最近建了一套新体系,跟bob其实也讨论很多方向点,包括怎么结合ECA当中的 GAMP 5 category与 APIC DIRA结合才能更好指导CS 管理和验证输出。
老爷子最近换邮箱了,沟通和交流没那么及时(显摆也没那么及时,很可爱的老先生)。
今天拜读了下他关于DIRA中DATA PROCESS MAPPING的一些想法。
Old is a better way to see it!!
以下为正文
Data process mapping is an effective way to identify data integrity vulnerabilities and remediate them. A modified example published by the Active Pharmaceutical Ingredients Committee (APIC) is reviewed critically. Can it be simplified?数据处理映射是识别数据完整性漏洞并对其进行修复的有效方法。对活性药物成分委员会 (APIC) 发布的修改示例进行了严格审查。可以简化吗?
Regulatory authorities expect that laboratories assess their manual processes and computerized systems to identify and remediate any data integrity vulnerabilities and risks. This approach is mentioned in the Medicines and Healthcare Products Regulatory Agency (MHRA) (section 3.4) and the Pharmaceutical Inspection Co-operation Scheme (PIC/S) (in section 9.1.6) guidance documents (1,2). Typically, this assessment can be performed in one of two ways—either by using a checklist or data process mapping.监管机构希望实验室评估其手动流程和计算机化系统,以识别和修复任何数据完整性漏洞和风险。药品和保健品监管局 (MHRA)(第 3.4 节)和药品检查合作计划 (PIC/S)(第 9.1.6 节)指导文件 (1,2) 中提到了这种方法。通常,可以通过以下两种方式之一执行此评估 - 使用清单或数据处理映射。
MHRA guidance goes into specifics (1):
MHRA 指南涉及具体内容 (1):
3.4 … An example of a suitable approach is to perform a data integrity risk assessment (DIRA) where the processes that produce data or where data is obtained are mapped out and each of the formats and their controls are identified and the data criticality and inherent risks documented.3.4 …合适方法的一个示例是执行数据完整性风险评估 (DIRA),其中绘制了生成数据或获取数据的流程,确定了每种格式及其控制措施,并记录了数据关键性和固有风险。
What happens if you don’t do a DIRA? The PIC/S Guidance describes data integrity deficiencies in Section 11.2.3 (2) as:如果你不做 DIRA 会怎样?PIC/S 指南将第 11.2.3 (2) 节中的数据完整性缺陷描述为:
Data integrity failure resulting from bad practice,
不良实践导致数据完整性失败,Opportunity for failure (without evidence of actual failure) due to absence of the required data control measures.由于缺乏所需的数据控制措施而导致失败的机会(没有实际失败的证据)。
An example of the first is sharing user identities so that an action cannot be attributed to an individual. The second is more interesting—you have not done anything wrong, but there are no controls in place to prevent an analyst from doing a wrong action, such as, for example, user access to data and the system clock via the operating system. It is the possibility that an analyst could do something that is preventable. Take note! Are you sure you have all necessary controls in place over the data lifecycle?第一个例子是共享账号,这样一个操作就不能归因于个人。第二个更有趣 — 您没有做错任何事情,但没有适当的控制措施来防止分析师执行错误的操作,例如,用户通过操作系统访问数据和系统时钟。这是分析师可以做一些可以预防的事情的可能性。注意!您确定在数据生命周期内已采取所有必要的控制措施吗?
To undertake these assessments, organizations have published guidance documents (3–9). We review the second version of the APIC Practical Risk-based Guide for Managing Data Integrity Methodology for assessing systems and processes (9). This is a good guide, and, as the name suggests, it is very practical because it provides examples related to good and poor system and process design.为了进行这些评估,各组织发布了指导文件 (3-9)。我们回顾了 APIC 基于风险的数据管理完整性实用指南的第二版,用于评估系统和流程的方法 (9)。这是一个很好的指南,而且,顾名思义,它非常实用,因为它提供了与良好和不良系统和过程设计相关的示例。
In this column, we do the following:
在本专栏中,我们将执行以下操作:
Review critically a modified data process mapping from APIC’s Guide Section9.2 (9),批判性地查看 APIC 指南第 9.2 (9) 节中修改后的数据处理映射,
Provide some details omitted from the APIC approach, and提供 APIC 方法中遗漏的一些详细信息,以及
Suggest a simpler way to conduct a DI data process mapping and remediaion.建议一种更简单的方法来执行 DI 数据处理映射和修复。
Where’s the Inventory? 清单在哪里?
Before we start, my assumption is that your organization has an inventory of computerized systems and manual processes. Each entry is classified for data criticality (the process, data generated, and potential impact on the patient), which determines the priority order of assessment and remediation. You have an inventory, haven’t you?在我们开始之前,我的假设是您的组织有计算机化系统和手动流程的清单。每个条目都根据数据关键性(过程、生成的数据以及对患者的潜在影响)进行分类,这决定了评估和修复的优先级顺序。你有识别清单,不是吗?
In addition, management must support both business and data mapping assessments and remediation by providing the resources for this work. If they don’t, perhaps you might like to show them my column on understanding the cost of non-compliance (10), or simply ask they if they look good in orange?此外,管理层必须通过为这项工作提供资源来支持业务和数据映射评估和补救。如果他们不知道,也许您可能想向他们展示我关于了解不合规成本的专栏 (10),或者干脆问他们橙色看起来好不好看?
