Data Integrity and Compliance With CGMP
Guidance for Industry
DRAFT GUIDANCE
This guidance document is being distributed for comment purposes only.
Comments and suggestions regarding this draft document should be submitted within 60 days of publication in the Federal Register of the notice announcing the availability of the draft guidance. Submit electronic comments to http://www.regulations.gov. Submit written comments to the Division of Dockets Management (HFA-305), Food and Drug Administration, 5630 Fishers Lane, rm. 1061, Rockville, MD 20852. All comments should be identified with the docket number listed in the notice of availability that publishes in the Federal Register.
For questions regarding this draft document, contact (CDER) Karen Takahashi 301-796-3191; (CBER) Office of Communication, Outreach and Development, 800-835-4709 or 240-402-8010; or (CVM) Jonathan Bray 240-402-5623.
U.S. Department of Health and Human Services
Food and Drug Administration
Center for Drug Evaluation and Research (CDER)
Center for Biologics Evaluation and Research (CBER)
Center for Veterinary Medicine (CVM)
April 2016
Pharmaceutical Quality/Manufacturing Standards (CGMP)
Data Integrity and Compliance With CGMP
Guidance for Industry
Additional copies are available from:
Office of Communications, Division of Drug Information
Center for Drug Evaluation and Research
Food and Drug Administration
10001 New Hampshire Ave., Hillandale Bldg., 4th Floor
Silver Spring, MD 20993-0002
Phone: 855-543-3784 or 301-796-3400; Fax: 301-431-6353
Email: druginfo@fda.hhs.gov
http://www.fda.gov/Drugs/GuidanceComplianceRegulatoryInformation/Guidances/default.htm
and/or
Office of Communication, Outreach and Development
Center for Biologics Evaluation and Research
Food and Drug Administration
10903 New Hampshire Ave., Bldg. 71, Room 3128
Silver Spring, MD 20993-0002
Phone: 800-835-4709 or 240-402-8010
Email: ocod@fda.hhs.gov
http://www.fda.gov/BiologicsBloodVaccines/GuidanceComplianceRegulatoryInformation/Guidances/default.htm
and/or
Policy and Regulations Staff, HFV-6
Center for Veterinary Medicine
Food and Drug Administration
7519 Standish Place, Rockville, MD 20855
http://www.fda.gov/AnimalVeterinary/GuidanceComplianceEnforcement/GuidanceforIndustry/default.htm
U.S. Department of Health and Human Services
Food and Drug Administration
Center for Drug Evaluation and Research (CDER)
Center for Biologics Evaluation and Research (CBER)
Center for Veterinary Medicine (CVM)
April 2016
Pharmaceutical Quality/Manufacturing Standards (CGMP)
Contains Nonbinding Recommendations
Draft — Not for Implementation
TABLE OF CONTENTS
I. INTRODUCTION............................................................................................................. 1
II. BACKGROUND............................................................................................................... 1
III. QUESTIONS AND ANSWERS....................................................................................... 2
1. Please clarify the following terms as they relate to CGMP records:.........................................2
a. What is “data integrity”? ................................................................................................................2
b. What is “metadata”? .......................................................................................................................3
c. What is an “audit trail”?.................................................................................................................3
d. How does FDA use the terms “static” and “dynamic” as they relate to record formats? .............3
e. How does FDA use the term “backup” in § 211.68(b)?..................................................................4
f. What are the “systems” in “computer or related systems” in § 211.68?........................................4
2. When is it permissible to exclude CGMP data from decision making?....................................4
3. Does each workflow on our computer system need to be validated? ........................................4
4. How should access to CGMP computer systems be restricted? ................................................5
5. Why is FDA concerned with the use of shared login accounts for computer systems?...........6
6. How should blank forms be controlled? ......................................................................................6
7. How often should audit trails be reviewed?.................................................................................6
8. Who should review audit trails?...................................................................................................6
9. Can electronic copies be used as accurate reproductions of paper or electronic records? .....7
10. Is it acceptable to retain paper printouts or static records instead of original electronic records from stand-alone computerized laboratory instruments, such as an FT-IR instrument? .7
11. Can electronic signatures be used instead of handwritten signatures for master production and control records?...............................................................................................................................8
12. When does electronic data become a CGMP record? ................................................................8
13. Why has the FDA cited use of actual samples during “system suitability” or test, prep, or equilibration runs in warning letters?..................................................................................................9
14. Is it acceptable to only save the final results from reprocessed laboratory
chromatography? ...................................................................................................................................9
15. Can an internal tip regarding a quality issue, such as potential data falsification, be handled informally outside of the documented CGMP quality system?..........................................................9
16. Should personnel be trained in detecting data integrity issues as part of a routine CGMP training program? ................................................................................................................................10
17. Is the FDA investigator allowed to look at my electronic records?.........................................10
18. How does FDA recommend data integrity problems identified during inspections, in warning letters, or in other regulatory actions be addressed? .........................................................10
Contains Nonbinding Recommendations
Draft — Not for Implementation
1
Data Integrity and Compliance With CGMP 1
Guidance for Industry1 2
3
4
This draft guidance, when finalized, will represent the current thinking of the Food and Drug 5 Administration (FDA or Agency) on this topic. It does not establish any rights for any person and is not 6 binding on FDA or the public. You can use an alternative approach if it satisfies the requirements of the 7 applicable statutes and regulations. To discuss an alternative approach, contact the FDA staff responsible 8 for this guidance as listed on the title page. 9
10
11
12
13
I. INTRODUCTION 14
15
The purpose of this guidance is to clarify the role of data integrity in current good manufacturing 16 practice (CGMP) for drugs, as required in 21 CFR parts 210, 211, and 212. Part 210 covers 17 Current Good Manufacturing Practice in Manufacturing, Processing, Packing, or Holding of 18 Drugs; General; part 211 covers Current Good Manufacturing Practice for Finished 19 Pharmaceuticals; and part 212 covers Current Good Manufacturing Practice for Positron 20 Emission Tomography Drugs. This guidance provides the Agency’s current thinking on the 21 creation and handling of data in accordance with CGMP requirements. 22
23
FDA expects that data be reliable and accurate (see the “Background” section). CGMP 24 regulations and guidance allow for flexible and risk-based strategies to prevent and detect data 25 integrity issues. Firms should implement meaningful and effective strategies to manage their data 26 integrity risks based upon their process understanding and knowledge management of 27 technologies and business models. 28
29
In general, FDA’s guidance documents do not establish legally enforceable responsibilities. 30 Instead, guidances describe the Agency’s current thinking on a topic and should be viewed only 31 as recommendations, unless specific regulatory or statutory requirements are cited. The use of 32 the word should in Agency guidances means that something is suggested or recommended, but 33 not required. 34
35
II. BACKGROUND 36
37
In recent years, FDA has increasingly observed CGMP violations involving data integrity during 38 CGMP inspections. This is troubling because ensuring data integrity is an important component 39 of industry’s responsibility to ensure the safety, efficacy, and quality of drugs, and of FDA’s 40 ability to protect the public health. These data integrity-related CGMP violations have led to 41
1 This guidance has been prepared by the Office of Pharmaceutical Quality and the Office of Compliance in the Center for Drug Evaluation and Research in cooperation with the Center for Biologics Evaluation and Research, the Center for Veterinary Medicine, and the Office of Regulatory Affairs at the Food and Drug Administration.
