assuring e data integrity and part 11 compliance for · pdf fileassuring e data integrity and...
TRANSCRIPT
©2013 Waters Corporation 1
Assuring E Data Integrity and Part 11
Compliance for Empower
How to Configure an Empower Enterprise
©2013 Waters Corporation 2
Agenda
Electronic Record regulations, Compliance Policy Guides and
Warning Letters
Raw Data in the Chromatography Laboratory
Designing your Empower process
General Security and System Policies
Access Management
Project Design and Configuration
Understanding Empower Audit Trails (brief)
Configuring for Electronic Signatures
Managing Data
Validation and Qualification
Other procedures and policies
©2013 Waters Corporation 3
Gathering and sharing regulatory information
©2013 Waters Corporation 4
What Is Compliance?
Satisfying regulatory agencies and certification
organizations that a company's processes are being operated
at a level of control that will ensure that their products will
meet predetermined safety, efficacy, and quality
specifications.
©2013 Waters Corporation 5
Electronic Record Regulations
©2013 Waters Corporation 6
Purpose of Record Policies
Ensure Data Integrity
– Records should be created contemporaneously
– Retained
– Reliable
o Changes should be noted, reasoned and non repudiated
Computer systems should be trustworthy
– Validated to intended use
– “No resultant decrease in product quality, process control or quality
assurance”
Evidence should be available to prove the above
©2013 Waters Corporation 7
Chapter 21 Code of Federal Regulations
As with FDA regulations, EU regulations have rules overlaid with
the electronic record rule (Annex 11)
21 C
FR P
art 1
1: E
lectro
nic
Record
s;
Ele
ctro
nic
Sig
natu
res
21 CFR Part 211 - Current Good Manufacturing Practice for Pharmaceutical Products
21 CFR Part 58 - Current Good Laboratory Practice for Pharmaceutical Products
21 CFR Part 110 - Current Good Manufacturing Practice in Manufacturing Packing or Holding of Human Food
21 CFR Part 820 – Quality System Regulation for Medical Devices
©2013 Waters Corporation 8
European Annex 11
As with FDA regulations, EU regulations have rules overlaid with
the electronic record rule (Annex 11)
Annex 1
1: E
lectro
nic
Record
s;
GMP Chapter 4- Documentation
Annex 4: Manufacturing of Investigational Drug Product
OECD Guidance for the Conduct of Test Facility Inspections and Study Audits
OECD Revised Guides for Compliance Monitoring Procedures for GLP
©2013 Waters Corporation 9
21 CFR Part 11 Controls
Administrative Controls:
– Set policies, assign roles and responsibilities, operator and
administrator training, ITIL implementation, auditing
Procedural Controls:
– SOPs and Work Instructions for operation and administration,
computer system validation, calibration, network qualification.
awareness training
Technical Controls:
– Computerized features like audit trail, backup mechanism, user
management and security, electronic signatures and/or digital
signatures to assist or enforce administrative and procedural controls
©2013 Waters Corporation 10
Key Topics of Part 11
Secure Records
– Back up, archive, records retention policy of ALL data and meta data
– Easy retrieval of e-records and Human Readable copies
– controlled access with unique username and password
o limit functionality
o feeds audit trail
– Secure computer generated audit trails for any changes to data
o What changed, who, when why (and now where)
Applications that work
– Validation
– Training
Electronic Signatures
– Non repudiation of signature (if using)
©2013 Waters Corporation 11
Annex 11 to Influence Part 11?
Annex 11 21 CFR Part 11
PI 011-3
©2013 Waters Corporation 12
Four new key areas in Annex 11
Supplier Audits: including the requirement to share a summary
of your assessment
– Be sure this is agreed in your vendor NDA agreement
Qualification of IT Infrastructure
– And a formal agreement with IT departments
Inclusion of Risk Management
– In Regulation rather than in Guidance
Review of Audit Trails
– Specifically mentioned
– Printouts should indicate a change
©2013 Waters Corporation 13
The Lessons to Learn from FDA
©2013 Waters Corporation 14
Sunrise Pharmaceuticals Jan 2010
Your firm has not exercised appropriate controls over computer or
related systems to assure that changes in master production and
control records or other records are instituted only by authorized
personnel [21 CFR 211.68(b)].