Checklist or Data Process Mapping?
清单还是数据处理映射?
Before delving into the details of a way of data process mapping, another method is a checklist to identify data integrity vulnerabilities. A comparison of the two approaches is shown in Table I. Data process mapping is more flexible, and it is also applicable to manual processes because the checklists focus only on computerized systems.在深入研究数据处理映射方法的详细信息之前,另一种方法是识别数据完整性漏洞的清单。表 I 显示了两种方法的比较。数据处理映射更灵活,也适用于手动过程,因为清单只关注计算机化系统。
Regardless of the methodology, both take time and require trained staff to be involved. Therefore, management must ensure that adequate time is available to perform these assessments and remediate any data integrity vulnerabilities. Please avoid implementing just procedural solutions with analyst training. These are just temporary, error-prone sticking plasters to await automation of a manual process or replacement of a deficient system.无论采用哪种方法,两者都需要时间,并且需要训练有素的工作人员参与。因此,管理层必须确保有足够的时间来执行这些评估并修复任何数据完整性漏洞。请避免仅通过分析师培训实施程序性解决方案。这些只是临时的、容易出错的贴膏药,等待手动流程的自动化或更换有缺陷的系统。
APIC Methodology APIC 方法
The APIC data process mapping methodology consists of six stages, and is shown in Figure 1:
APIC 数据处理映射方法由六个阶段组成,如图 1 所示:
Map an analytical process, identifying the steps involved from sample management to generation of the reportable result.绘制分析过程图,确定从样品管理到生成可报告结果所涉及的步骤。
When the map is complete, identify where any analytical instruments and computerized systems (including spreadsheets!) are involved. Then, identify all records generated against each process step.地图完成后,确定涉及任何分析仪器和计算机化系统(包括电子表格)的位置。然后,确定针对每个流程步骤生成的所有记录。
Classify the records and systems into one of the six categories provided in the guide.
将记录和系统分类为指南中提供的六个类别之一。Assess the controls and identify the vulnerabilities for all records, instruments, and systems.
评估控制措施并确定所有记录、工具和系统的漏洞。Input the vulnerabilities into a Failure Mode Effects Analysis (FMEA) spreadsheet to select the most important ones for remediation.将漏洞输入到故障模式影响分析 (FMEA) 电子表格中,以选择最重要的漏洞进行修复。
After remediation, repeat the assessment to see if the residual risk is acceptable or not.
修复后,重复评估以查看剩余风险是否可接受。
FIGURE 1: The APIC data process mapping methodology (9).
图 1:APIC 数据处理映射方法 (9)。
The guide provides a working example of a QC process in Section 9.2 of a quantitative analysis using an analytical balance, an ultraviolet–visible (UV-vis) spectrometer system to calculate the results, which are entered manually into a laboratory information management system (LIMS) (9). It provides a spreadsheet for completed FMEAs before and after remediation.
该指南在定量分析的第 9.2 节中提供了 QC 过程的工作示例,该定量分析使用分析天平,紫外-可见 (UV-vis) 光谱仪系统计算结果,这些结果手动输入实验室信息管理系统 (LIMS) (9)。它为修复前后已完成的 FMEA 提供了一个电子表格。
The process steps are: 工艺步骤如下:
Sample preparation involving an analytical balance configuration is locked and segregated from the users.
涉及分析天平配置的样品制备被锁定并与用户隔离。The spectrometer is standalone, and it is not connected to a network.
光谱仪是独立的,没有连接到网络。A raw data sheet (RDS) is used to record the work.
原始数据表 (RDS) 用于记录工作。The reportable results are typed into a LIMS.
可报告的结果被输入到 LIMS 中。
APIC Process Modifications
APIC 流程修改
In the APIC process, the LIMS and balances are out of scope of the assessment. I have included them for completeness because you must always map the entire process. If the balance and LIMS were covered in separate process mapping exercises, the work should be cross referenced in this assessment. I have also modified the APIC example as follows:
在 APIC 流程中,LIMS 和天平不在评估范围内。为了完整起见,我将它们包括在内,因为您必须始终映射整个过程。如果平衡和 LIMS 在单独的流程映射练习中涵盖,则应在此评估中交叉引用该工作。我还修改了 APIC 示例,如下所示:
In APIC, the spectrometer software calculated the result. This is boring, so I have modified the process to simply measure the absorbance at specific wavelength and print measurements from the system.
在 APIC 中,光谱仪软件计算了结果。这很无聊,因此我修改了过程,只需测量特定波长下的吸光度,然后从系统中打印测量值。All spectrometer users share a single logon: cowboy time!
所有光谱仪用户共享一个登录名:混乱时间!To make life more entertaining, the absorbances are then typed into a validated spreadsheet. Well, you would, wouldn’t you?
为了让生活更有趣,然后将吸光度输入到经过验证的电子表格中。嗯,你会的,不是吗?LIMS data entry is included to enable a complete second person review of the whole process.
包括 LIMS 数据输入,以便对整个过程进行完整的第二人称审查。
Process and System Classification
流程和系统分类
We’ll start the review by looking at the APIC classification of processes and systems, which are divided into six categories (Table II). I have edited the description to focus on the laboratory.