Contains Nonbinding Recommendations
Draft — Not for Implementation
2
numerous regulatory actions, including warning letters, import alerts, and consent decrees. The 42 underlying premise in §§ 210.1 and 212.2 is that CGMP sets forth minimum requirements to 43 assure that drugs meet the standards of the Federal Food, Drug, and Cosmetic Act (FD&C Act) 44 regarding safety, identity, strength, quality, and purity.2 Requirements with respect to data 45 integrity in parts 211 and 212 include, among other things: 46
47
• § 211.68 (requiring that “backup data are exact and complete,” and “secure from 48 alteration, inadvertent erasures, or loss”); 49
• § 212.110(b) (requiring that data be “stored to prevent deterioration or loss”); 50
• §§ 211.100 and 211.160 (requiring that certain activities be “documented at the time 51 of performance” and that laboratory controls be “scientifically sound”); 52
• § 211.180 (requiring that records be retained as “original records,” “true copies,” or 53 other “accurate reproductions of the original records”); and 54
• §§ 211.188, 211.194, and 212.60(g) (requiring “complete information,” “complete 55 data derived from all tests,” “complete record of all data,” and “complete records of 56 all tests performed”). 57
58
Electronic signature and record-keeping requirements are laid out in 21 CFR part 11 and apply to 59 certain records subject to records requirements set forth in Agency regulations, including parts 60 210, 211, and 212. For more information, see guidance for industry Part 11, Electronic Records; 61 Electronic Signatures — Scope and Application.3 The guidance outlines FDA’s current thinking 62 regarding the narrow scope and application of part 11 pending FDA’s reexamination of part 11 63 as it applies to all FDA-regulated products. 64
65
III. QUESTIONS AND ANSWERS 66
67
1. Please clarify the following terms as they relate to CGMP records: 68
69
a. What is “data integrity”? 70
71
For the purposes of this guidance, data integrity refers to the completeness, 72 consistency, and accuracy of data. Complete, consistent, and accurate data should 73 be attributable, legible, contemporaneously recorded, original or a true copy, and 74 accurate (ALCOA).4 75
2 FDA’s authority for CGMP comes from FD&C Act section 501(a)(2)(B), which states that a drug shall be deemed adulterated if “the methods used in, or the facilities or controls used for, its manufacture, processing, packing, or holding do not conform to or are not operated or administered in conformity with current good manufacturing practice to assure that such drug meets the requirement of the act as to safety and has the identity and strength, and meets the quality and purity characteristics, which it purports or is represented to possess.”
3 CDER updates guidances periodically. To make sure you have the most recent version of a guidance, check the FDA Drugs guidance Web page at www.fda.gov/Drugs/GuidanceComplianceRegulatoryInformation/Guidances/default.htm.
4 For attributable, see §§ 211.101(d), 211.122, 211.186, 211.188(b)(11), and 212.50(c)(10); for legible see §§ 211.180(e) and 212.110(b); for contemporaneously recorded (at the time of performance) see §§ 211.100(b) and 211.160(a); for original or a true copy see §§ 211.180 and 211.194(a); and for accurate see §§ 211.22(a), 211.68, 211.188, and 212.60(g).
Contains Nonbinding Recommendations
Draft — Not for Implementation
3
b. What is “metadata”? 76
77
Metadata is the contextual information required to understand data. A data value 78 is by itself meaningless without additional information about the data. Metadata is 79 often described as data about data. Metadata is structured information that 80 describes, explains, or otherwise makes it easier to retrieve, use, or manage data. 81 For example, the number “23” is meaningless without metadata, such as an 82 indication of the unit “mg.” Among other things, metadata for a particular piece 83 of data could include a date/time stamp for when the data were acquired, a user ID 84 of the person who conducted the test or analysis that generated the data, the 85 instrument ID used to acquire the data, audit trails, etc. 86
87
Data should be maintained throughout the record’s retention period with all 88 associated metadata required to reconstruct the CGMP activity (e.g., §§ 211.188 89 and 211.194). The relationships between data and their metadata should be 90 preserved in a secure and traceable manner. 91
92
c. What is an “audit trail”? 93
94
For purposes of this guidance, audit trail means a secure, computer-generated, 95 time-stamped electronic record that allows for reconstruction of the course of 96 events relating to the creation, modification, or deletion of an electronic record. 97 An audit trail is a chronology of the “who, what, when, and why” of a record. For 98 example, the audit trail for a high performance liquid chromatography (HPLC) 99 run could include the user name, date/time of the run, the integration parameters 100 used, and details of a reprocessing, if any, including change justification for the 101 reprocessing. 102
103
Electronic audit trails include those that track creation, modification, or deletion 104 of data (such as processing parameters and results) and those that track actions at 105 the record or system level (such as attempts to access the system or rename or 106 delete a file). 107
108
CGMP-compliant record-keeping practices prevent data from being lost or 109 obscured (see §§ 211.160(a), 211.194, and 212.110(b)). Electronic record-keeping 110 systems, which include audit trails, can fulfill these CGMP requirements. 111
112
d. How does FDA use the terms “static” and “dynamic” as they relate to record 113 formats? 114
115
For the purposes of this guidance, static is used to indicate a fixed-data document 116 such as a paper record or an electronic image, and dynamic means that the record 117 format allows interaction between the user and the record content. For example, a 118 dynamic chromatographic record may allow the user to change the baseline and 119 reprocess chromatographic data so that the resulting peaks may appear smaller or 120
Contains Nonbinding Recommendations
Draft — Not for Implementation
4
larger. It also may allow the user to modify formulas or entries in a spreadsheet 121 used to compute test results or other information such as calculated yield. 122
123
e. How does FDA use the term “backup” in § 211.68(b)? 124
125
FDA uses the term backup in § 211.68(b) to refer to a true copy of the original 126 data that is maintained securely throughout the records retention period (for 127 example, § 211.180). The backup file should contain the data (which includes 128 associated metadata) and should be in the original format or in a format 129 compatible with the original format. 130
131
This should not be confused with backup copies that may be created during 132 normal computer use and temporarily maintained for disaster recovery (e.g., in 133 case of a computer crash or other interruption). Such temporary backup copies 134 would not satisfy the requirement in § 211.68(b) to maintain a backup file of data. 135
136
f. What are the “systems” in “computer or related systems” in § 211.68? 137
138
The American National Standards Institute (ANSI) defines systems as people, 139 machines, and methods organized to accomplish a set of specific functions.5 140 Computer or related systems can refer to computer hardware, software, peripheral 141 devices, networks, cloud infrastructure, operators, and associated documents (e.g., 142 user manuals and standard operating procedures). 143
144
2. When is it permissible to exclude CGMP data from decision making? 145
146
Any data created as part of a CGMP record must be evaluated by the quality unit as part 147 of release criteria (see §§ 211.22 and 212.70) and maintained for CGMP purposes (e.g., § 148 211.180). Electronic data generated to fulfill CGMP requirements should include relevant 149 metadata. To exclude data from the release criteria decision-making process, there must 150 be a valid, documented, scientific justification for its exclusion (see the guidance for 151 industry Investigating Out-of-Specification (OOS) Test Results for Pharmaceutical 152 Production, and §§ 211.188, 211.192, and 212.71(b)). The requirements for record 153 retention and review do not differ depending on the data format; paper-based and 154 electronic data record-keeping systems are subject to the same requirements. 155
156
3. Does each workflow on our computer system need to be validated? 157
158
Yes, a workflow, such as creation of an electronic master production and control record 159 (MPCR), is an intended use of a computer system to be checked through validation (see 160 §§ 211.63, 211.68(b), and 211.110(a)). If you validate the computer system, but you do 161
5 American National Standard for Information Systems, Dictionary for Information Systems, American National Standards Institute, 1991.
