MHRA发布GMP数据完整性博文:老调新谈(第1部分)
原创2015-08-05LucyWang洛施德GMP咨询洛施德GMP咨询
Soltoris洛施德GMP咨询旨在协助制药企业提升GMP质量管理体系,通过国内外药监单位GMP认证,并透过实施我司自主研发的《SISQP全面质量管理系统》,实现“合规-高效-可控”的信息化质量管理体系。若您有任何需求,欢迎在微信留言,获取更多的信息。
【点击上方洛施德GMP咨询关注我们│您最佳的GMP伙伴】
谢谢支持
Good Manufacturing Practice(GMP) data integrity: a new look at an old topic,
part 1
GMP数据完整性:老调新谈,第1部分
David Churchward, 25 June 2015 —Compliance matters
David Churchward, 2015.06.25—合规问题
Data integrity is fundamental in a pharmaceutical quality system which ensures that medicines are of the required quality.
数据完整性是制药行业质量管理系统的基础,它确保药品符合质量要求。
A robust data governance approach will ensure that data is complete, consistent and accurate,irrespective of the format in which data is generated, used or retained.不论数据是以何种形式生成、使用或保留的,一个稳健的数据管理方法能确保数据的完整性、一致性和准确性。
An increased focus on data integrity and governance systems has led to serious consequences for several companies. This is the first of a series of 3 blogs which will explore elementsof organisational behavior and system design which can mean the difference between data integrity success and failure.
对数据完整性和数据管理系统的持续关注,导致一些公司产生了严重的后果。这是三个系列博客中的第一个博客,本博客将探索导致数据完整性成功和失败的组织行为和系统设计因素。
An increased focus on dataintegrity and governance systems has led to serious consequences for several companies
对数据完整性和数据管理系统的持续关注,导致一些公司产生了严重的后果。
One of the top global issues reported in the pharmaceutical media over the past 2 years has been data integrity. Regulatory actions resulting from data integrity failures have led to the withdrawal of supply across multiple markets, product recall, and serious reputational damage for those companies concerned. However this hot topic is not a new requirement, as basic data integrity principles are already described in international good manufacturing practice guidance.
过去两年里,制药行业相关媒体报道最多的全球议题之一就是数据完整性。由于数据完整性未符合相关要求而采取的监管措施导致了药品从许多市场撤销供应、药品召回以及相关制药企业蒙受巨大的声誉损失。然而,本热点话题并不是一个新的要求,因为基本的数据完整性原则早已包含在国际GMP法规中了.
There is a general misconception that data integrity failures only result from acts of deliberate fraud. Yet in the collective experience of my colleagues and me, the majority of issues relate to bad practice, poor organisational behaviour and weak systems, which create opportunities for data to be manipulated. However there is a way for companies to navigate the troubled waters of data integrity deficiencies by taking some basic behavioural, procedural and technical steps to significantly improve their systems.
只有蓄意诈骗才会导致数据完整性失败是一种常见的误区。根据我同事和我的共同经验,与不良操作、不良组织行为和薄弱系统有关的大多数问题都会为操纵数据创造机会。然而公司
有一种方法可以解决数据完整性缺陷,那就是进行基本的行为、流程和技术步骤,以显著改善公司的系统。
| Impact of organisational culture: is your company behaving well?
| 组织文化的影响:您的公司表现良好吗?
The impact of organisational culture and senior management behaviour on data governance must not be underestimated. Indicators with relevance to data governance provide a measure of the workforce’s understanding and reporting behaviour, combined with the management’s receptiveness to ‘bad news'. Is error or system failure reported as an opportunity for improvement, or is there a
mind-set around ‘not wanting to cause trouble’? To remove the incentive to manipulate, re-create or amend data, the managerial response to "bad news" must be fair and consistent, and not based on a fear of consequences.
绝对不能低估组织文化和高级管理层行为对数据管理的影响。与数据管理相关的指标提供了衡量员工理解和报告行为以及经理对“坏消息”接受度的手段。是否会报告错误或系统故障以改善系统,或是否有“怕麻烦”的心态?为了去除操纵、重建或修改数据的诱因,管理人员应对“坏消息”一定要公正、一致,不能害怕后果。
| Led from the top; empowered from below
| 上层领导,下层执行
Organisational culture is not just addressed by senior management putting the right words in a mission statement. I have seen that communicating expectations clearly to staff at all levels in the company, and then living by these principles, is the key to success. Leadership, engagement and empowerment of staff at all levels in the organisation can then combine to identify and deliver systematic data integrity improvements where good practice becomes automatic.