我们将从查看流程和系统的 APIC 分类开始审查,这些分类分为六类(表 II)。我已经编辑了描述以专注于实验室。
Some critical comments: 一些批评评论:
Category 1: I hate to admit, but last time I used a pH paper was in the 1970s! However, the list should also include paper records such as an instrument logbook and the master analytical batch record or blank raw data sheet (RDS) as used in the Guide. The phrase “No GXP data are stored” should be modified to “GXP data are recorded manually.”
类别 1:我不想承认,但我上一次使用 pH 试纸是在 1970 年代!但是,该列表还应包括纸质记录,例如仪器日志和指南中使用的主分析批次记录或空白原始数据表 (RDS)。短语“N o GXP data are stored”应修改为“GXP data are recorded manually”。Category 2: As an auditor, using an analytical balance and recording the weight by observation is a critical finding. In my view, no objective evidence for such a critical instrument is a data integrity violation.
类别 2:作为审计师,使用分析天平并通过观察记录重量是一个关键发现。在我看来,没有客观证据表明这种关键工具违反了数据完整性。Category 3: Here, the balance has a printer attached to document the work. That’s great, but there is no mention that modern balances also have user accounts in the firmware. A user should have a unique user log on that is automatically transferred to the printout along with the date and time. As noted by APIC, the balance is locked and users cannot access the configuration. Failure to implement this would be an opportunity for failure under PIC/S PI-041 (2), as discussed earlier.
类别 3: 在这里,天平连接了一台打印机来记录工作。这很好,但没有提到现代天平在固件中也有用户帐户。用户应该有一个唯一的用户登录名,该登录名将与日期和时间一起自动传输到打印输出。如 APIC 所述,余额已锁定,用户无法访问配置。如前所述,如果不实施这一点,则有可能根据 PIC/S PI-041 (2) 失败。
I have no comments about the remaining categories, except that I would add spreadsheets to category 6.
我对其余类别没有任何评论,除了我会将电子表格添加到类别 6 中。
Data Process Mapping Example
数据处理映射示例
Section 9.2 of the APIC guide has been modified, as mentioned earlier, to include a transcription check of the result to LIMS, comply with Annex 11 clause 6 (11), and incorporate electronic signatures by the analyst and second person reviewer. The modified workflow is shown in Figure 2. Implicit in the data process mapping is to ensure that applicable ALCOA++ criteria are met (12).
如前所述,APIC 指南的第 9.2 节已经过修改,包括对 LIMS 结果的转录检查,符合附录 11 第 6 (11) 条,并包含分析人员和第二人称审稿人的电子签名。修改后的工作流如图 2 所示。数据处理映射中隐含的是确保满足适用的 ALCOA++ 标准 (12)。
FIGURE 2: A modified APIC QC data process mapping example.
图 2:修改后的 APIC QC 数据处理映射示例。
The data process mapping of the analytical process is divided by APIC into four phases [9]:
APIC 将分析过程的数据处理映射分为四个阶段 [9]:
(1) Sample preparation (1) 样品制备
(2) Instrument set up and analysis
(2) 仪器设置和分析
(3) Result calculation and entry into LIMS
(3) 结果计算和进入 LIMS
(4) Second person review of analytical records.
(4) 分析记录的第二人称审查。
Phase 1: Sample Preparation
第 1 阶段:样品制备
The overall process is shown in Stage 1 of Figure 2.
整个过程如图 2 的第 1 阶段所示。
A raw data sheet (RDS) is used to record work. This must be a controlled document that is uniquely numbered and bound to prevent page substitution, unlike a recent 483 observation where analysts could reprint a page of a batch record simply by scanning a QR code (13). Isn’t it good to know that technology can automate data falsification?
原始数据表 (RDS) 用于记录工作。这必须是一个受控文档,该文档具有唯一编号并绑定以防止页面替换,这与最近的 483 观察不同,分析师只需扫描 QR 码即可重新打印批处理记录的一页 (13)。知道技术可以自动进行数据伪造不是很好吗?The RDS will be used to manually record the serial numbers of the volumetric glassware used. Any reagents, buffers, and solvents used will have reference to the batch and preparation details. The balance ID needs to be recorded on the RDS.
RDS 将用于手动记录所用容量玻璃器皿的序列号。使用的任何试剂、缓冲液和溶剂都将参考批次和制备详细信息。余额 ID 需要记录在 RDS 上。The analytical balance as mentioned earlier is critical but not discussed in depth by APIC, as user accounts and access privileges are not defined and maintained.
如前所述,分析天平至关重要,但 APIC 并未深入讨论,因为未定义和维护用户帐户和访问权限。Do the printouts have the analysts name and correct time and date stamp on them from the log in, or are they written when the work is complete? The original printouts should be stuck onto the RDS as required by PIC/S PI-041 section 8.9 (2).
打印输出是否在登录时带有分析师的姓名以及正确的时间和日期戳,或者它们是在工作完成时写的?应按照 PIC/S PI-041 第 8.9 (2) 节的要求将原始打印输出粘贴到 RDS 上。The balance printout must have the full sequence of weighing actions, such as check masses vs. acceptance criteria, standard information with vessel weight, tare weight, and weight of the standard. A similar approach is required for sample weights.