Contains Nonbinding Recommendations
Draft — Not for Implementation
5
not validate it for its intended use, you cannot know if your workflow runs correctly.6 For 162 example, qualifying the Manufacturing Execution System (MES) platform, a computer 163 system, ensures that it meets specifications; however, it does not demonstrate that a given 164 MPCR generated by the MES contains the correct calculations. In this example, 165 validating the workflow ensures that the intended steps, specifications, and calculations 166 in the MPCR are accurate. This is similar to reviewing a paper MPCR and ensuring all 167 supporting procedures are in place before the MPCR is implemented in production (see 168 §§ 211.100, 211.186, and 212.50(b), and the guidance for industry PET Drugs — Current 169 Good Manufacturing Practice (CGMP)). 170
171
FDA recommends you implement appropriate controls to manage risks associated with 172 each element of the system. Controls that are appropriately designed to validate a system 173 for its intended use address software, hardware, personnel, and documentation. 174
175
4. How should access to CGMP computer systems be restricted? 176
177
You must exercise appropriate controls to assure that changes to computerized MPCRs, 178 or other records, or input of laboratory data into computerized records, can be made only 179 by authorized personnel (§ 211.68(b)). FDA recommends that you restrict the ability to 180 alter specifications, process parameters, or manufacturing or testing methods by technical 181 means where possible (for example, by limiting permissions to change settings or data). 182 FDA suggests that the system administrator role, including any rights to alter files and 183 settings, be assigned to personnel independent from those responsible for the record 184 content. To assist in controlling access, FDA recommends maintaining a list of 185 authorized individuals and their access privileges for each CGMP computer system in 186 use. 187
188
If these independent security role assignments are not practical for small operations or 189 facilities with few employees, such as PET or medical gas facilities, FDA recommends 190 alternate control strategies be implemented.7 For example, in the rare instance that the 191 same person is required to hold the system administrator role and to be responsible for 192 the content of the records, FDA suggests having a second person review settings and 193 content. If second-person review is not possible, the Agency recommends that the person 194 recheck settings and his or her own work. 195
196
6 In computer science, validation refers to ensuring that software meets its specifications. However, this may not meet the definition of process validation as found in guidance for industry Process Validation: General Principles and Practices: “The collection and evaluation of data … which establishes scientific evidence that a process is capable of consistently delivering quality products.” See also ICH guidance for industry Q7A Good Manufacturing Practice Guide for Active Pharmaceutical Ingredients, which defines validation as providing assurance that a specific process, method, or system will consistently produce a result meeting predetermined acceptance criteria. For purposes of this guidance, validation is being used in a manner consistent with the above guidance documents.
7 For further discussion of such alternate control strategies, see the guidance for industry PET Drugs — Current Good Manufacturing Practice (CGMP).
Contains Nonbinding Recommendations
Draft — Not for Implementation
6
5. Why is FDA concerned with the use of shared login accounts for computer 197 systems? 198
199
You must exercise appropriate controls to assure that only authorized personnel make 200 changes to computerized MPCRs, or other records, or input laboratory data into 201 computerized records, and you must implement documentation controls that ensure 202 actions are attributable to a specific individual (see §§ 211.68(b), 211.188(b)(11), 203 211.194(a)(7) and (8), and 212.50(c)(10)). When login credentials are shared, a unique 204 individual cannot be identified through the login and the system would thus not conform 205 to the CGMP requirements in parts 211 and 212. FDA requires that systems controls, 206 including documentation controls, be designed to follow CGMP to assure product quality 207 (for example, §§ 211.100 and 212.50). 208
209
6. How should blank forms be controlled? 210
211
There must be document controls in place to assure product quality (see §§ 211.100, 212 211.160(a), 211.186, 212.20(d), and 212.60(g)). FDA recommends that, if used, blank 213 forms (including, but not limited to, worksheets, laboratory notebooks, and MPCRs) be 214 controlled by the quality unit or by another document control method. For example, 215 numbered sets of blank forms may be issued as appropriate and should be reconciled 216 upon completion of all issued forms. Incomplete or erroneous forms should be kept as 217 part of the permanent record along with written justification for their replacement (for 218 example, see §§ 211.192, 211.194, 212.50(a), and 212.70(f)(1)(vi)). 219
220
Similarly, bound paginated notebooks, stamped for official use by a document control 221 group, allow detection of unofficial notebooks as well as of any gaps in notebook pages. 222
223
7. How often should audit trails be reviewed? 224
225
FDA recommends that audit trails that capture changes to critical data be reviewed with 226 each record and before final approval of the record. Audit trails subject to regular review 227 should include, but are not limited to, the following: the change history of finished 228 product test results, changes to sample run sequences, changes to sample identification, 229 and changes to critical process parameters. 230
231
FDA recommends routine scheduled audit trail review based on the complexity of the 232 system and its intended use. 233
234
See audit trail definition 1.c. above for further information on audit trails. 235
236
8. Who should review audit trails? 237
238
Audit trails are considered part of the associated records. Personnel responsible for record 239 review under CGMP should review the audit trails that capture changes to critical data 240 associated with the record as they review the rest of the record (for example, §§ 241 211.22(a), 211.101(c), 211.194(a)(8), and 212.20(d)). For example, all production and 242
Contains Nonbinding Recommendations
Draft — Not for Implementation
7
control records, which includes audit trails, must be reviewed and approved by the 243 quality unit (§ 211.192). This is similar to the expectation that cross-outs on paper be 244 assessed when reviewing data. 245
246
9. Can electronic copies be used as accurate reproductions of paper or 247 electronic records? 248
249
Yes. Electronic copies can be used as true copies of paper or electronic records, provided 250 the copies preserve the content and meaning of the original data, which includes 251 associated metadata and the static or dynamic nature of the original records. 252
253
True copies of dynamic electronic records may be made and maintained in the format of 254 the original records or in a compatible format, provided that the content and meaning of 255 the original records are preserved and that a suitable reader and copying equipment (for 256 example, software and hardware, including media readers) are readily available (§§ 257 211.180(d) and 212.110). 258
259
10. Is it acceptable to retain paper printouts or static records instead of original 260 electronic records from stand-alone computerized laboratory instruments, 261 such as an FT-IR instrument? 262
263
A paper printout or static record may satisfy retention requirements if it is a complete 264 copy of the original record (see §§ 211.68(b), 211.188, 211.194, and 212.60). For 265 example, pH meters and balances may create a paper printout or static image during data 266 acquisition as the original record. In this case, the paper printout or static image created 267 during acquisition, or a true copy, should be retained (§ 211.180). 268
269
However, electronic records from certain types of laboratory instruments are dynamic 270 records, and a printout or a static record does not preserve the dynamic format which is 271 part of the complete original record. For example, the spectral file created by FT-IR 272 (Fourier transform infrared spectroscopy) can be reprocessed, but a static record or 273 printout is fixed, which would not satisfy CGMP requirements to retain original records 274 or true copies (§ 211.180(d)). Also, if the full spectrum is not displayed, contaminants 275 may be excluded. 276
277
Control strategies must ensure that original laboratory records, including paper and 278 electronic records, are subject to second-person review (§ 211.194(a)(8)) to make certain 279 that all test results are appropriately reported. 280
281
