PDA 数据完整性警告信分析-FY15&16

本文摘自“ FDA WARNING LETTERS ANALYSIS AND GUIDANCE ” 

作者：Jeanne Moldenhauer

ANALYSIS OF WARNINGLETTERS
警告信分析

INTRODUCTION简介

One advantage of reviewingrecent warninglettersis that you can use this information to predict the type of topics that are current focus areas of FDA.Manydifferentauthorshave focusedondifferent topicsofinterestin warning letters over the  last four years.Someoftheirobservationsare  included  inthischapter.Additionally,there  isa summarytablethatindicate  show many observations occurred for each section of theregulations.
可以通过回顾近期警告信的信息来预测FDA当前关注的领域类型。近四年，许多不同的作者在警告信中关注了不同 的主题。本章节收载了其中一些观察意见。此外，还有一个汇总表，按法规条例所对应的观察项进行分类对比。

Havingreviewedwarninglettersformanyyears,10yearsagoawarninglettertypicallyhadmoreobservations than thoseof thelast four years.Thebulkof the warninglettersinthetimeperiodstudiedhadfewerobservationsnoted.Manyofthemconsistedoftwotofiveobservations.Itappearsthattheseverityoftheconcern(risk)is  driving whether a warning letter isissued.
经过多年警告信的回顾，10年前的警告信通常比近4年的警告信缺陷数量更多。在所研究的周期内，大部分警告信的观察缺陷项较少，很多只有两到五项。由此看来，缺陷(风险)的严重性决定了是否会发出警告信。

A FOCUS IN 2016-DATAINTEGRITY AND DATA GOVERNANCE
2016年关注点一数据完整性和数据治理

In  the  1980s  the  Food  and  Drug  Administration(FDA)started  looking at computerized programs and many observationswerecitedforautomatedcomputerprograms.Someof thesetypesof failuresincludedproblemsincomputersystemvalidation,audittrailsthatwerenotreviewedforaccuracyorcompleteness,failuretomaintain electronicrecords,andnotinvestigatingwhenrecordswere“lost”or“misplaced”(Unger,2017).
20世纪80年代，美国食品药物管理局(FDA) 开始研究计算机程序，并引用了许多自动化计算机程序的观察缺陷项。包括计算机系统验证的问题，审计追踪审核的准确性或完整性问题，电子记录维护失败问题，记录“丢失”或“错  放”未调查等问题(Unger,2017年)。 

Inthe1990s,microbiologywasamajorfocusarea,followingissuanceofguidanceonsterilizationvalidationdatathatshouldbeincludedinregulatorysubmissions.Inthe2000s,oneofthefocusareasininspectionswasrelatedtoissuesof datagovernanceanddataintegrity.Manydifferentregulatoryauthoritieshavebeeninterestedindata integrity.Guidance documents forboth theUnitedStates andEurope wereissuedrelativetothistopic
在1990  年代，微生物学是一个重点领域，FDA发布了灭菌工艺验证申报资料指南(1994), 规定这些数据应该包括在申报资料中。在21世纪初，检查重点之一是数据治理和数据完整性。许多监管机构都关注数据完整性。美国和欧洲都都发布了相关指导文件。        

Dataintegrityis often a topicinpre-approvalinspections (PAls).In these types ofinspections,theregulator can selecttables,oranytypeof dataincludedinthesubmission,andaskthemanufacturingfacilitytoprovidetherawdatatosupportdataactuallyincludedinthesubmission.Doingthishasledthemtofindfalsifiedrecords,originalrecordsthatweredestroyedduringtheirretentionperiod,andotherproblemsrelativetotheaccuratereportingofdata.When  issueswithdata  integrityarefound,trust  is  broken  between  the  regulatorandthesubmitterofa  productapplication.Manynegativeactionscan takeplacerelative to these typesof findings.Someactionsinclude  issuanceofwarningletters,importalerts,recalls,consentdecrees,orclosingofthefacility.(Unger,2017)
数据完整性通常是批准前检查(PAls)的一个主题。在这些类型的检查中，监管机构可以选择查看图表，或提交材料中的任何数据，并要求生产场地提供相关原始数据，以支持提交材料中的这些数据。这样做使他们找到了伪造的记录，在保存期间被销毁的原始记录，以及与数据的准确报告有关的其他问题。当发现数据完整性问题时，产品申请递交商和监管方之间的信任就会被破坏。与这些发现相关的许多负面行为都可能发生。包括发出警告信、进口禁令、召回、同意判决书或关闭工厂。(Unger,2017)       

Unger(2017)reportsthatapproximately80%ofallwarninglettersfrom2015and2016includeissueswithdata integrity.Similartypes  of  issueswere  noted  by  European  inspectors,approximately  70%of  reported  issues,aspublishedinEudrareportsof GMPnon-compliance(Eudra,2019).
Unger(2017)报告称，2015年和2016年的所有警告信中，约有80%涉及数据完整性问题。欧洲检查员也注意到了类似的问题，大约70%的报告涉及DI问题，发表在欧盟GMP  不符合报告中(Eudra,2019)。         

Unger(2017)reportedinformation on thebreakdown of warningletters for dataintegrityby thecountryin whichthefacility waslocated.This datais summarizedin Table1.
Unger   (2017)报告了工厂所在国家的数据完整性警告信的分类信息。表1总结了这些数据。   

Table1Number of dataintegrity associated warningletters by country
表1各国DI相关的警告信数量

Source:Unger  (2016)       

DataintegrityobservationsmayrelatetoseveraldifferentregulatoryrequirementsintheUSA.Someofthesecitationstietothefollowingregulationsin2016:(Unger,2017)
数据完整性缺陷项可能与美国监管法规中的若干条例相关。2016年有如下相关引用(Unger,2017):        

• 21CFR§211.68(a)and(b)resultedinsevencitations.