组织文化不只只是高级管理人员将正确的言论变为宗旨。我见到过公司各个等级的员工清楚地交流期望,然后根据这些原则工作,这是成功的关键。如果这种良好的情况成为必然时,组织中各个层级的员工可以识别和实现系统的数据完整性的改进。
| The data lifecycle
| 数据使用周期
With support from the correct organisational culture, the next important element of successful data governance is to understand the data lifecycle. This will enable
the implementation of a system which is designed to assure the integrity of data throughout its life, beyond the limitations of data review.
有了正确的组织文化的支持,下一个成功进行数据管理的重要因素就是理解数据的生命周期。这将会使确保数据完整性的系统在其生命周期内不受数据回顾的限制。
The data lifecycle considers all phases in the life of the data, from initial generation and recording, through processing, use, archiving, retrieval, and (where appropriate) destruction. Failure to address just one element of the data lifecycle will weaken the effectiveness of the measures implemented elsewhere in the system.
数据生命周期包括数据生命周期的所有阶段:从产生和记录阶段到处理、使用、存档、恢复和(如有可能)销毁。哪怕是弄错数据生命周期的一个因素都会降低系统中措施执行的有效性。
| Establishing data criticality and inherent integrity risk
| 建立数据临界和内在完整性风险机制
In addition to staff training and implementation of data integrity policies, consideration should be given to the organisational (eg procedures) and technical
(eg computer system access) controls applied to different areas of the quality system. The degree of effort and resource should be commensurate with data criticality (how it is used) and inherent risk (how it is generated).
除了进行员工培训和执行数据完整性政策外,还要考虑到应用于质量体系中不同区域的组织(即程序)和技术(即计算机系统登录)控制。努力的程度和资源利用的程度应与数据临界(如何使用)和内在风险(如何产生)的大小等量。
Data which relates to critical process control, batch release decisions or longterm stability may have significant impact to product quality. Other data, while of relevance to the operation of a GMP compliant facility, may be of lower criticality.与关键工艺控制、批量放行决定或长期稳定性相关的数据可能会对产品质量有重要的影响。与GMP合规设备操作相关的其他的数据可能低于临界点。
The way in which data is generated will influence the inherent data integrity risk. Data may be generated by a paper-based record of a manual observation or, in terms of equipment, a spectrum of simple machines (eg pH meters and balances) through to complex highly-configurable computerised systems (eg HPLC and ERP systems). The inherent risks to data integrity will differ depending upon the degree
to which data generated by these systems can be configured, and therefore potentially manipulated.
数据产生的方式对内在数据完整性风险有影响。数据可能是由人为观察的纸质记录产生或由简单机器(如,酸度计和天平)和复杂的高配置的计算机化系统(如,HPLC和ERP系统)产生。数据完整性的内在风险将视系统产生的数据的可配置程度和潜在的可操纵程度而定。
Our inspectorate finds that manufacturers typically focus data integrity and validation resources on large and complex computerised systems, while paying less attention to other systems with apparent lower complexity. Whereas simple machines may only require calibration, the data integrity risk associated with systems linked to user configurable software (eg PLC-linked production equipment and infra-red / UV spectrophotometers) can be significant, especially where the output can be influenced (modified or discarded) by the user. Without well designed controls it may be possible to manipulate data or repeat testing to achieve a desired outcome with limited opportunity of detection.
我们的检查官发现,生产商通常关注大型的、复杂的计算机化系统的数据完整性和验证资源,很少关注其他复杂性低的系统。尽管简单的机器也许只需要校验,但是与用户配置软件连接的系统(如,PLC相关的生产设备和红外线/UV分光光度计)的数据完整性风险是重要的,尤其是输出的数据可能受用户的影响(修改或丢弃)。如果没有良好的控制,那么数据可能被操纵,或是重复执行测试得到期望的结果,而这些情况却无法被发现。
More detailed guidance on data integrity expectations, which builds on the behavioural issues, has been published by MHRA . My next blog in this series will look at ways in which systems can be designed to assure data quality and integrity.建立在行为问题上的数据完整性的更多详细的法规已由MHRA发布。下一个博客将探讨确保数据质量和完整性的系统设计方法。