– For example, your firm lacks systems to ensure that all electronic data
generated in your Quality Control laboratory is secure and remains unaltered.
All analysts have system administrator privileges that allow them to
modify, overwrite, and delete original raw data files …in the High
Performance Liquid Chromatography (HPLC) units.
– In addition, your firm's review of laboratory data does not include a
review of an audit trail or revision history to determine if unapproved
changes have been made.
©2013 Waters Corporation 15
Ohm Laboratories 21st December 2009
Your firm has not exercised appropriate controls over computer or
related systems to assure that changes in control records or other
records are instituted only by authorized personnel [21 CFR §
211.68(b)].
– For example, one user account is established for two analysts to access
the laboratory instrument's software on the computer system attached to
HPLC systems..
– The user account provides full system administrative rights, including
editing of the methods and projects.
– In addition, data security protocols are not established that describe the
user's roles and responsibilities in terms of privileges to access, change,
modify, create, and delete projects and data.
©2013 Waters Corporation 16
Able Laboratories 483 May 2005
©2013 Waters Corporation 17
Biochem February 2012
Access Control
– Your firm did not put in place requirements for appropriate usernames and
passwords to allow appropriate control over data collected by your firm's
computerized systems including UV, IR, HPLC, and GC instruments. All
employees in your firm used the same username and password
Change Control
– In addition, you did not document the changes made to the software or
data stored by the instrument systems.
Raw Data
– Your firm had no system in place to ensure appropriate backup of
electronic raw data and no standard procedure for naming and saving data
for retrieval at a later date
©2013 Waters Corporation 18
Gulf Pharmaceuticals February 2012
Access Control
– You have not implemented security control of laboratory electronic data. All laboratory
analysts share the same password for the HPLCs in the QC analytical chemistry lab
and Omnilog in the microbiology lab.
Raw Data
– There is no system in place to ensure that all electronic raw data from the
laboratory is backed up and/or retained.
– Data is deleted to make space for the most recent test results. You also informed our
investigators that printed copies of HPLC test results are treated as raw data.
Printed Copies
– Printed copies of HPLC test results from your firm’s systems do not contain all of the
analytical metadata (for example: instrument conditions, integration parameters) that
is considered part of the raw data.
We highly recommend that you hire a third party auditor, with
experience in detecting data integrity problems, who may assist you in
evaluating your overall compliance with cGMP.
©2013 Waters Corporation 19
Wockhardt Ltd July 2013
Delayed, denied, limited an inspection
– Torn raw data records in the waste area
o Repeatedly asked to see them
o Presented 20 records, none of which were the missing records
o Later found raw data records in a different holding bag
– Unlabeled and partially labeled vials
o When the investigator asked a QC Analyst to describe the contents of these
vials, the QC Analyst immediately began dumping the contents of the
vials into the drainage sink
– requested the QC data package and raw data testing documentation
o no less than six times on (day 1), and again multiple times on (day 2)
o Finally got data on “close out meeting” on day 3
©2013 Waters Corporation 20
Summary of Findings
No Secure Access to only authorized personnel
– No password
– Shared user accounts
o Set up that way
o Shared in an emergency without documentation or justification
No controls to limit access to the delete function (among others)
– Either set up as administrators
– Or with user type that permit deletion or data manipulation
No audit trails
– Software not equipped with audit trail
– User not having unique log on prevents correct audit trails
– No review of audit trails by managers or QA
Trial injection data not kept or documented
– Analyses being repeated without justification, then called trial injections
Delaying, denying or limiting an inspection
– Hiding data or records
©2013 Waters Corporation 21
Raw Data in the
Chromatographic Laboratory
©2013 Waters Corporation 22
A day in the life of Raw Data
Raw Data Quantification
Reporting
Change control
Qualification and Maintenance
CDS
©2013 Waters Corporation 23
FDA.Gov: FAQ on Printed Chromatograms
