcement actions coupled with aggressive prosecution

66

Change in Regulatory FocusREGULATIONS AND GUIDANCE

• In March 2015, the HMA (Heads of Medicines Agencies) and EMA (European Medicines Agency) issued a draft document “EU Medicines Agencies Network Strategy to 2020” to plan the strategy of the EU regulators for the upcoming 5 years. This report also enforces controls to ensure that all suspicions of problems with data integrity are thoroughly investigated

• In August 2016, the EMA and the Pharmaceutical Inspection Co-operation Scheme (PIC/S) released a new draft guidance ”Good Practices for Data Management and Integrity in Regulated GMP/GDP Environments” and a Q&A document

77

• In January 2014, the MHRA announced that the pharmaceutical industry is expected to review data integrity within the frame of self-inspections. In January 2015, the MHRA published a Guideline GMP Data Integrity Definitions and Guidance for Industry; a new draft was released in July 2016

• In April 2016, the FDA published a draft Guidance “Data Integrity and Compliance With CGMP”

Change in Regulatory FocusREGULATIONS AND GUIDANCE

88

Example of Warning Letters

Micro Labs Limited, 9 January 2015

• Failure to include complete test data to assure compliance with defined specifications and standards (21 CFR 211.194(a)); not including OOS data for evaluation of batch release

• Failure to record and justify deviations from your SOPs (21 CFR 211.160(a))

• Failure to ensure authorized access control over computer or related systems in order to prevent changes in master production and control records, or other records (21 CFR 211.68(b)); audit trail not configured, data substitution

99


Hospira Spa, 31 March 2015

• Failure to ensure that laboratory records included complete data derived from all tests necessary to assure compliance with established specifications and standards (21CFR 211.194(a))

Transox Inc., 8 June 2015

• Failure to include complete Data necessary to document conformance to final specifications for the drug product (21 CFR211.165(a))

1010


Mahendra Chemicals, 13 July 2015

• Failure to prevent unauthorized access or changes to data, and to provide adequate controls to prevent omission of data; data files in the recycle bin, no password functionality, no audit trail, no CAPA plan

• Failure to record activities at the time they are performed and destruction of original records; backdating batch production data after batch release

• Failure to train employees on their particular operations and related CGMP practices; destroying original production records

1111

Sun Pharmaceutical Industries Ltd, 12/17/15

• Failure to control the access to PLC levels or MMI equipment. Missing audit-trail to ensure that individuals have not changed, adjusted, or modified equipment operation parameters.

• Failure to ensure, with equipment logbook, traceability to the individual operator using a shared login


1212


Megafine Pharma Limited, 19 May 2016

• Failure to ensure that, for each batch of intermediate and API, appropriate laboratory tests are conducted to determine conformance to specifications; falsifying test data for stability batch

• Failure to prevent unauthorized access or changes to data and failure to provide adequate controls to prevent manipulation and omission of data; deletion of unknown OOS peaks

1313

Common findings

Non-contemporaneous

recordingBack-dating

Copy of existing data as new information

Re-running samples to obtain

better resultsData fabrication Data discarding

1414

• Non-contemporaneous recording: Failure to record activities at the time when activity was performed; there is evidence that the records were signed by company personnel when the person was actually absent on that day

• Document back-dating: Back-dating stability test results to meet the required commitments

• Copy of existing data as new information: Test results from previous batches were used to substitute testing for another batch or acceptable test results were created without performing the test

Common findings

1515

• Re-running samples to obtain better results: Multiple analyses of assay were done with the same sample without adequate justification and in some cases samples were tested unofficially or as a trial analysis until desired test results were obtained

• Data fabrication and data discarding: Original raw data and records were altered e.g. by using correction fluid or manipulation of a poorly defined analytical procedure and associated data analysis in order to obtain passing results

Common findings

1616

Common findingsComputerized System

Use of shared accounts/shared

password/incorrect privileges

Audit-trail not enabled or deactivated

System time/date not protected or

not reliable

Unofficial testing of samples

No back-up of electronic data

Archived (old) records with unsupported

format

1717

Consequence of failure

PatientPatient SafetyProduct Efficacy

BusinessRegulatory ActionsUndermine Trust

IMPACTDATA

INTEGRITYBREACH

1818

Importance of Data Integrity

• It is very important that the records (paper and electronic) generated in a pharmaceutical environment meet the necessary requirements to ensure product quality and patient safety.