For PET drugs, see the guidance for industry PET Drugs — Current Good Manufacturing 282 Practice (CGMP) for discussion of equipment and laboratory controls, including 283 regulatory requirements for records. 284
285
Contains Nonbinding Recommendations
Draft — Not for Implementation
8
11. Can electronic signatures be used instead of handwritten signatures for 286 master production and control records? 287
288
Yes, electronic signatures with the appropriate controls can be used instead of 289 handwritten signatures or initials in any CGMP required record. While § 211.186(a) 290 specifies a “full signature, handwritten,” as explained in the Federal Register on 291 September 29, 1978 (43 FR 45069), part of the intent of the full signature requirement is 292 to be able to clearly identify the individual responsible for signing the record. An 293 electronic signature with the appropriate controls to securely link the signature with the 294 associated record fulfills this requirement. This comports with part 11, which establishes 295 criteria for when electronic signatures are considered the legally binding equivalent of 296 handwritten signatures. Firms using electronic signatures should document the controls 297 used to ensure that they are able to identify the specific person who signed the records 298 electronically. 299
300
There is no requirement for a handwritten signature for the MPCR in the PET CGMP 301 regulations (21 CFR part 212). 302
303
12. When does electronic data become a CGMP record? 304
305
When generated to satisfy a CGMP requirement, all data become a CGMP record. You 306 must document, or save, the data at the time of performance to create a record in 307 compliance with CGMP requirements, including, but not limited to, §§ 211.100(b) and 308 211.160(a). FDA expects processes to be designed so that quality data required to be 309 created and maintained cannot be modified. For example, chromatograms should be sent 310 to long-term storage (archiving or a permanent record) upon run completion instead of at 311 the end of a day’s runs. 312
313
It is not acceptable to record data on pieces of paper that will be discarded after the data 314 are transcribed to a permanent laboratory notebook (see §§ 211.100(b), 211.160(a), and 315 211.180(d)). Similarly, it is not acceptable to store data electronically in temporary 316 memory, in a manner that allows for manipulation, before creating a permanent record. 317 Electronic data that are automatically saved into temporary memory do not meet CGMP 318 documentation or retention requirements. 319
320
You may employ a combination of technical and procedural controls to meet CGMP 321 documentation practices for electronic systems. For example, a computer system, such as 322 a Laboratory Information Management System (LIMS) or an Electronic Batch Record 323 (EBR) system, can be designed to automatically save after each separate entry. This 324 would be similar to recording each entry contemporaneously on a paper batch record to 325 satisfy CGMP requirements. The computer system could be combined with a procedure 326 requiring data be entered immediately when generated. 327
328
For PET drugs, see the “Laboratory Controls” section of the guidance for industry PET 329 Drugs — Current Good Manufacturing Practice (CGMP). 330
331
Contains Nonbinding Recommendations
Draft — Not for Implementation
9
13. Why has the FDA cited use of actual samples during “system suitability” or 332 test, prep, or equilibration runs in warning letters? 333
334
FDA prohibits sampling and testing with the goal of achieving a specific result or to 335 overcome an unacceptable result (e.g., testing different samples until the desired passing 336 result is obtained). This practice, also referred to as testing into compliance, is not 337 consistent with CGMP (see the guidance for industry Investigating Out-of-Specification 338 (OOS) Test Results for Pharmaceutical Production). In some situations, use of actual 339 samples to perform system suitability testing has been used as a means of testing into 340 compliance. We would consider it a violative practice to use an actual sample in test, 341 prep, or equilibration runs as a means of disguising testing into compliance. 342
343
According to the United States Pharmacopeia (USP), system suitability tests should 344 include replicate injections of a standard preparation or other standard solutions to 345 determine if requirements for precision are satisfied (see USP General Chapter <621> 346 Chromatography). System suitability tests, including the identity of the preparation to be 347 injected and the rationale for its selection, should be performed according to the firm’s 348 established written procedures and the approved application or applicable compendial 349 monograph (§§ 211.160 and 212.60). 350
351
If an actual sample is to be used for system suitability testing, it should be a properly 352 characterized secondary standard, written procedures should be established and followed, 353 and the sample should be from a different batch than the sample(s) being tested (§§ 354 211.160, 211.165, and 212.60). All data should be included in the record that is retained 355 and subject to review unless there is documented scientific justification for its exclusion. 356
357
For more information, see also the ICH guidance for industry Q2(R1) Validation of 358 Analytical Procedures: Text and Methodology. 359
360
14. Is it acceptable to only save the final results from reprocessed laboratory 361 chromatography? 362
363
No. Analytical methods should be capable and stable. For most lab analyses, reprocessing 364 data should not be regularly needed. If chromatography is reprocessed, written 365 procedures must be established and followed and each result retained for review (see §§ 366 211.160(a), 211.160(b), 211.165(c), 211.194(a)(4), and 212.60(a)). FDA requires 367 complete data in laboratory records, which includes raw data, graphs, charts, and spectra 368 from laboratory instruments (§§ 211.194(a) and 212.60(g)(3)). 369
370
15. Can an internal tip regarding a quality issue, such as potential data 371 falsification, be handled informally outside of the documented CGMP quality 372 system? 373
374
No. Suspected or known falsification or alteration of records required under parts 210, 375 211, and 212 must be fully investigated under the CGMP quality system to determine the 376 effect of the event on patient safety, product quality, and data reliability; to determine the 377
Contains Nonbinding Recommendations
Draft — Not for Implementation
10
root cause; and to ensure the necessary corrective actions are taken (see §§ 211.22(a), 378 211.125(c), 211.192, 211.198, 211.204, and 212.100). 379
380
FDA invites individuals to report suspected data integrity issues that may affect the 381 safety, identity, strength, quality, or purity of drug products at DrugInfo@fda.hhs.gov. 382 “CGMP data integrity” should be included in the subject line of the email. 383
384
See also Application Integrity Policy, available at 385 http://www.fda.gov/ICECI/EnforcementActions/ApplicationIntegrityPolicy/default.htm. 386
387
16. Should personnel be trained in detecting data integrity issues as part of a 388 routine CGMP training program? 389
390
Yes. Training personnel to detect data integrity issues is consistent with the personnel 391 requirements under §§ 211.25 and 212.10, which state that personnel must have the 392 education, training, and experience, or any combination thereof, to perform their assigned 393 duties. 394
395
17. Is the FDA investigator allowed to look at my electronic records? 396
397
Yes. All records required under CGMP are subject to FDA inspection. You must allow 398 authorized inspection, review, and copying of records, which includes copying of 399 electronic data (§§ 211.180(c) and 212.110(a) and (b)). See also section 704 of the FD&C 400 Act. 401
402
18. How does FDA recommend data integrity problems identified during 403 inspections, in warning letters, or in other regulatory actions be addressed? 404
405
FDA encourages you to demonstrate that you have effectively remedied your problems 406 by: hiring a third party auditor, determining the scope of the problem, implementing a 407 corrective action plan (globally), and removing at all levels individuals responsible for 408 problems from CGMP positions. FDA may conduct an inspection to decide whether 409 CGMP violations involving data integrity have been remedied. 410
411
These expectations mirror those developed for the Application Integrity Policy. For more 412 detailed guidance, see the “Points to Consider for Internal Reviews and Corrective Action 413 Operating Plans” public document available on the FDA Web site, accessible at 414 http://www.fda.gov/ICECI/EnforcementActions/ApplicationIntegrityPolicy/ucm134744.415 htm. 416
Guidance for Industry
DRAFT GUIDANCE
This guidance document is being distributed for comment purposes only.
