 |
| Data Integrity App |
Question 1:
Do you have policies and procedures that specify how staff is given access
to computer systems?
Best
Answer: The
process for granting, changing, and removing access should be governed by a
discrete procedure. Access to certain systems should be governed according to
job function.
Are individual login and passwords required to access computer systems?
Best Answer: This is crucial for ensuring that the activity performed can be
attributed to an individual. Never share any login credentials or passwords.
Does your software control actions through access privilege levels?
Best Answer: Activities
within the system should be governed by job function and those who create records
should have very limited or no ability to modify or delete them. Make sure to
maintain and update lists showing who has particular access privileges for each
system.
Question 4:
What are the training requirements
for personnel ?
Best Answer: Employee having the
education, training, experience and skills or any combination of these elements
that will ensure that staff can perform assigned duties and functions at an
acceptable level.
Training and
assessment should be carried out by persons with relevant training,
qualifications and experience in the subject matter and training personnel
should preferably have been formally qualified in training and assessment.
There are a number of
people who have a direct bearing on quality outcomes. These include
contractors, consultants and casual employees. Therefore, appropriate training
and assessment should be provided and recorded.
Question 5:
Are date and time featured secured so they cannot be changed by those who
perform, supervise, or review records?
Best Answer: When individuals are able to change date and time stamps, it's not
possible to ensure that activities were conducted at the date and times
indicated – compromising the integrity of the data. These features should
be controlled at the network level.
Question 6:
Is the identity of the person performing an
activity captured by the audit trail?
Best Answer: This
requires unique login credentials and ensures firms and regulatory
investigators know who, in particular, performed an action. Logging in, acquiring
data, processing data, modifying data, deleting data, reporting results or
reviewing data are all activities that require audit trails capture individual
performers.
Question 7:
Are your audit trails capable of documenting
why an action was performed?
Best Answer: Selecting
from a pre-written list of possible justifications can leave out important
details needed when explaining why a particular action was taken.To
ensure completeness and specificity, make this field a free text field for
users to write their own justifications. Be sure all users are trained on how
to provide a clear and complete justification.
Can data be obscured or deleted when certain
operations are performed?
Best Answer: Sometimes
this can happen and not be immediately apparent. When samples are retested, for
example, the original results should always remain available to ensure
everything can be reviewed and that your quality unit is considering all data
when making lot disposition decisions.
If
data is overwritten, erased, or obscured, records associated with an activity
cannot be fully reviewed.
Question 9:
Is the data being reviewed in the same format
in which is generated?
Best Answer: Most
instrument data is reviewed in an electronic format and supplement by log books
and other sources. GMP decisions should never be based on printouts of
chromatograms or other documents that are used for convenience. When these
documents are used, they should include the path to the original electronic
data.
Question 10:
Is it acceptable to shred GMP related documents?
You shred any GxP Documents?
Best Answer: Once a document has reached its archive
expiration date (e.g. one year after the product expiration date or seven years
from production of the batch or whatever is in your company’s SOP) you can
shred the document PROVIDED (at least in the EU GMPS, chapter 4) that document
does not contain data submitted in the marketing application. In that case, you
need to keep it forever.
“Trust but Verify “ Ronald Reagan
Across the internet, there are millions of resources are available which provide information about Everything.
If you found all content under one roof then it will save your time, effort & you will more concentrated on your important activity.
 |
| Data Integrity App |
Our Data integrity app will helpful for understanding what Data integrity & CSV really means & How 21 CFR Part 11, EU Annex 11 & other regulatory guidelines affects in pharmaceutical Industry.
- Basic Data Integrity Concepts
- ERES & Its Requirement
- CSV & Its best practices
- Mock Inspection and General Q&A
- Checklist for inspection
- Inspection Readiness
- Useful SOP’s
- Stay Regulatory Compliant.
“Stay One Step Ahead in Pharma IT Compliance”
https://play.google.com/store/apps/details?id=com.innovativeapps.dataintegrity
Try our "Data Integrity" app which helps you to better understand current regulatory agencies thinking on Data Integrity & CSV.
Comments
Post a Comment