天平打印输出必须包含称量操作的完整顺序,例如检查质量与验收标准、包含容器重量的标准信息、皮重和标准品重量。样品重量需要采用类似的方法。
What is missing from this description? The balance logbook! This is a specific requirement under Chapter 4.31 (14) and 21 CFR 211.182 (15). Moreover, a logbook is a critical component of data integrity correlating work performed and documenting the sequence of user actions (16). Oops!
这个描述中缺少什么?余额日志!这是《美国联邦法规》第 4.31 章 (14) 和《美国联邦法规》第 21 卷第 211.182 章第 15 章的具体要求。此外,日志是数据完整性的关键组成部分,它将执行的工作关联起来,并记录用户操作的顺序 (16)。哎呀!
Phase 2: Instrument Setup and Analysis
第 2 阶段:仪器设置和分析
Let’s look at the set up and analysis performed using the UV-vis spectrometer and start with some initial checks (stages 2 and 3 in Figure 2):
让我们看看使用紫外-可见光谱仪进行的设置和分析,并从一些初步检查开始(图 2 中的第 2 阶段和第 3 阶段):
Is the system validated and the configuration settings documented? Yes, excellent!
系统是否经过验证并记录了配置设置?是的,太棒了!Are user roles defined and all users have unique IDs? No! All users share a single account with administrator privileges. No attribution of action. Oh, dear.
是否定义了用户角色,并且所有用户都有唯一的 ID?不!所有用户共享一个具有管理员权限的账户。没有行动的归属。哦,亲爱的。Users can access to the data files via the operating system, the system clock, and the recycle bin. Remember the PIC/S rationale for a deficiency (2)?
用户可以通过操作系统、系统时钟和回收站访问数据文件。还记得缺陷的 PIC/S 理由 (2) 吗?The system is used as a hybrid (signed paper printouts with electronic records), which is the worst situation to be in because two incompatible media formats must be managed and synchronized over the record retention period. PIC/S PI-041 section 9.10 also discourages the use of hybrid systems and recommends their replacement (2).
该系统用作混合(带有电子记录的签名纸质打印输出),这是最糟糕的情况,因为在记录保留期内必须管理和同步两种不兼容的媒体格式。PIC/S PI-041 第 9.10 节也不鼓励使用混合系统,并建议更换它们 (2)。Electronic records are manually backed up by the users when they have the time, using a USB device and copy and paste. The final nail in the coffin is that backup is a secondary QC activity, and typically, analysts never have the time to perform it. This should be an automatic function managed by IT; connecting a standalone system to a network is a simple task.
电子记录由用户在有时间时使用 USB 设备手动备份并复制和粘贴。棺材上的最后一枚钉子是,备份是一项次要的 QC 活动,通常,分析师永远没有时间执行它。这应该是由 IT 管理的自动功能;将独立系统连接到网络是一项简单的任务。
Not the brightest start to the assessment of this phase of the process.
这不是对这一阶段过程评估的最光明的开始。
On the plus side, the instrument setup and use is good with instrument methods named for easy identification, and data files are automatically saved by system along with a procedure for file naming. Printouts are linked to the data file name and associated metadata, such as the method used.
从好的方面来说,仪器的设置和使用都很好,仪器方法命名以便于识别,并且数据文件由系统自动保存以及文件命名程序。打印输出链接到数据文件名和关联的元数据,例如使用的方法。
However, the instrument logbook has been omitted from the APIC example— AGAIN! I want to reiterate the importance of this apparently mundane and forgettable document; it allows correlation between instrument printouts, e-records in the data system, and logbook entries. Put simply, if all three are congruent, it is an indication that the correct processes have been followed, and that they are consistent and traceable.
但是,APIC 示例中省略了仪器日志 — AGAIN!我想重申这份看似平凡且容易被遗忘的文件的重要性;它允许仪器打印输出、数据系统中的电子记录和日志条目之间的关联。简而言之,如果这三者都一致,则表明遵循了正确的流程,并且它们是一致且可追溯的。
Phase 3: Result Calculation and Entry to LIMS
第 3 阶段:结果计算和进入 LIMS
In a deviation from the APIC example, measurements from the UV spectrometer printouts are typed into a validated Excel template, which is good, but it is another hybrid system (stages 4 and 5 in Figure 2). However, the data process mapping identifies the following problems:
与 APIC 示例不同的是,紫外光谱仪打印输出的测量值被输入到经过验证的 Excel 模板中,这很好,但它是另一个混合系统(图 2 中的阶段 4 和 5)。但是,数据处理映射会识别以下问题:
The completed spreadsheet file is saved, but there is no file naming convention or specific storage location defined. Therefore, a user can save the file on a local or network drive. Be warned that auditors and inspectors search local drives for files with .xlsx and similar file extensions. Insert a big smiley face emoji.
将保存完成的电子表格文件,但未定义文件命名约定或特定存储位置。因此,用户可以将文件保存在本地或网络驱动器上。请注意,审核员和检查员会在本地驱动器中搜索具有 .xlsx 和类似文件扩展名的文件。插入一个大笑脸表情符号。
The results are printed, but there is no link to spreadsheet file which fails record signature linking 21 CFR 11.70 (17) and PIC/S PI-041 section 9.5.2, correlating hybrid records for completeness (2).