Comments and suggestions regarding this draft document should be submitted within 60 days of publication in the Federal Register of the notice announcing the availability of the draft guidance. Submit electronic comments to http://www.regulations.gov. Submit written comments to the Division of Dockets Management (HFA-305), Food and Drug Administration, 5630 Fishers Lane, rm. 1061, Rockville, MD 20852. All comments should be identified with the docket number listed in the notice of availability that publishes in the Federal Register.
For questions regarding this draft document, contact (CDER) Karen Takahashi 301-796-3191; (CBER) Office of Communication, Outreach and Development, 800-835-4709 or 240-402-8010; or (CVM) Jonathan Bray 240-402-5623.
U.S. Department of Health and Human Services
Food and Drug Administration
Center for Drug Evaluation and Research (CDER)
Center for Biologics Evaluation and Research (CBER)
Center for Veterinary Medicine (CVM)
April 2016
Pharmaceutical Quality/Manufacturing Standards (CGMP)
Data Integrity and Compliance With CGMP
Guidance for Industry
Additional copies are available from:
Office of Communications, Division of Drug Information
Center for Drug Evaluation and Research
Food and Drug Administration
10001 New Hampshire Ave., Hillandale Bldg., 4th Floor
Silver Spring, MD 20993-0002
Phone: 855-543-3784 or 301-796-3400; Fax: 301-431-6353
Email: druginfo@fda.hhs.gov
http://www.fda.gov/Drugs/GuidanceComplianceRegulatoryInformation/Guidances/default.htm
and/or
Office of Communication, Outreach and Development
Center for Biologics Evaluation and Research
Food and Drug Administration
10903 New Hampshire Ave., Bldg. 71, Room 3128
Silver Spring, MD 20993-0002
Phone: 800-835-4709 or 240-402-8010
Email: ocod@fda.hhs.gov
http://www.fda.gov/BiologicsBloodVaccines/GuidanceComplianceRegulatoryInformation/Guidances/default.htm
and/or
Policy and Regulations Staff, HFV-6
Center for Veterinary Medicine
Food and Drug Administration
7519 Standish Place, Rockville, MD 20855
http://www.fda.gov/AnimalVeterinary/GuidanceComplianceEnforcement/GuidanceforIndustry/default.htm
U.S. Department of Health and Human Services
Food and Drug Administration
Center for Drug Evaluation and Research (CDER)
Center for Biologics Evaluation and Research (CBER)
Center for Veterinary Medicine (CVM)
April 2016
Pharmaceutical Quality/Manufacturing Standards (CGMP)
Contains Nonbinding Recommendations
Draft — Not for Implementation
TABLE OF CONTENTS
I. INTRODUCTION............................................................................................................. 1
II. BACKGROUND............................................................................................................... 1
III. QUESTIONS AND ANSWERS....................................................................................... 2
1. Please clarify the following terms as they relate to CGMP records:.........................................2
a. What is “data integrity”? ................................................................................................................2
b. What is “metadata”? .......................................................................................................................3
c. What is an “audit trail”?.................................................................................................................3
d. How does FDA use the terms “static” and “dynamic” as they relate to record formats? .............3
e. How does FDA use the term “backup” in § 211.68(b)?..................................................................4
f. What are the “systems” in “computer or related systems” in § 211.68?........................................4
2. When is it permissible to exclude CGMP data from decision making?....................................4
3. Does each workflow on our computer system need to be validated? ........................................4
4. How should access to CGMP computer systems be restricted? ................................................5
5. Why is FDA concerned with the use of shared login accounts for computer systems?...........6
6. How should blank forms be controlled? ......................................................................................6
7. How often should audit trails be reviewed?.................................................................................6
8. Who should review audit trails?...................................................................................................6
9. Can electronic copies be used as accurate reproductions of paper or electronic records? .....7
10. Is it acceptable to retain paper printouts or static records instead of original electronic records from stand-alone computerized laboratory instruments, such as an FT-IR instrument? .7
11. Can electronic signatures be used instead of handwritten signatures for master production and control records?...............................................................................................................................8
12. When does electronic data become a CGMP record? ................................................................8
13. Why has the FDA cited use of actual samples during “system suitability” or test, prep, or equilibration runs in warning letters?..................................................................................................9
14. Is it acceptable to only save the final results from reprocessed laboratory
chromatography? ...................................................................................................................................9
15. Can an internal tip regarding a quality issue, such as potential data falsification, be handled informally outside of the documented CGMP quality system?..........................................................9
16. Should personnel be trained in detecting data integrity issues as part of a routine CGMP training program? ................................................................................................................................10
17. Is the FDA investigator allowed to look at my electronic records?.........................................10
18. How does FDA recommend data integrity problems identified during inspections, in warning letters, or in other regulatory actions be addressed? .........................................................10
Contains Nonbinding Recommendations
Draft — Not for Implementation
1
Data Integrity and Compliance With CGMP 1
Guidance for Industry1 2
3
4
This draft guidance, when finalized, will represent the current thinking of the Food and Drug 5 Administration (FDA or Agency) on this topic. It does not establish any rights for any person and is not 6 binding on FDA or the public. You can use an alternative approach if it satisfies the requirements of the 7 applicable statutes and regulations. To discuss an alternative approach, contact the FDA staff responsible 8 for this guidance as listed on the title page. 9
10
11
12
13
I. INTRODUCTION 14
15
The purpose of this guidance is to clarify the role of data integrity in current good manufacturing 16 practice (CGMP) for drugs, as required in 21 CFR parts 210, 211, and 212. Part 210 covers 17 Current Good Manufacturing Practice in Manufacturing, Processing, Packing, or Holding of 18 Drugs; General; part 211 covers Current Good Manufacturing Practice for Finished 19 Pharmaceuticals; and part 212 covers Current Good Manufacturing Practice for Positron 20 Emission Tomography Drugs. This guidance provides the Agency’s current thinking on the 21 creation and handling of data in accordance with CGMP requirements. 22
23
FDA expects that data be reliable and accurate (see the “Background” section). CGMP 24 regulations and guidance allow for flexible and risk-based strategies to prevent and detect data 25 integrity issues. Firms should implement meaningful and effective strategies to manage their data 26 integrity risks based upon their process understanding and knowledge management of 27 technologies and business models. 28
29
In general, FDA’s guidance documents do not establish legally enforceable responsibilities. 30 Instead, guidances describe the Agency’s current thinking on a topic and should be viewed only 31 as recommendations, unless specific regulatory or statutory requirements are cited. The use of 32 the word should in Agency guidances means that something is suggested or recommended, but 33 not required. 34
35
II. BACKGROUND 36
37
In recent years, FDA has increasingly observed CGMP violations involving data integrity during 38 CGMP inspections. This is troubling because ensuring data integrity is an important component 39 of industry’s responsibility to ensure the safety, efficacy, and quality of drugs, and of FDA’s 40 ability to protect the public health. These data integrity-related CGMP violations have led to 41
1 This guidance has been prepared by the Office of Pharmaceutical Quality and the Office of Compliance in the Center for Drug Evaluation and Research in cooperation with the Center for Biologics Evaluation and Research, the Center for Veterinary Medicine, and the Office of Regulatory Affairs at the Food and Drug Administration.