“the printed chromatograms used in drug manufacturing and testing do not satisfy the predicate rule requirements in 21 CFR Part 211. The electronic record must be maintained and readily available for review by, for example, QC/QA personnel or the FDA investigator”
©2013 Waters Corporation 24
Designing your
Empower Process
©2013 Waters Corporation 25
Design your Process
First design your ideal process before creating the user requirement specification
Look at current processes
Look for bottle necks
Look at current calculations
– Eliminate non compliant spreadsheets
– Eliminate paper worksheets
– Eliminate hand calculations
Ask for input about ideal process
Use outside help to design a process
– Fresh pair of eyes
– Vendor support using previous experience in similar industry
– Employees with experience in previous employment
©2013 Waters Corporation 26
Empower Versatility
Integrity of your HPLC dissolution testing Combined software and hardware solution OR SOFTWARE ALONE for calculations
Automated Dissolution Calculations
% Dissolved automatically calculated Accounts for transfer Vol, replace media etc Q Factors assessed For online and offline Dissolution
©2013 Waters Corporation 27
The Automated Process Chromatography to Calculations
©2013 Waters Corporation 28
General Security and System Policies
©2013 Waters Corporation 29
Empower Software Security
Windows (7 or XP) operating system software is only used to
secure the database and raw data records from accidental
deletion, corruption or modification
Empower Software Security is used to secure specific areas of
the application.
– Access Rights
o Functionality
o Data Sets (Projects)
– Audit Entries
– Password Security
– Sign Off Privileges
This makes it the easiest CDS to run in a compliant way!!
(exception is if customer wants to use LDAP for password authentication)
©2013 Waters Corporation 30
Compliance Requirements: System Set Up and Policies
Workstation Client Server Data stored on PC in the lab PC hardware failures result in loss of data
Data only stored on server in secured server room RAID technology protects from failure
Expensive to licence a username for every analyst on every workstation
One user licence for every instrument in the lab
Many user names and passwords to maintain
Single set of passwords
Time Stamps from unsecured PC time
Time Stamps from the Server
Access to OS (task manager/explorer) on PC compromises security of data
Access to OS of PC does not compromise data security
SOP’s’ need to synchronize naming conventions (files, methods, e-records)
Single data repository ensures uniqueness of ID’s
©2013 Waters Corporation 31
System Policies
©2013 Waters Corporation 32
• System Policies are labeled, designating Waters recommendation for policies that should be invoked for • GxP_ • Electronic Records • Electronic Signatures
• However it is the user interpretation that is important!
Empower System Policies
©2013 Waters Corporation 33
System Polices: General
Application Timeout
– One password unlocks all my
windows
– Leaves other users windows
locked
– Better than screensaver
Disallow annotation tools
– Consider if relying on paper
report review
Date and Time Zone display
©2013 Waters Corporation 34
Access Management
©2013 Waters Corporation 35
Empower User Types
Empower User Types are used to create unique security
model for the Empower application, reflecting your designed
processes
User Types are associated with each User Account
There is no limit to the number of User Types
– One person may have one default user type and be “demoted” in
other project areas
Define User Types AFTER you define the workflow processes
©2013 Waters Corporation 36
Empower User Types
©2013 Waters Corporation 37
Empower User Accounts
Assigns username, password and user types to each User Account
Each active/disabled Empower user account requires an Empower license – removed Empower user accounts do not use a license
– Can have multiple user type for one user account
Sharing of user accounts is not permitted – By the software licensing regulation
– By the FDA
Audit trails in Empower rely on identification of each user accessing the software. – Audit trails are useless if people share a common account
– Equivalent to forging a signature on a GMP document
©2013 Waters Corporation 38
Creating User Accounts
©2013 Waters Corporation 39
Empower User Accounts
Access User Properties to change the information for each
user
– Users may change their own passwords in this way if they feel
their password has been compromised
Can be altered by a Group Administrator if one is assigned
– Eliminates the need for the system administrator to be involved
for every change