When we fail to follow these rules, it can have a significant impact on the quality of the product being manufactured.

1919

Reasons for Data Integrity ViolationsRoot Causes

2020

• Even with an appropriate governance system to ensure data integrity in place, individuals can give rise to falsification of records and fraudulent data:• Falsification: creating, altering, recording, or omitting data in such a

way that the data do not represent what actually occurred • Fraud: Wrongful or criminal deception intended to result in financial

or personal gain• Falsification of data is a major concern for regulators and a

major driver for regulators to increase the level of concern of data integrity

• A regulator does not distinguish between human error and data falsifications when assessing data-integrity failure

Reasons for Data Integrity ViolationsFalsification and fraud

2121

Regulations and Guidelines

• Regulations• GxPs: Good Documentation Practices (paper)• FDA 21CRF Part 11 (electronic)• EU/PICS Annex 11 (electronic)

• Guidelines from agencies and industry• FDA Data Integrity and Compliance with cGMP (paper and electronic)• UK MHRA GMP Data Integrity (paper and electronic)• (EMA and) PIC/S Draft Guidance “Good Practices for Data

Management and Integrity in Regulated GMP/GDP Environments” (paper and electronic)

• Enforcements actions• Warning Letters and 483 inspectional observations

2222

Regulations and GuidelinesFDA draft guidance - Highlights

• The FDA draft guidance is complementary to the 21CFR211 regulations for current GMP (cGMP); it enforces its interpretation toward the integrity of data generated in pharmaceutical manufacturing

• Unlike those from the WHO and MHRA guidance documents, it is presented in the format of FDA draft guidance 18 questions and answers

2323

Regulations and Guidelines

Principles from the paper-and-ink era still apply, e.g.:

• § 211.68 requires that backup data are exact and complete, and secure from alteration, inadvertent erasures, or loss

• § 212.110(b) requires that data be “stored to prevent deterioration or loss”

• §§ 211.100 and 211.160 require that certain activities be documented at the time of performance and that laboratory controls be scientifically sound

• § 211.180 requires true copies or other accurate reproductions of the original records

• §§ 211.188, 211.194, and 212.60(g) require complete information, complete data derived from all tests, complete record of all data, and complete records of all tests performed.

2424

Terms associated with ALCOA+

A Attributable Who performed an action and when? If a record is changed, who did it and why? Link to the source data

L Legible Data must be legible (readable), permanent and accessible throughout the data lifecycle

C Contemporaneous Data are recorded at the time the work is performed; date & time stamps are chronologically in order

O Original Original data, sometimes referred to as source data or primary data, is the medium in which the data point is recorded for the first time

A Accurate Accurate data and records are free from errors, complete, truthful and any editing is documented

+ Complete All data including repeat or reanalysis performed on the sample

+ Consistent All elements of a study, such as the sequence of events, are dated or time stamped in the expected sequence

+ Enduring Data must be recorded on controlled worksheets, laboratory notebooks or electronic media (no post-it, uncontrolled notebooks..)

+ Available Available / accessible for review / audit for the life time of the record

Regulations and GuidelinesFDA draft guidance - ALCOA

2525

Question 1d: Static versus Dynamic Data


Static data are typically discrete values such as temperature and pH that cannot be interpreted or as the guidance mentions a paper printout or image

Dynamic data require human interpretation or processing, such as with chromatography or process trend data files. These types of data are of major concern to the FDA and other regulators for manipulating data and testing to pass

2626

Questions 4 and 5: within a computerized system persons must be uniquely identified and their actions tracked and audit trailed:

• Shared log-on accounts are not allowed

• Admin privileges must be separate from those involved with generating, processing, and reviewing data

• A list of authorized individuals with their access privileges should be maintained and cover both current and historical users of a system


2727

• §211.180(d), ….paper printouts are not the original records or true copies of the underlying e-records

• §211.68(b), ……paper is not a complete and exact copy of the electronic records as the latter contain more information than printouts.