Contains Nonbinding Recommendations
Draft — Not for Implementation
2
numerous regulatory actions, including warning letters, import alerts, and consent decrees. The 42 underlying premise in §§ 210.1 and 212.2 is that CGMP sets forth minimum requirements to 43 assure that drugs meet the standards of the Federal Food, Drug, and Cosmetic Act (FD&C Act) 44 regarding safety, identity, strength, quality, and purity.2 Requirements with respect to data 45 integrity in parts 211 and 212 include, among other things: 46
47
• § 211.68 (requiring that “backup data are exact and complete,” and “secure from 48 alteration, inadvertent erasures, or loss”); 49
• § 212.110(b) (requiring that data be “stored to prevent deterioration or loss”); 50
• §§ 211.100 and 211.160 (requiring that certain activities be “documented at the time 51 of performance” and that laboratory controls be “scientifically sound”); 52
• § 211.180 (requiring that records be retained as “original records,” “true copies,” or 53 other “accurate reproductions of the original records”); and 54
• §§ 211.188, 211.194, and 212.60(g) (requiring “complete information,” “complete 55 data derived from all tests,” “complete record of all data,” and “complete records of 56 all tests performed”). 57
58
Electronic signature and record-keeping requirements are laid out in 21 CFR part 11 and apply to 59 certain records subject to records requirements set forth in Agency regulations, including parts 60 210, 211, and 212. For more information, see guidance for industry Part 11, Electronic Records; 61 Electronic Signatures — Scope and Application.3 The guidance outlines FDA’s current thinking 62 regarding the narrow scope and application of part 11 pending FDA’s reexamination of part 11 63 as it applies to all FDA-regulated products. 64
65
III. QUESTIONS AND ANSWERS 66
67
1. Please clarify the following terms as they relate to CGMP records: 68
69
a. What is “data integrity”? 70
71
For the purposes of this guidance, data integrity refers to the completeness, 72 consistency, and accuracy of data. Complete, consistent, and accurate data should 73 be attributable, legible, contemporaneously recorded, original or a true copy, and 74 accurate (ALCOA).4 75
2 FDA’s authority for CGMP comes from FD&C Act section 501(a)(2)(B), which states that a drug shall be deemed adulterated if “the methods used in, or the facilities or controls used for, its manufacture, processing, packing, or holding do not conform to or are not operated or administered in conformity with current good manufacturing practice to assure that such drug meets the requirement of the act as to safety and has the identity and strength, and meets the quality and purity characteristics, which it purports or is represented to possess.”
3 CDER updates guidances periodically. To make sure you have the most recent version of a guidance, check the FDA Drugs guidance Web page at www.fda.gov/Drugs/GuidanceComplianceRegulatoryInformation/Guidances/default.htm.
4 For attributable, see §§ 211.101(d), 211.122, 211.186, 211.188(b)(11), and 212.50(c)(10); for legible see §§ 211.180(e) and 212.110(b); for contemporaneously recorded (at the time of performance) see §§ 211.100(b) and 211.160(a); for original or a true copy see §§ 211.180 and 211.194(a); and for accurate see §§ 211.22(a), 211.68, 211.188, and 212.60(g).
Contains Nonbinding Recommendations
Draft — Not for Implementation
3
b. What is “metadata”? 76
77
Metadata is the contextual information required to understand data. A data value 78 is by itself meaningless without additional information about the data. Metadata is 79 often described as data about data. Metadata is structured information that 80 describes, explains, or otherwise makes it easier to retrieve, use, or manage data. 81 For example, the number “23” is meaningless without metadata, such as an 82 indication of the unit “mg.” Among other things, metadata for a particular piece 83 of data could include a date/time stamp for when the data were acquired, a user ID 84 of the person who conducted the test or analysis that generated the data, the 85 instrument ID used to acquire the data, audit trails, etc. 86
87
Data should be maintained throughout the record’s retention period with all 88 associated metadata required to reconstruct the CGMP activity (e.g., §§ 211.188 89 and 211.194). The relationships between data and their metadata should be 90 preserved in a secure and traceable manner. 91
92
c. What is an “audit trail”? 93
94
For purposes of this guidance, audit trail means a secure, computer-generated, 95 time-stamped electronic record that allows for reconstruction of the course of 96 events relating to the creation, modification, or deletion of an electronic record. 97 An audit trail is a chronology of the “who, what, when, and why” of a record. For 98 example, the audit trail for a high performance liquid chromatography (HPLC) 99 run could include the user name, date/time of the run, the integration parameters 100 used, and details of a reprocessing, if any, including change justification for the 101 reprocessing. 102
103
Electronic audit trails include those that track creation, modification, or deletion 104 of data (such as processing parameters and results) and those that track actions at 105 the record or system level (such as attempts to access the system or rename or 106 delete a file). 107
108
CGMP-compliant record-keeping practices prevent data from being lost or 109 obscured (see §§ 211.160(a), 211.194, and 212.110(b)). Electronic record-keeping 110 systems, which include audit trails, can fulfill these CGMP requirements. 111
112
d. How does FDA use the terms “static” and “dynamic” as they relate to record 113 formats? 114
115
For the purposes of this guidance, static is used to indicate a fixed-data document 116 such as a paper record or an electronic image, and dynamic means that the record 117 format allows interaction between the user and the record content. For example, a 118 dynamic chromatographic record may allow the user to change the baseline and 119 reprocess chromatographic data so that the resulting peaks may appear smaller or 120
Contains Nonbinding Recommendations
Draft — Not for Implementation
4
larger. It also may allow the user to modify formulas or entries in a spreadsheet 121 used to compute test results or other information such as calculated yield. 122
123
e. How does FDA use the term “backup” in § 211.68(b)? 124
125
FDA uses the term backup in § 211.68(b) to refer to a true copy of the original 126 data that is maintained securely throughout the records retention period (for 127 example, § 211.180). The backup file should contain the data (which includes 128 associated metadata) and should be in the original format or in a format 129 compatible with the original format. 130
131
This should not be confused with backup copies that may be created during 132 normal computer use and temporarily maintained for disaster recovery (e.g., in 133 case of a computer crash or other interruption). Such temporary backup copies 134 would not satisfy the requirement in § 211.68(b) to maintain a backup file of data. 135
136
f. What are the “systems” in “computer or related systems” in § 211.68? 137
138
The American National Standards Institute (ANSI) defines systems as people, 139 machines, and methods organized to accomplish a set of specific functions.5 140 Computer or related systems can refer to computer hardware, software, peripheral 141 devices, networks, cloud infrastructure, operators, and associated documents (e.g., 142 user manuals and standard operating procedures). 143
144
2. When is it permissible to exclude CGMP data from decision making? 145
146
Any data created as part of a CGMP record must be evaluated by the quality unit as part 147 of release criteria (see §§ 211.22 and 212.70) and maintained for CGMP purposes (e.g., § 148 211.180). Electronic data generated to fulfill CGMP requirements should include relevant 149 metadata. To exclude data from the release criteria decision-making process, there must 150 be a valid, documented, scientific justification for its exclusion (see the guidance for 151 industry Investigating Out-of-Specification (OOS) Test Results for Pharmaceutical 152 Production, and §§ 211.188, 211.192, and 212.71(b)). The requirements for record 153 retention and review do not differ depending on the data format; paper-based and 154 electronic data record-keeping systems are subject to the same requirements. 155
156
3. Does each workflow on our computer system need to be validated? 157
158
Yes, a workflow, such as creation of an electronic master production and control record 159 (MPCR), is an intended use of a computer system to be checked through validation (see 160 §§ 211.63, 211.68(b), and 211.110(a)). If you validate the computer system, but you do 161
5 American National Standard for Information Systems, Dictionary for Information Systems, American National Standards Institute, 1991.