结果已打印,但没有指向电子表格文件的链接,该文件未通过记录签名链接 21 CFR 11.70 (17) 和 PIC/S PI-041 第 9.5.2 节,关联混合记录以实现完整性 (2)。
As a result, there is a failure of ALCOA++ criteria because the records are not consistent or traceable (18,19).
因此,由于记录不一致或不可追溯,因此 ALCOA++ 标准失败 (18,19)。
The analyst then enters the individual determinations and reportable value into the LIMS, where they are compared with the specifications, and, if within the limits, the analyst e-signs the result.
然后,分析人员将各项测定和可报告值输入到 LIMS 中,在那里将它们与规格进行比较,如果在限制范围内,分析人员对结果进行电子签名。
Phase 4: Second Person Review
第 4 阶段:第二人称复核
This phase of the process is both a scientific necessity and regulatory imperative to comply with 21 CFR 211.194(a) (15) and GMP Chapter 6.17vii (20), and it is stage 6 in Figure 2. It consists of a detailed review of all paper and electronic records from sampling to reporting to ensure the work was performed correctly, procedures were followed, results are not selected, data are not falsified, and any deviations are recorded and investigated.
该工艺的这一阶段既是科学必要性,也是监管必要条件,以符合 21 CFR 211.194(a) (15) 和 GMP 第 6.17vii (20) 章,它是图 2 中的第 6 阶段。它包括对从取样到报告的所有纸质和电子记录进行详细审查,以确保工作正确执行、遵循程序、未选择结果、数据未伪造,并记录和调查任何偏差。
The analysis of the second person review reveals that most work is performed correctly, with one or two problems.
对第二人称审查的分析表明,大多数工作都正确执行,但存在一两个问题。The audit trail of the spectrometer is printed to paper and reviewed manually; each page is initialed and dated by the reviewer.
光谱仪的审计跟踪被打印到纸上并手动审查;每一页都由审稿人签名并注明日期。The spreadsheet printout is checked against the spectrometer printouts and signed by reviewer, but the electronic file was not reviewed (probably as it can’t be found?).
电子表格打印输出与光谱仪打印输出进行核对,并由复核者签名,但电子文件没有被复核(可能是因为找不到?The reviewer initials all paper records as evidence of review and then e-signs the result in LIMS.
审稿人将所有纸质记录签名作为审稿证据,然后在 LIMS 中对结果进行电子签名。
Ideally, each software application should have a function to document AT review electronically without the need to print or have paper checklists. However, few applications have this option in the laboratory. If the audit trail does not have an adequate search function or can highlight changes (21), either review on screen or print to PDF.
理想情况下,每个软件应用程序都应该具有以电子方式记录 AT 审查的功能,而无需打印或拥有纸质清单。然而,很少有应用在实验室中提供此选项。如果审计跟踪没有足够的搜索功能或可以突出显示更改 (21),请在屏幕上查看或打印为 PDF。
Audit Trail Review Case Study
审计跟踪审查案例研究
The system has limited functionality, and only a specific user role called Level 90 can change data. Otherwise, the audit trail just records the functioning of the system.
该系统的功能有限,只有名为 Level 90 的特定用户角色才能更改数据。否则,审计跟踪仅记录系统的运行情况。
Before: Owing to a lack of search facility, the audit trail is printed (circa 70–150 pages). The lucky user must initial and date each page; don’t you just love the sadists in QA? Now the even luckier reviewer must trawl through each page looking to see if a Level 90 user has logged on. Naturally, the chosen one must initial and date each page to document their review, providing they have not expired because of extreme boredom. The review is slow, laborious, error prone, and takes a minimum of two hours.
以前:由于缺乏搜索工具,将打印审计跟踪(大约 70-150 页)。幸运的用户必须为每个页面添加首字母和日期;你不就是喜欢 QA 中的虐待狂吗?现在,更幸运的审阅者必须浏览每个页面,看看是否有 90 级用户登录。自然,被选中的人必须在每页签名并注明日期以记录他们的评论,前提是它们没有因为极度无聊而过期。审核速度慢、费力、容易出错,并且至少需要两个小时。After: The audit trail is printed not to paper, but to the PDF. It can be saved with a batch-related file name. Open the file, press Control F and enter Level 90 into the search function and if nothing is found. Job done! Total time two minutes. If there is such a user role, check if any changes have been made.
后:审计跟踪不是打印到纸张上,而是打印到 PDF。可以使用与批处理相关的文件名进行保存。打开文件,按 Control F 并在搜索功能中输入 Level 90,如果未找到任何内容。大功告成!总时间 2 分钟。如果存在这样的用户角色,请检查是否进行了任何更改。
To be contentious, why do you need to keep the PDF file since the original records are in the audit trail? The printing to PDF can be repeated at any time as the original records remain in the audit trail.