Multiple User Types can be associated to one User Account to
log in with different levels of privilege
– Requires only one licence per user
©2013 Waters Corporation 40
System Policies: Accounts and Passwords
User accounts
– No replication or deletion
User passwords
– Full history
– Expiry
– Entry attempts
– Length
Log on/off behaviour
– Multiple users per Client
Default User interface rules
©2013 Waters Corporation 41
Limited Entry Attempts
©2013 Waters Corporation 42
Limited Entry Attempts
©2013 Waters Corporation 43
Limited Entry Attempts
©2013 Waters Corporation 44
System Policies: LDAP
Password Rules can be defined using
Active Directory or LDAP
– Harmonize passwords across applications
– Synchronize expiry
– Add complexity rules
©2013 Waters Corporation 45
Empower Groups provide the ability to divide
chromatographic information by laboratory, section or
department
30 Character limit for Group names
Users can be members of multiple Empower Groups
A Group administrator can be assigned for each user group
– This person can alter the properties of ONLY the users in that group and
not other users
– Interface will soon include full names (FR2)
Empower User Groups
©2013 Waters Corporation 46
Empower User Groups
©2013 Waters Corporation 47
Project Design and Configuration
©2013 Waters Corporation 48
Project Management
Empower Projects are folders used to organise
chromatographic studies
Establish Name Convention
– Customer Name, Assay Name, Compound, System Name,
Analyst Name
Determine how long an active Project will be available to
receive new samples
Decide what to do with inactive Projects
– Keep them live but prevent acquisition of new data
– Keep them live but lock completely
Develop an archive schedule
©2013 Waters Corporation 49
Key Questions when creating project structure
What criteria is best to search for data?
Examples are analyst, system, lab, compound, batch,
calculation type, project, animal, ship, customer, lab book,
date.
How many projects per month/year?
How many samples would go into each project per month?
Over what time period / which projects would you need to
compare data?
– It is currently not possible to graphically compare data that exist
in two separate Empower projects
©2013 Waters Corporation 50
Example Project Schedules
Department SampleFrequency
Scheme Time Period Advantages
Research Varies in typeand Number
Analyst Monthly /Quarterly
Flexible
Research Small numberof instrumentsMany analysts
Instrument Monthly /Quarterly
Limit theinstrumentmethods ineach project
Development Many runs butcompoundvaries – strictmethods ofcalculation
Calculationtype
Monthly /Weekly
Fixed customcalculations intemplateprojects
Development Limitednumbers ofcompoundsmany types ofcalculation
Compound Monthly /Yearly
Specificmethods ineach project
©2013 Waters Corporation 51
Example Project Schedules
Department SampleFrequency
Scheme Time Period Advantages
Stability Limited batchesover long timeperiod
Batch CompleteStudy
Easy tocompare data,Fixed methods
QC Limited numbersof compoundswith strict SOP’s
Compound/Formulation/SOP
Monthly Specificmethods in eachproject –easy tofind data
QC raw mats Very fewformulationsWeekly deliveries
Per Ship No timeperiod
All data for onedelivery together
QC Very fewformulationsmultipleproduction lines
Per Line Monthly Specificmethods in eachprojectcategorizessimilar data
©2013 Waters Corporation 52
Creating New Projects
Use the Project Wizard to create new projects
– Based on a template project
– Based on previous months project
– Can only be created one by one
Use the Clone project feature
– copies project structure and methods
– copies preferences
– can create multiple projects at once
o “One to many”
o “Many to many”
– Need good templates
o containing correct structure and methods
o with correct naming strategy
©2013 Waters Corporation 53
New Projects using the Wizard
©2013 Waters Corporation 54
Using Clone to Create Projects
Caffeine Assay
Caffeine Assay March
Caffeine Assay April
Caffeine Assay March
Caffeine Assay May
Caffeine Assay April Caffeine Assay May
Preferable to use Template : Smaller Audit trails
©2013 Waters Corporation 55
Using Clone to Create Projects
Assay
Project
Template
Aspirin Assay May
Caffeine Assay
Vit C Assay
Aspirin Assay
Caffeine Assay May
Vit C Assay May
“One project, many copies” Clone
“Multiple projects, one copy” Clone
Copies methods, custom fields, view filters
and preferences
Does not copy data
©2013 Waters Corporation 56
Understanding Empower Audit Trails
©2013 Waters Corporation 57
System Policies: Projects
Determines the audit trail
settings of new projects
– Can never be altered
Silent is transparent to user
but..