Contains Nonbinding Recommendations
Draft — Not for Implementation
5
not validate it for its intended use, you cannot know if your workflow runs correctly.6 For 162 example, qualifying the Manufacturing Execution System (MES) platform, a computer 163 system, ensures that it meets specifications; however, it does not demonstrate that a given 164 MPCR generated by the MES contains the correct calculations. In this example, 165 validating the workflow ensures that the intended steps, specifications, and calculations 166 in the MPCR are accurate. This is similar to reviewing a paper MPCR and ensuring all 167 supporting procedures are in place before the MPCR is implemented in production (see 168 §§ 211.100, 211.186, and 212.50(b), and the guidance for industry PET Drugs — Current 169 Good Manufacturing Practice (CGMP)). 170
171
FDA recommends you implement appropriate controls to manage risks associated with 172 each element of the system. Controls that are appropriately designed to validate a system 173 for its intended use address software, hardware, personnel, and documentation. 174
175
4. How should access to CGMP computer systems be restricted? 176
177
You must exercise appropriate controls to assure that changes to computerized MPCRs, 178 or other records, or input of laboratory data into computerized records, can be made only 179 by authorized personnel (§ 211.68(b)). FDA recommends that you restrict the ability to 180 alter specifications, process parameters, or manufacturing or testing methods by technical 181 means where possible (for example, by limiting permissions to change settings or data). 182 FDA suggests that the system administrator role, including any rights to alter files and 183 settings, be assigned to personnel independent from those responsible for the record 184 content. To assist in controlling access, FDA recommends maintaining a list of 185 authorized individuals and their access privileges for each CGMP computer system in 186 use. 187
188
If these independent security role assignments are not practical for small operations or 189 facilities with few employees, such as PET or medical gas facilities, FDA recommends 190 alternate control strategies be implemented.7 For example, in the rare instance that the 191 same person is required to hold the system administrator role and to be responsible for 192 the content of the records, FDA suggests having a second person review settings and 193 content. If second-person review is not possible, the Agency recommends that the person 194 recheck settings and his or her own work. 195
196
6 In computer science, validation refers to ensuring that software meets its specifications. However, this may not meet the definition of process validation as found in guidance for industry Process Validation: General Principles and Practices: “The collection and evaluation of data … which establishes scientific evidence that a process is capable of consistently delivering quality products.” See also ICH guidance for industry Q7A Good Manufacturing Practice Guide for Active Pharmaceutical Ingredients, which defines validation as providing assurance that a specific process, method, or system will consistently produce a result meeting predetermined acceptance criteria. For purposes of this guidance, validation is being used in a manner consistent with the above guidance documents.
7 For further discussion of such alternate control strategies, see the guidance for industry PET Drugs — Current Good Manufacturing Practice (CGMP).
Contains Nonbinding Recommendations
Draft — Not for Implementation
6
5. Why is FDA concerned with the use of shared login accounts for computer 197 systems? 198
199
You must exercise appropriate controls to assure that only authorized personnel make 200 changes to computerized MPCRs, or other records, or input laboratory data into 201 computerized records, and you must implement documentation controls that ensure 202 actions are attributable to a specific individual (see §§ 211.68(b), 211.188(b)(11), 203 211.194(a)(7) and (8), and 212.50(c)(10)). When login credentials are shared, a unique 204 individual cannot be identified through the login and the system would thus not conform 205 to the CGMP requirements in parts 211 and 212. FDA requires that systems controls, 206 including documentation controls, be designed to follow CGMP to assure product quality 207 (for example, §§ 211.100 and 212.50). 208
209
6. How should blank forms be controlled? 210
211
There must be document controls in place to assure product quality (see §§ 211.100, 212 211.160(a), 211.186, 212.20(d), and 212.60(g)). FDA recommends that, if used, blank 213 forms (including, but not limited to, worksheets, laboratory notebooks, and MPCRs) be 214 controlled by the quality unit or by another document control method. For example, 215 numbered sets of blank forms may be issued as appropriate and should be reconciled 216 upon completion of all issued forms. Incomplete or erroneous forms should be kept as 217 part of the permanent record along with written justification for their replacement (for 218 example, see §§ 211.192, 211.194, 212.50(a), and 212.70(f)(1)(vi)). 219
220
Similarly, bound paginated notebooks, stamped for official use by a document control 221 group, allow detection of unofficial notebooks as well as of any gaps in notebook pages. 222
223
7. How often should audit trails be reviewed? 224
225
FDA recommends that audit trails that capture changes to critical data be reviewed with 226 each record and before final approval of the record. Audit trails subject to regular review 227 should include, but are not limited to, the following: the change history of finished 228 product test results, changes to sample run sequences, changes to sample identification, 229 and changes to critical process parameters. 230
231
FDA recommends routine scheduled audit trail review based on the complexity of the 232 system and its intended use. 233
234
See audit trail definition 1.c. above for further information on audit trails. 235
236
8. Who should review audit trails? 237
238
Audit trails are considered part of the associated records. Personnel responsible for record 239 review under CGMP should review the audit trails that capture changes to critical data 240 associated with the record as they review the rest of the record (for example, §§ 241 211.22(a), 211.101(c), 211.194(a)(8), and 212.20(d)). For example, all production and 242
Contains Nonbinding Recommendations
Draft — Not for Implementation
7
control records, which includes audit trails, must be reviewed and approved by the 243 quality unit (§ 211.192). This is similar to the expectation that cross-outs on paper be 244 assessed when reviewing data. 245
246
9. Can electronic copies be used as accurate reproductions of paper or 247 electronic records? 248
249
Yes. Electronic copies can be used as true copies of paper or electronic records, provided 250 the copies preserve the content and meaning of the original data, which includes 251 associated metadata and the static or dynamic nature of the original records. 252
253
True copies of dynamic electronic records may be made and maintained in the format of 254 the original records or in a compatible format, provided that the content and meaning of 255 the original records are preserved and that a suitable reader and copying equipment (for 256 example, software and hardware, including media readers) are readily available (§§ 257 211.180(d) and 212.110). 258
259
10. Is it acceptable to retain paper printouts or static records instead of original 260 electronic records from stand-alone computerized laboratory instruments, 261 such as an FT-IR instrument? 262
263
A paper printout or static record may satisfy retention requirements if it is a complete 264 copy of the original record (see §§ 211.68(b), 211.188, 211.194, and 212.60). For 265 example, pH meters and balances may create a paper printout or static image during data 266 acquisition as the original record. In this case, the paper printout or static image created 267 during acquisition, or a true copy, should be retained (§ 211.180). 268
269
However, electronic records from certain types of laboratory instruments are dynamic 270 records, and a printout or a static record does not preserve the dynamic format which is 271 part of the complete original record. For example, the spectral file created by FT-IR 272 (Fourier transform infrared spectroscopy) can be reprocessed, but a static record or 273 printout is fixed, which would not satisfy CGMP requirements to retain original records 274 or true copies (§ 211.180(d)). Also, if the full spectrum is not displayed, contaminants 275 may be excluded. 276
277
Control strategies must ensure that original laboratory records, including paper and 278 electronic records, are subject to second-person review (§ 211.194(a)(8)) to make certain 279 that all test results are appropriately reported. 280
