lundi 26 mai 2014

Encore des écarts sur l'"intégrité des données"...

Cet établissement pharmaceutique indien s'est vu notifié plusieurs écarts relatifs à l'intégrité des données de son site de production de principes actifs:
1.    Failure to ensure that laboratory records included complete data derived from all tests necessary to ensure compliance with established specifications and standards.

For example,

a.    Your firm is missing the fundamental raw data and information necessary to document your analyses. For example, these analyses lack the following critical data:
  • identification of the samples tested, including name and source, batch number or other distinctive code, and date of the sample
  • the complete record of all raw data generated during each test, including graphs and electronic files from laboratory instrumentation
  • test method used
  • sample preparation as prescribed by the method, preparation and testing of standards, reagents and standard solutions
  • records of all calculations performed in connection with the test
  • test results
  • the signature of the person who performed each test and the date(s) the tests were performed, and the date and signature of a second person showing that the original records have been reviewed for accuracy, completeness, and compliance with prescribed acceptance criteria...
b.    Your firm frequently performs “unofficial testing” of samples, disregards the results, and reports results from additional tests. For example, during stability testing, your firm tested a batch sample six times and subsequently deleted this data...    
Et du site de mise sous forme pharmaceutique: 
1.    Your firm failed to exercise appropriate controls over computer or related systems to assure that only authorized personnel institute changes in master production and control records, or other records (21 CFR 211.68(b)).

The investigator identified numerous deleted raw data files on computers used for your GC instruments in your quality control laboratory.  The software (“GC Solutions”) on the computers used to control the GC instruments allowed your analysts to delete files from the computer’s hard drive with no audit trail or other adequate form of traceability in the operating system to document the deletion activity. The software as configured assigned sequential, numerical names to raw data files within the same folder.  When a raw data file was deleted or moved out of the designated folder, the next file recorded into the folder would be saved with an identical name as the deleted file. As a result, data can be manipulated so that saved files appear to be in sequence even if they were not generated sequentially. Due to the basic lack of audit trail and data security, an analyst could delete analytical files without traceability of this unacceptable practice. 
The inspection revealed that you stored GC raw data files in multiple folders on the hard drives in the QC laboratory. Your Senior QC Officer stated you had no written procedure describing the management of GC raw data file storage. According to your firm's electronic data archival SOP IT-001, each QC analyst manually transferred individual raw data files to the central server at (b)(4). Your procedure did not address how this data transfer by QC analysts could be reliably verified, and whether proper computerized system controls will be implemented by your company.

Plus d'information ici.