为了引起争议,既然原始记录在审计跟踪中,为什么还需要保留 PDF 文件?打印为 PDF 可以随时重复,因为原始记录仍保留在审计跟踪中。
Summary of DI Vulnerabilities
DI 漏洞摘要
The data process mapping has found several data integrity vulnerabilities or poor practices as collated in Table III. Each one is classified as:
数据处理映射发现了几个数据完整性漏洞或不良实践,如表 III 所示。每个分类为:
Non-compliance against a regulatory requirement
不遵守法规要求A potential non-compliance as per PIC/S PI-041 section 11.2.3 (2); there is no evidence of data deletion or time traveling but there is the potential for this
根据 PIC/S PI-041 第 11.2.3 (2) 节的潜在不合规行为;没有数据删除或时间旅行的证据,但有可能Inefficient business process
业务流程效率低下
The last one is of interest because this is typically not covered in a checklist, but it is obvious when conducting data process mapping. The business process must be improved in three places for business efficiently and eliminate data vulnerabilities:
最后一个问题很有趣,因为这通常不在清单中涵盖,但在执行数据处理映射时很明显。必须在三个地方改进业务流程,以便有效地开展业务并消除数据漏洞:
Printing an audit trail to paper and reviewing the entries is very inefficient, as discussed earlier.
如前所述,将审计跟踪打印到纸上并查看条目的效率非常低。The two hybrid systems require more management of the two incompatible record media.
这两个混合系统需要对两个不兼容的记录媒体进行更多管理。Can the spreadsheet be eliminated by incorporating the calculations into the spectrometer system or LIMS?
能否通过将计算结果合并到光谱仪系统或 LIMS 中来消除电子表格?Can the manual entry to LIMS be eliminated by connecting the spectrometer to the network and exporting the results to LIMS?
通过将光谱仪连接到网络并将结果导出到 LIMS 是否可以消除手动输入 LIMS?
Incorporation of technical rather than procedural controls is one of the improvements listed for the update of Annex 11 for computerized systems (22).纳入技术控制而不是程序控制是计算机化系统附录11 更新中列出的改进之一 (22)。
Now, we must consider what to do. The APIC process flow in Figure 1 shows an FMEA risk assessment should be conducted, BUT before starting down this road, let us take a value-added detour and see what ICH Q9(R1) on Quality Risk Management (23) says.
现在,我们必须考虑该怎么做。图 1 中的 APIC 流程表明应该进行 FMEA 风险评估,但在开始这条路之前,让我们绕道而行,看看关于质量风险管理 (23) 的 ICH Q9(R1) 是怎么说的。
ICH Q9(R1) to the Rescue!
ICH Q9(R1) 来拯救!
ICH Q9(R1) for Quality Risk Management has been recently updated and section 5.1 is entitled Formality for QRM Documentation (23), and argues that not all situations require a formal risk assessment. The three determining factors for a such decision are uncertainty, importance, and complexity.
ICH Q9(R1) f或质量风险管理最近进行了更新,第 5.1 节的标题为 QRM 文件的形式 (23),并认为并非所有情况都需要正式的风险评估。此类决策的三个决定因素是不确定性、重要性和复杂性。
Let’s see how the three criteria match up with the non-compliances listed in Table III; we’ll take the problem of shared user identities in the UV-Vis spectrometer.
让我们看看这三个标准如何与表 III 中列出的不合规情况相匹配;我们将讨论紫外-可见光谱仪中的共享用户身份问题。
Uncertainty: None. There is no attribution of action.
不确定性:没有。没有行动的归因。Importance: High. The following GMP requirements are not met: Chapter 4.9, 4.21c (14), Chapter 6.17 (vi, vii & viii) (209), and Annex 11 12.1 & 12.4 (11), not to mention a slew of 21 CFR 11 and 21 CFR 211 violations (15,17)
重要性:高。以下GMP要求未得到满足:第4.9章,第4.21c章(14),第6.17章(vi,vii和viii)(209),以及附件11 12.1和12.4(11),更不用说一系列21 CFR 11和21 CFR 211违规行为(15,17)Complexity: Low. You have been lazy, and you have not implemented user roles and access privileges in the software.
复杂性:低。您一直很懒惰,并且您没有在软件中实现用户角色和访问权限。
The process flow analysis has identified the data integrity vulnerabilities, and this will be documented and remediated in the assessment report. Do we need to complete the FMEA? A resounding NO should be the answer because it is a total waste of time; you don’t need a crystal ball to know the outcome of the FMEA.
流程分析已识别出数据完整性漏洞,这些漏洞将在评估报告中记录和修复。我们需要完成 FMEA 吗?一个响亮的否定应该是答案,因为这完全是浪费时间;您不需要水晶球即可了解 FMEA 的结果。
Alternatively, apply common sense. You already know what the problem is and the resolution: why waste time?
或者,应用常识。您已经知道问题所在和解决方案:为什么要浪费时间?
Titanic@Iceberg.com
Put simply: 简单地说:
YOU ARE OUT OF COMPLIANCE.
您不合规。
FIX IT. 修复它。
NOW. 现在。
Don’t wait for a risk assessment to tell you what you already know. I would argue strongly, based on ICH Q9(R1) above, that the data process mapping report (see Table I) is your risk assessment (23). The remedial action should be:
不要等到风险评估告诉你已经知道的事情。根据上面的 ICH Q9(R1),我会强烈主张,数据处理映射报告(见表 I)是您的风险评估 (23)。补救措施应该是:
Raise a change request for the spectrometer that documents and justifies the implementation of separate user accounts and user roles, and approve it.
为光谱仪提出更改请求,以记录和证明单独用户帐户和用户角色的实施并进行验证,并批准它。Devise user roles with access privileges, with no conflicts of interest.
设计具有访问权限的用户角色,没有利益冲突。Buy additional user licenses, if required.
如果需要,请购买额外的用户许可证。Allocate each user a unique account and an appropriate role.