281
For PET drugs, see the guidance for industry PET Drugs — Current Good Manufacturing 282 Practice (CGMP) for discussion of equipment and laboratory controls, including 283 regulatory requirements for records. 284
285
Contains Nonbinding Recommendations
Draft — Not for Implementation
8
11. Can electronic signatures be used instead of handwritten signatures for 286 master production and control records? 287
288
Yes, electronic signatures with the appropriate controls can be used instead of 289 handwritten signatures or initials in any CGMP required record. While § 211.186(a) 290 specifies a “full signature, handwritten,” as explained in the Federal Register on 291 September 29, 1978 (43 FR 45069), part of the intent of the full signature requirement is 292 to be able to clearly identify the individual responsible for signing the record. An 293 electronic signature with the appropriate controls to securely link the signature with the 294 associated record fulfills this requirement. This comports with part 11, which establishes 295 criteria for when electronic signatures are considered the legally binding equivalent of 296 handwritten signatures. Firms using electronic signatures should document the controls 297 used to ensure that they are able to identify the specific person who signed the records 298 electronically. 299
300
There is no requirement for a handwritten signature for the MPCR in the PET CGMP 301 regulations (21 CFR part 212). 302
303
12. When does electronic data become a CGMP record? 304
305
When generated to satisfy a CGMP requirement, all data become a CGMP record. You 306 must document, or save, the data at the time of performance to create a record in 307 compliance with CGMP requirements, including, but not limited to, §§ 211.100(b) and 308 211.160(a). FDA expects processes to be designed so that quality data required to be 309 created and maintained cannot be modified. For example, chromatograms should be sent 310 to long-term storage (archiving or a permanent record) upon run completion instead of at 311 the end of a day’s runs. 312
313
It is not acceptable to record data on pieces of paper that will be discarded after the data 314 are transcribed to a permanent laboratory notebook (see §§ 211.100(b), 211.160(a), and 315 211.180(d)). Similarly, it is not acceptable to store data electronically in temporary 316 memory, in a manner that allows for manipulation, before creating a permanent record. 317 Electronic data that are automatically saved into temporary memory do not meet CGMP 318 documentation or retention requirements. 319
320
You may employ a combination of technical and procedural controls to meet CGMP 321 documentation practices for electronic systems. For example, a computer system, such as 322 a Laboratory Information Management System (LIMS) or an Electronic Batch Record 323 (EBR) system, can be designed to automatically save after each separate entry. This 324 would be similar to recording each entry contemporaneously on a paper batch record to 325 satisfy CGMP requirements. The computer system could be combined with a procedure 326 requiring data be entered immediately when generated. 327
328
For PET drugs, see the “Laboratory Controls” section of the guidance for industry PET 329 Drugs — Current Good Manufacturing Practice (CGMP). 330
331
Contains Nonbinding Recommendations
Draft — Not for Implementation
9
13. Why has the FDA cited use of actual samples during “system suitability” or 332 test, prep, or equilibration runs in warning letters? 333
334
FDA prohibits sampling and testing with the goal of achieving a specific result or to 335 overcome an unacceptable result (e.g., testing different samples until the desired passing 336 result is obtained). This practice, also referred to as testing into compliance, is not 337 consistent with CGMP (see the guidance for industry Investigating Out-of-Specification 338 (OOS) Test Results for Pharmaceutical Production). In some situations, use of actual 339 samples to perform system suitability testing has been used as a means of testing into 340 compliance. We would consider it a violative practice to use an actual sample in test, 341 prep, or equilibration runs as a means of disguising testing into compliance. 342
343
According to the United States Pharmacopeia (USP), system suitability tests should 344 include replicate injections of a standard preparation or other standard solutions to 345 determine if requirements for precision are satisfied (see USP General Chapter <621> 346 Chromatography). System suitability tests, including the identity of the preparation to be 347 injected and the rationale for its selection, should be performed according to the firm’s 348 established written procedures and the approved application or applicable compendial 349 monograph (§§ 211.160 and 212.60). 350
351
If an actual sample is to be used for system suitability testing, it should be a properly 352 characterized secondary standard, written procedures should be established and followed, 353 and the sample should be from a different batch than the sample(s) being tested (§§ 354 211.160, 211.165, and 212.60). All data should be included in the record that is retained 355 and subject to review unless there is documented scientific justification for its exclusion. 356
357
For more information, see also the ICH guidance for industry Q2(R1) Validation of 358 Analytical Procedures: Text and Methodology. 359
360
14. Is it acceptable to only save the final results from reprocessed laboratory 361 chromatography? 362
363
No. Analytical methods should be capable and stable. For most lab analyses, reprocessing 364 data should not be regularly needed. If chromatography is reprocessed, written 365 procedures must be established and followed and each result retained for review (see §§ 366 211.160(a), 211.160(b), 211.165(c), 211.194(a)(4), and 212.60(a)). FDA requires 367 complete data in laboratory records, which includes raw data, graphs, charts, and spectra 368 from laboratory instruments (§§ 211.194(a) and 212.60(g)(3)). 369
370
15. Can an internal tip regarding a quality issue, such as potential data 371 falsification, be handled informally outside of the documented CGMP quality 372 system? 373
374
No. Suspected or known falsification or alteration of records required under parts 210, 375 211, and 212 must be fully investigated under the CGMP quality system to determine the 376 effect of the event on patient safety, product quality, and data reliability; to determine the 377
Contains Nonbinding Recommendations
Draft — Not for Implementation
10
root cause; and to ensure the necessary corrective actions are taken (see §§ 211.22(a), 378 211.125(c), 211.192, 211.198, 211.204, and 212.100). 379
380
FDA invites individuals to report suspected data integrity issues that may affect the 381 safety, identity, strength, quality, or purity of drug products at DrugInfo@fda.hhs.gov. 382 “CGMP data integrity” should be included in the subject line of the email. 383
384
See also Application Integrity Policy, available at 385 http://www.fda.gov/ICECI/EnforcementActions/ApplicationIntegrityPolicy/default.htm. 386
387
16. Should personnel be trained in detecting data integrity issues as part of a 388 routine CGMP training program? 389
390
Yes. Training personnel to detect data integrity issues is consistent with the personnel 391 requirements under §§ 211.25 and 212.10, which state that personnel must have the 392 education, training, and experience, or any combination thereof, to perform their assigned 393 duties. 394
395
17. Is the FDA investigator allowed to look at my electronic records? 396
397
Yes. All records required under CGMP are subject to FDA inspection. You must allow 398 authorized inspection, review, and copying of records, which includes copying of 399 electronic data (§§ 211.180(c) and 212.110(a) and (b)). See also section 704 of the FD&C 400 Act. 401
402
18. How does FDA recommend data integrity problems identified during 403 inspections, in warning letters, or in other regulatory actions be addressed? 404
405
FDA encourages you to demonstrate that you have effectively remedied your problems 406 by: hiring a third party auditor, determining the scope of the problem, implementing a 407 corrective action plan (globally), and removing at all levels individuals responsible for 408 problems from CGMP positions. FDA may conduct an inspection to decide whether 409 CGMP violations involving data integrity have been remedied. 410
411
These expectations mirror those developed for the Application Integrity Policy. For more 412 detailed guidance, see the “Points to Consider for Internal Reviews and Corrective Action 413 Operating Plans” public document available on the FDA Web site, accessible at 414 http://www.fda.gov/ICECI/EnforcementActions/ApplicationIntegrityPolicy/ucm134744.415 htm. 416
No comments:
Post a Comment