– Most regulations require a
“reason” for change
Confirm identity requires a
username and password for
every action
– Not required by regulations
– Some companies like it
©2013 Waters Corporation 58
Traceability - Linking Information to Records
When What Why
Who Collected Who Processed Who Reviewed Who Approved
Unique Result
Original Instrument Method
LC/GC System Used
Product Code/ Stage Reagent LIMS ID
Unchanged Raw Data File
Original Processing Method
Standards used for Calibration
Sample Sets
Calibration Curves
E-cord information
©2013 Waters Corporation 59
Reviewing Audit Trails: A New tool in FR2
Designed to make the requirement to
review Audit trails simpler
Launched from Review
Brings into one window audit records from
– Project window
– Manual results
– Method changes
o Processing, Instrument, Sample Set (alter sample) and Method Set
o Allows multiple methods to be compares
Compares results from superceded results
– Where results have been reprocessed
– Compares Areas, RT, Amount etc between two results
©2013 Waters Corporation 60
Enhanced Data Review New Result Audit Viewer(RAV)
©2013 Waters Corporation 61
Configuring for Electronic Signatures
©2013 Waters Corporation 62
Electronic Signatures in Empower
Applied to Reports to mimic the paper based process
Set appropriate system policies
– Designed based on regulatory requirements
– Designed based on customer feedback
©2013 Waters Corporation 63
Managing Data
©2013 Waters Corporation 64
Managing closed projects
Once a project is “closed” do you
– Archive and delete the project?
– Archive and leave the project live for further processing?
– Archive and secure the project from further data acquisition
(i.e. process only)?
– Archive and lock the project from any further activity (i.e.
read only)?
– Leave the project live for a further month before archiving
and removing?
– Leave the project live (or locked) and never archive it?
– Move the live project to another location?
©2013 Waters Corporation 65
Securing Completed Projects
Project Lock or changing Project Access
©2013 Waters Corporation 66
Archival
Provide a mechanism to save e-records and their metadata for future reference/access
Periodically archive data (projects) to secondary media:
– Tape is not recommended for long term storage
o 4-5 year lifetime
– CD or DVD used to be common
– Mostly using hard drives
o Local standalone (Kit available to backup /archive workstations)
o Network drives backed up by corporate
o Cloud Drives???
©2013 Waters Corporation 67
Use of an Archive Empower Database
Preserves the links to all the different types of meta data
– Sample sets, cal curves, QC controls, Stds, Systems,
System Suitability results
Ensures data is automatically updated to the same version of
software being used in Production
– Very quickly retrieved
– Preserved the original results but can be reprocessed if required
Database
ServerArchive
Server
Move complete
projects older than
6 months
Same
version of
Empower,
limited users
©2013 Waters Corporation 68
Archiving Projects
Reports & Results
Raw data, processed
data and final results
are captured in the
project
Project archive
contains all these data
Archive
Project
Raw Data
Instruments
Sample
Empower
Data System
Automated &
manual archiving of
Empower projects
in EDM
©2013 Waters Corporation 69
Archiving Reports
Reports & Results
Simply review and Sign off
for non Empower users
Enables fast integration to
alternative applications
(eg LIMS or ELN) Archive
Project
Raw Data
Instruments
Sample
Empower
Data System
Manual &
automated print of
reports into SDMS
©2013 Waters Corporation 70
Validation and Qualification
©2013 Waters Corporation 71
You Cannot Just ‘Buy’ a Compliant System
Compliance Ready Software
Software designed with compliance in mind
– Full audit trail
– Easy set up in system policies
– Easy to retrieve/view off-line
©2013 Waters Corporation 72
YES
Do you need to validate if you buy a “compliant system”?