  21 CFR §211.68(a) 和 (b)7次引用         

   

• 21CFRS211.22(a)and(d)resultedinfivecitations.

  21CFR§211.22(a)和 (d)5次引用

• 21CFR§211.194(a)resultedinthreecitations.   
  

  21CFR§211.194(a)3次引用        

   

• 21CFR§211.160(a)and(b)resultedinthreecitations.

  21CFR§211.160(a) 和 (b)3次引用

• 21CFR§211.165(a)resultedin twocitations.

  21CFR§211.165(a)2次引用        

   

• 21 CFR§211.188resultedin two citations.

  21CFR§211.188 2次引用

Preventing dataintegrity observations at your site
防止工厂出现数据完整性缺陷

Theinfamous21CFRPart11:ElectronicRecordsandElectronicSignaturesregulationwasissued20yearsago.Thisregulationhasevolvedintothebasisformanyof thedataintegrityissuesweseewithelectronicrecords.In 2016,dataintegrity wasamajorissuein themajorityof the WarningLetters(Unger,2017).
臭名昭著的21CFR第11部分：电子记录和电子签名条例是20年前颁布的。这一规定已经发展成为我们在电子记录中看到的许多数据完整性问题的理论基础。2016年，在大多数警告信中，数据完整性是一个主要问题(Unger,2017)。

Unger(2016)proposeda12-stepprogramtopreventdataintegrityissues.Unger(2016)
给出了一个预防DI问题的12-步程序：

1.Having a corporate culture that encourages the reporting of mistakes,without retaliation to employees.
制造一种鼓励报告错误，而不报复员工的企业文化。         

2.Recognize that regulator concerns on data integrity is not a passing fancy.Regulators need to be able to rely upon the data we provide in submissions,and therefore they need to be able to verify the accuracy of the data
需要认识到，监管机构对数据完整性的关注并不是一时的幻想。监管机构需要能够依赖的提交数据，因此他们 需要验证数据的准确性。 

3.It is important for companies to know and use the regulations on data integrity.The World Health Organization (WHO)and the European guidances provide discrete examples of the requirements and they are used by many regulators.It can be useful to have subject matter experts on these topics,either at your company or available through consulting to aid you in understanding the requirements.
公司了解并使用与数据完整性相关的法规。WHO 和欧盟指南中都提供了相关要求的离散举例，并被许多监管机 构使用。在公司内或者通过咨询公司的主题专家帮助理解需求。       

4.Regularly  review  regulation actions on these topics,e.g.,FDA-483s,Warning  Letters  and the  like to evaluate the types of concerns being raised and how the regulations are being interpreted.Make sure your learning gets incorporated into what yourcompany does.
定期评审DI主题的监管行动，例如：FDA-483s、警告信和类似的评估所提出的关注类型以及法规解读。确保将所学到的融入公司活动中。       

5.Keep in mind that data integrity applies to all the data you have,both paper and electronic records.Also consider the places where these two types of records come together.
切记，数据完整性适用于公司所拥有的所有数据，包括纸质记录和电子记录。还应考虑这两种类型的记录一起 出现的地方(混合记录)。

6.It is inappropriate to assume that the Information Technology is the only department responsible for these actions.Quality should be intimately involved in these activities.
假定信息技术部门是对这些行为负责的唯一部门是不恰当的。质量管理应密切参与到这些活动中。        

7.Have a written and implemented program to maintain the integrity of your data.Ensure that all data is accurate, trustworthy,and secured throughout its lifecycle.
有书面的程序并通过执行程序来维护数据的可靠性。确保所有数据在其生命周期中都是准确、可信和安全的。

8.You should have data maps and process flow diagrams for all computer systems used for GMP functions. These documents are useful in identifying and implementing risk-based activities.
用于GMP  功能的所有计算机系统的数据图和过程流程图都应具备。这些文档对于识别和实现基于风险的活动非常有用。     

9.All systems used for GMP functions should be validated to show that they perform their intended purposes. Validation should be conducted using a risk-based approach.
所有用于GMP  功能的系统都应该经过验证，以表明它们执行了预期的目的。验证应该使用基于风险的方法进行。      

10.Any gaps identified in the systems should be addressed.Part of this includes clear definition of what is original data.The original data and the critical metadata,like audit trails,should be reviewed.The review should be documented.
应处理系统中识别的任何差距。其中包括对原始数据的明确定义。应该审核原始数据和关键元数据(如审计跟踪), 并记录。 

11.A system of controls should be identified and implemented to address the gaps found.The controls should be identified,documented  and justified  to  be  adequate.There  should  also  be  a  system  to  continue  working toward a system that is compliant (i.e.,have a timeline and action plan).
应确定和实施一套控制系统，以解决发现的差距。控制应加以识别、记录并证明是适当的。还应该有一个体系 来持续朝着合规的系统工作(即制定时间表和行动计划)。

12.Unfortunately,we frequently find out that remediation activities are expensive.They can also take more time than we may think.Even if additional problems are identified,it is important to finish remediation activities.
不幸的是，我们经常发现整改措施非常昂贵。它们所花费的时间也比我们想象的要多。即使发现了其他问题， 完成整改活动也很重要。