为每个用户分配一个唯一的帐户和适当的角色。Implement user account management operated by IT or QA.
实施由 IT 或 QA 运营的用户账户管理。Document and validate—I would suggest representative testing only.
记录和验证 — 我建议仅进行代表性测试。
Take a similar approach with all other DI vulnerabilities, poor practices, and business inefficiencies: Fix them! Redesign the process, and incorporate remediation or eliminate the vulnerabilities.
对所有其他 DI 漏洞、不良实践和业务效率低下采取类似的方法:修复它们!重新设计流程,并纳入补救措施或消除漏洞。
Exit, Pursued by a Bear…
出口,被熊追赶......
On the other hand, you can waste time and effort if you have a fetish for risk assessments or if QA cannot think and insist you must complete an FMEA. Think of the fun hours inputting to your FMEA spreadsheet the problem, the possible effect, and then allocating random numbers for severity, occurrence, detectability. Finally, the final cell in the row has a value of 42 and the color turns red. Shock and horror: we are out of compliance!
另一方面,如果您对风险评估有迷恋,或者 QA 无法思考并坚持您必须完成 FMEA,您可能会浪费时间和精力。想想在 FMEA 电子表格中输入问题、可能的影响,然后为严重性、发生率、可检测性分配随机数的有趣时间。最后,该行中的最后一个单元格的值为 42,颜色变为红色。震惊和恐惧:我们不合规了!
Hold on a minute! What is new? Nothing, apart from a completed and colorful spreadsheet stating the bleeding obvious. What is the point?
等一下!什么是新功能?除了一份完整的彩色电子表格,上面写着明显的出血。重点是什么?
My modified approach to data process mapping is shown in Figure 3. It involves the complete elimination of the FMEA risk assessment and the substitution of the data process mapping report. A further modification could be that the data process mapping report just identifies the DI vulnerabilities and links each one to the various CAPA and change requests raised.
我修改后的数据处理映射方法如图 3 所示。它涉及完全消除 FMEA 风险评估并替换数据处理映射报告。进一步的修改可能是,数据处理映射报告仅识别 DI 漏洞,并将每个漏洞链接到提出的各种 CAPA 和更改请求。
FIGURE 3: A modified APIC data process mapping approach.
图 3:改进的 APIC 数据处理映射方法。
Summary 总结
This column has conducted a practical review of one data process mapping example and has highlighted some practical changes that were made to improve it. Instead of performing a formal risk assessment, once the data process mapping exercise has highlighted any data vulnerabilities and business inefficiencies, these can be scheduled for remediation.
本专栏对一个 Data Process Mapping 示例进行了实际回顾,并重点介绍了为改进它而进行的一些实际更改。一旦数据处理映射练习突出了任何数据漏洞和业务效率低下,就可以安排进行补救,而不是执行正式的风险评估。
Acknowledgments 确认
I would like to thank Mahboubeh Lotfinia for constructive review comments.
我要感谢 Mahboubeh Lotfinia 的建设性评论。
References 引用
(1) MHRA GXP Data Integrity Guidance and Definitions. Medicines and Healthcare Products Regulatory Agency, London, United Kingdom, 2018.
(1) MHRA GXP 数据完整性指南和定义。药品和保健品监管局,英国伦敦,2018 年。
(2) PIC/S PI-041 Good Practices for Data Management and Integrity in Regulated GMP/GDP Environments. Pharmaceutical Inspection Convention/Pharmaceutical Inspection Cooperation Scheme, Geneva, Switzerland, 2021.
(2) PIC/S PI-041 受监管 GMP/GDP 环境中数据管理和完整性的良好实践。 药品检查公约/药品检查合作计划,瑞士日内瓦,2021 年。
(3) GAMP Guide Records and Data integrity. International Society for Pharmaceutical Engineering, Tampa, Florida, 2017.
(3) GAMP 指南记录和数据完整性。国际制药工程学会,佛罗里达州坦帕,2017 年。
(4) GAMP Good Practice Guide: Data Integrity-Key Concepts. International Society for Pharmaceutical Engineering, Tampa, Florida, 2018.
(4) GAMP 良好实践指南:数据完整性 - 关键概念。国际制药工程学会,佛罗里达州坦帕,2018 年。
(5) GAMP Good Practice Guide: Data Integrity by Design. International Society for Pharmaceutical Engineering, Tampa, Florida, 2020.
(5) GAMP 良好实践指南:数据完整性设计。国际制药工程学会,佛罗里达州坦帕,2020 年。
(6) Technical Report 80: Data Integrity Management System for Pharmaceutical Laboratories. Parenteral Drug Association (PDA), Bethesda, Maryland, 2018.
(6) 技术报告 80:制药实验室数据完整性管理系统。肠外药物协会 (PDA),马里兰州贝塞斯达,2018 年。
(7) Burgess, C.; et al. GMP, GCP and GDP Data Integrity and Data Governance, 3rd Edition. European Compliance Academy Heidelberg, Germany, 2022.
(7) 伯吉斯,C.;等人,GMP、GCP 和 GDP 数据完整性和数据治理,第 3 版。欧洲合规学院,德国海德堡,2022 年。
(8) Practical Risk-based Guide for Managing Data Integrity version 1. 2019.