Question 10: paper printout (static format) should not be the only record because it may only display part of the original record (dynamic format); electronic records and not paper should be the raw data

Print-out

Raw data

2828

Questions 12 and 2: cGMP Records and GMP Data exclusion

• “When generated to satisfy a CGMP requirement, all data become a CGMP record. You must document, or save, the data at the time of performance….”• Records should be sent to long-term storage as soon as they are

generated

• Electronic data that are automatically saved into temporary memory could be manipulated, before creating a permanent record

• Data (paper, hybrid, or electronic) if provided with scientific rationale, can only be excluded, not deleted [§211.194(a)]


2929

• The MHRA expects a so-called "data governance system” to be developed and run in order to give an acceptable state of control based on the data integrity risk

• Data governance is expected to utilize the principles of ICH Q9 when applying controls

Regulations and GuidelinesMHRA draft guidance - Highlights

• MHRA guidance supplements the GMP expectations in Eudralex Vol. 4 and it is applicable to both electronic and manually recorded data

3030

• Provide system Design examples to ensure data integrity, e.g.:

• Systems clocks: need to be secured and synchronized for recording timed events

• Data capture: Automated capture or printers attached to equipment are preferable

• Data changes: User access rights that prevent (or audit trail) unauthorized data amendments

• Guidance includes this statement, “... it is expected that GMP facilities should upgrade to an audit trailed system by the end of 2017”

Regulations and GuidelinesMHRA draft guidance - Highlights

3131

Regulations and GuidelinesPIC/S draft guidance - Highlights

• The document provides guidance for inspectorates in the interpretation of GMP/GDP requirements in relation to data integrity and the conduct of inspections

• An effective data governance system will demonstrate Management’s understanding and commitment to effective data governance practices

• The document focuses on specific DI considerations for paper-based and computerized systems, including the potential risk of not meeting expectations

3232

Data Review is one of the critical areas of Data Integrity

• Risk Assessment is deemed to identify the GMP/GDP relevant electronic data generated by computerized systems; identifying critical data and changing these (data audit-trail) should be part of the routine data review within the approval process

• “The frequency, roles and responsibilities of audit trails review should be based on a risk assessment … for changes of electronic data that can have a direct impact on the quality of the medicinal products, it would be expected to review at each and every time the data is generated.”

Regulations and GuidelinesPIC/S draft guidance - Highlights

3333

Context: data generated by the system are used to support GMP processes The reliability of data generated by the system (DI) could be

determined with the following activities:

• Identifying the data generated by the system during critical processes (data flow diagram)

• Defining the DI requirements (e.g. ALCOA data attributes) during the lifecycle of data

• Identifying the risks and mitigation strategies (e.g. technical or procedural controls) to avoid DI breaches

Computer System Validation eRecords Integrity, a practical example

3434

• Computer System, server-client architecture

Computer System Validation Ensuring eRecords Integrity, a practical example

3535

Computer System Validation Ensuring eRecords Integrity, a practical exampleComputer System Validation Ensuring eRecords Integrity, a practical example

Audited events

Users· Login· Login failure· Create users· Password changeApplication (Program)· Launch· Termination· Preferences· Site OptionsSetup· Creation· Modification· DownloadCalibration· Start · Terminate· CopyStudy· Start· End· Copy

6 AUDIT

Data Location

Business Process/Data flow

Create SetupSave Setup

Load SetupSave calibration file (PC)

Load /Save SetupSave Qualification Study

Load SetupSave Calibration

Operations not managed by the application

Verify Instrument Configuration

Verify Instrument and Modules'

Calibration

Defining Qualification

Activity

Calibration of TCs

Execute Qualification activity

Calibration Verification of TC-s

Reporting

1 SETUP

1 SETUP

1 SETUP

3 QUALS

1 SETUP

1 SETUP

2 CAL

4 REPT

2 CAL

Access Granted?