©2013 Waters Corporation 73
Double V Model from GAMP Good Practice Guide: Testing
©2013 Waters Corporation 74
Topics to Consider for URS for Validation
Security
– Including Part 11 requirements
Administration
– Management tasks
– Backup /recovery, archiving, legacy data
– Dealing with upgrades
Instrument Control
Sample Sequences
Processing
– Integration, Calibration, Quantitation, further processing
Reporting
©2013 Waters Corporation 75
GAMP 5 – Leveraging Supplier Involvement
Maximize supplier involvement throughout the system life cycle
Leverage knowledge, experience and documentation
– Subject to satisfactory supplier assessment
Supplier input may be used for the creation of
– Functional specifications
– System configuration
– Testing
– Support
– Maintenance
Planning should determine how best to use supplier documentation
– Including existing test documentation
– Avoid wasted effort and duplication
– Assess for suitability, accuracy and completeness
©2013 Waters Corporation 76
Compliance and Validation Services Regbio Compliance Services Offerings
System Requirements
Specification
Planning
Vendor Audit
Reporting/
Release
Installation/
Qualification
Extended Qualification
Specification
Analytical Systems
Routine OQ/PQ
Installation Qualifcation
Analytical
Instrument
Qualification
Routine Compliance
Services
Extended
Software
Qualification
Core CSV
Service
Extended CSV
Service
Legend
©2013 Waters Corporation 77
Compliance around the Application:
Other Policies and Procedures
©2013 Waters Corporation 78
Training Procedures
Document that all users have received appropriate training
Should include
– Lab users (scientists)
– Managers
– QA Reviewers
– IT / Network Support Engineers
– Instrument Engineers
– Validation Specialists
– Consultants
If applicable training should include knowledge of
21 CFR Part 11 and the legal implication of
Electronic Signatures
©2013 Waters Corporation 79
Change Control SOP
Changes to system
Risk assessment of the change
Performance tests
Actual impact of changes
How documentation should be updated
Training updated
Consider how to deal with different categories of change:
– Configuration Changes (Policies / User Types / SOP updates)
– Microsoft or Empower Hotfix
– New instrument driver
– Empower Service Release
– New Version of Empower
©2013 Waters Corporation 80
Disaster Recovery SOP
Plan for data integrity in case of:
Power Interruption/Spike
Flood
Fire
Major Storm
Protest/sabatoge
Plan data storage areas on/off site
Results of annual disaster recovery drill
Consider use of
– High Availability solutions
o RAC, DataGuard, Oracle FailSafe
– Emergency Workgroup or Personal Systems
©2013 Waters Corporation 81
Backup
Define and test a strategy to recover in the event of a disaster
– Tape is one mechanism
o Tapes will wear out
o Test backups
– Now often to hard disk storage or Cloud?
Validating and Testing this is key
– Oracle Hot and Cold Back up
– Archive Log files
– Ensure you talk to Waters to Set this up correctly
©2013 Waters Corporation 82
Empower 3 Compliance for an FDA audit
Inspectors want to see that you have implemented the controls that Empower provides for you
– Unique Usernames for audit trails
– Default strings for reasons WHY you change objects
– Password expiry and history
– Limited access to delete objects in the database
Outside Empower procedures are as important
– Training
– Daily Backup of data
– Long Term Archiving
Validation of the entire system, including software to demonstrate “ fit for intended use” based on a clear URS is a key aspect
– Including a clear Change Control procedure
©2013 Waters Corporation 83
Thank you!