(8) 基于风险的数据完整性管理实用指南第 1 版。2019 年。
(9) Practical Risk-based Guide for Managing Data Integrity version 2. 2022. https://apic.cefic.org/publication/practical-risk-based-guide-for-managing-data-integrity/.
(9) 基于风险的数据完整性管理实用指南第 2 版。2022. https://apic.cefic.org/publication/practical-risk-based-guide-for-managing-data-integrity/。
(10) McDowall, R. D. Do You Really Understand the Cost of Noncompliance? Spectroscopy 2020, 35 (11), 13–22.
(10) 麦克道沃尔,R. D.您真的了解不合规的代价吗?光谱学2020, 35 (11), 13–22.
(11) EudraLex - Volume 4 Good Manufacturing Practice (GMP) Guidelines, Annex 11 Computerised Systems. European Commission: Brussels, Belgium, 2011.
(11) EudraLex - 第 4 卷良好生产规范 (GMP) 指南,附录 11 计算机化系统。欧盟委员会:比利时布鲁塞尔,2011 年。
(12) McDowall, R. D. Is Traceability the Glue for ALCOA, ALCOA+, or ALCOA++? Spectroscopy 2022, 37 (4), 13–19. DOI: 10.56530/spectroscopy.up8185n1
(12) 麦克道沃尔,R. D.可追溯性是 ALCOA、ALCOA+ 或 ALCOA++ 的粘合剂吗?光谱学2022,3, 7 (4), 13–19。DOI:10.56530/spectroscopy.up8185n1
(13) FDA 483 Observations Jiangsu Hengrui Pharmaceuticals Co. Ltd. 2024, (accessed 2024-06-22). https://www.fda.gov/media/179134/download.
(13) FDA483 观察 江苏恒瑞药业股份有限公司 2024,(访问时间 2024-06-22)。https://www.fda.gov/media/179134/download。
(14) EudraLex - Volume 4 Good Manufacturing Practice (GMP) Guidelines, Chapter 4 Documentation, E. Commission, Editor. Brussels, Belgium, 2011.
(14) EudraLex - 第 4 卷良好生产规范 (GMP) 指南,第 4 章文档,E. 委员会,编辑。比利时布鲁塞尔,2011 年。
(15) 21 CFR 211 Current Good Manufacturing Practice for Finished Pharmaceutical Products. Food and Drug Administration, Sliver Spring, Maryland, 2008.
(15) 21 CFR 211 成品药品的现行药品生产质量管理规范。食品和药物管理局,马里兰州银泉,2008 年。
(16) McDowall, R. D. The Humble Instrument Log Book. Spectroscopy 2017, 32 (12), 8–12.
(16) 麦克道沃尔,R. D.The Humble Instrument Log Book(不起眼的乐器日志)。光谱学2017, 32 (12), 8–12。
(17) 21 CFR Part 11; Electronic Records; Electronic Signatures Final Rule. Federal Register 1997, 62 (54), 13430–13466.
(17) 21 CFR 第 11 部分;电子记录;电子签名最终规则。联邦公报 1997, 62 (54), 13430–13466。
(18) McDowall, R. D. Is Traceability the Glue for ALCOA, ALCOA+ or ALCOA++? Spectroscopy 2022, 37 (4), 13–19. DOI: 10.56530/spectroscopy.up8185n1
(18) 麦克道沃尔,R. D.可追溯性是 ALCOA、ALCOA+ 或 ALCOA++ 的粘合剂吗?光谱学2022, 37 (4), 13–19。DOI: 10.56530/spectroscopy.up8185n1
(19) EMA Guideline on Computerised Systems and Electronic Data in Clinical Trials. European Medicines Agency: Amsterdam, The Netherlands, 2023.
(19) EMA 临床试验中计算机化系统和电子数据指南。欧洲药品管理局:荷兰阿姆斯特丹,2023 年。
(20) EudraLex - Volume 4 Good Manufacturing Practice (GMP) Guidelines, Chapter 6 Quality Control. European Commission: Brussels, Belgium, 2014.
(20) EudraLex - 第 4 卷良好生产规范 (GMP) 指南,第 6 章质量控制。欧盟委员会:比利时布鲁塞尔,2014 年。
(21) McDowall, R. D. Why is My Application’s Audit Trail Rubbish? Spectroscopy 2017, 32 (11), 24–27.
(21) 麦克道沃尔,R. D.为什么我的应用程序的审计跟踪是垃圾?光谱学2017,32 (11),24-27。
(22) Concept Paper on the Revision of Annex 11 of the Guidelines on Good Manufacturing Practice for Medicinal Products–Computerised Systems. 2022. https://www.ema.europa.eu/en/documents/regulatory-procedural-guideline/concept-paper-revision-annex-11-guidelines-good-manufacturing-practice-medicinal-products_en.pdf.
(22) 关于修订《医药产品良好生产规范指南——计算机化系统》附件 11 的概念文件。2022 年 https://www.ema.europa.eu/en/documents/regulatory-procedural-guideline/concept-paper-revision-annex-11-guidelines-good-manufacturing-practice-medicinal-products_en.pdf.
(23) ICH Q9(R1) Quality Risk Management. International Council for Harmonisation: Geneva, Switzerland, 2023.
(23) ICH Q9(R1) 质量风险管理。国际协调委员会:瑞士日内瓦,2023 年。