Windows Login

Authorization

Stop

Start

Windows Active Directory

Application Login

Authorizationdatabase response

database query

Application networkUser Database

Yes

No

Access Granted? Stop

Start Application Operations

Yes

No

database response

database query

Application Security

3636

• DI requirements should comply with ALCOA attributes:

ALCOA - URSs

ATTRIBUTABLE: Defining Source data and who performed an action on it

req.: The source of data must be identified and traceable to data

req.: Data generated must be traceable to users

req.: Access to data must be granted to authorized people

data are traceable to users; study data traceable to system/instrument

LEGIBLE: Permanent recording of information and Access to easy reading any time

req.: Data must be recorded permanently in a durable medium

req.: Data must be recorded in a human readable format and readily available

data are recorded in a central database on network server (permanent record); authorized people can always access and read data; same for archived data following restore

Computer System Validation Ensuring data integrity, a practical example

3737

ALCOA - URSs

CONTEMPORANEOUS: Recording the date & time when work is performed

req.: Data must include the date and the time of its generation

req.: System date and time must be reliable and locked for changes

Records are generated in contemporaneous when activity is conducted; system date and time is sync with a reliable source and associated to records

ORIGINAL: Justifying if the information / data is a true copy

req.: Original data must be the original record or a true copy

req.: Changes to data (e.g. reprocessing) must be recorded by the system audit trail

Data captured are true copies of data generated by instruments; modification to data is audit trailed

Computer System Validation Ensuring data integrity, a practical example

3838

ALCOA - URSs

ACCURATE: Is the data accurate, with no errors or editing

req.: Process and equipment must be validated

req.: Data, including audit-trails must be reviewed

req.: Accuracy of data transfer/migration to a new system must be verified

req.: Data backup and archive must be verified

req.: Data, including failed test runs shall not be deleted

(SOPs) Audit-trail is reviewed before system release ; Back-up is periodically tested ;data cannot be deleted and all data of a study are stored in same folder (application)

Computer System Validation Ensuring data Integrity, a practical example

3939

Computer System Validation Ensuring eRecords Integrity, a practical example

Data Risk Assessment

• The hazards for each eRecord should be assessed and, if required, mitigation actions (procedural and/or technical) defined

• Risk assessment has to consider all steps of the data lifecycle

Data lifecycleCreate

Process and Use

Report and

ArchiveDiscard

4040

• Understand regulatory requirements, inspectional concerns and approach

• Create awareness of data integrity among all personnel so they can report concerns and contribute optimizing the implementation processes

• Integrate Data Management Into Your Quality System

• Perform Gap Analysis for GxP Computer Systems, e.g. during revalidation

Ensuring Data Integrity and Successful Regulatory Inspections

4141

• Train internal auditors to understand what to look for

• Include data integrity verification activities into internal audit

• Seek external support to enhance your internal investigation program

• Share knowledge and experiences with other companies

• If not clearly documented, create an overview document that outlines company understanding and approach to Data Quality Management

Ensuring Data Integrity and Successful Regulatory Inspections

4242

Conclusion - how Data Integrity breaches can be avoided

DATA RELIABILITY

Procedural Controls

Technical Controls

Organizational Quality Culture

4343

Education on data integrity requirements

Knowledge sharing, Training and Personnel Development

Quality Management and Issue Escalation

Internal Audits/self-inspections Continuous Improvement

Enforcement of Standard Procedures for:

• Access management• Computerized system compliance• Minimize Operational Errors• Minimize manual interventions• Ensure segregation of duties• Designate independent reviewers

of data/results• Guide how to handle data error• Ensure proper system Design and

Configuration

Security Access, Audit trail, Data storage, Back-up, Retrieval

Integrate multiple processes (increase use of direct interfaces)

Build-in checks (check input entries, use drop-down lists)

Automate data capture Centralize the source of data used

across multiple systems Adopt and use industry standards and

processes

Organizational Quality Culture

Procedural Controls

Technical Controls


4444

• Implementing an effective framework of procedural controls supported by an adequate technology should minimize genuine human error and ultimately reduce opportunities for deliberate falsification

• Corporate leadership instead should provide the paradigm for the success and sustainability of data integrity


Any questions?

4646

Thank youThank You

• Angelo Rossi• +32 484 964 908• [email protected]• www.pauwelsconsulting.com

Science

Data Integrity in a GxP-regulated Environment - Pauwels Consulting Academy