Serving Patients is a Privilege

Size: px

Start display at page:

Download "Serving Patients is a Privilege"

Opal Francis
5 years ago
Views:

2 Serving Patients is a Privilege

3 This Privilege Comes with Significant Responsibilities

4 Understanding Requirements for Data Integrity How to Develop a Data Integrity Program Including Data Integrity with your Contractors On Going Monitoring and Governances Conclusion

Data Integrity Is an inherent need in our business Is not a new issue Is required regarding patients health and safety Establish safety, efficacy, purity, strength and

6 Data Integrity Is an inherent need in our business Is not a new issue Is required regarding patients health and safety Establish safety, efficacy, purity, strength and quality attributes to products Ensure patient health and safety Trust of patients, regulators and stakeholders When a firm fails to protect its data, it cannot serve patients

Consistent Complete Data Accurate Data Information collected and used as part of researching, developing, producing, distributing and commercializing a product Integrity Being integral,

8 Consistent Complete Data Accurate Data Information collected and used as part of researching, developing, producing, distributing and commercializing a product Integrity Being integral, accurate and complete Data Integrity The extent to which a collection of data is complete, consistent, and accurate over its lifecycle Data Integrity refers to the general trustworthiness of data

10 Market Research Drug Discovery Drug Develop in Laboratory Clinical Studies Commercial Manufactur e Supply and Distribution Discontinue and Terminate Marketing Authorization Data Integrity

11 FDA CDER Warning Letter Trends % = Laboratory System (196/317) 24% = Quality System (QA Oversight) (77/317) 10% = Production System (32/317) Reference: R.F. Tetzlaff, Presentation in September 2016, FDA shared website Country Country India 30 Jamaica 1 China 12 Japan 1 Mexico 5 Serbia 1 Canada 3 Spain 1 Italy 2 Taiwan 1 Hong Kong 1 Thailand 1 Ireland 1 UAE 1 Germany 2 UK 1 Czech Rep 1 USA 1 Total 66

Data Integrity Concepts Re-running samples, Copying existing data as new data, Discarding samples Not recording activities contemporaneously Electronic records, including data, that may have been

15 Data Integrity Concepts Re-running samples, Copying existing data as new data, Discarding samples Not recording activities contemporaneously Electronic records, including data, that may have been changed without the change being documented or justified Fabricating data, Backdating, Sharing Access Not saving electronic or hard copy data Electronic records and paper records of the same event that are not in agreement Potential Citations Testing into compliance Releasing a failing product

20 Data integrity Program Detect Prevent Respond Data Integrity

21 Personnel Data review Outsourcing Not aware Not trained Culture Insufficient Not done Not in SOP QC lab Manufacturing Processes Not validating for intended use

22 Personnel Training External sources Security Validation Document control Take ownership and accountability for your data and documentation

All employees follow standards of ethical conduct, act with integrity in everything they do Employees are responsible and accountable for the

23 All employees follow standards of ethical conduct, act with integrity in everything they do Employees are responsible and accountable for the integrity and validity of their work, whether on paper or electronic Employees notify management if procedures or policies are not being followed

25 When utilizing contractors and vendors for GxP services: Internal Audits must include reviews for data integrity controls Quality Agreements and Contracts must include data integrity controls

Ensure systems are accurate reliable consistent and fit for intended use Identify data changes and their relation to the intended use of the system Backup/restore, copying,

27 Ensure systems are accurate reliable consistent and fit for intended use Identify data changes and their relation to the intended use of the system Backup/restore, copying, and archiving of data Electronic record review by supervisory personnel Maintenance and review of audit trails Security design including segregation of duties Periodic review

29 Physical Security Badge controlled building and room access Logical Security Unique user-id Access restrictions Traceability Information is at the heart of helping patients We must ensure it is secure

31 Data Integrity Document Control Protecting paper and electronic data during its lifecycle from creation through review and approval storage and obsoleting.

32 Collection (create, record) Processing (transfer, move, calculate) Use (access, analyze, review) Archive (disposal, obsolete, retire Data Integrity concerns the entire data lifecycle

33 Manual Electronic

Requirement Paper Records e-records Legible Print name or use signature log Name associated to login ID Contemporaneous Dated in sequence of actions Time/date stamped in sequence of actions Permanent

34 Requirement Paper Records e-records Legible Print name or use signature log Name associated to login ID Contemporaneous Dated in sequence of actions Time/date stamped in sequence of actions Permanent Pen (black or blue) Don t use pencil or white out Audit modifications or deletions Don t use annotation tools Attributable Signature or initials Login or e-signature Traceable Attach supporting data Link to supporting data Time/Date Stamped Dated Time/date stamped Changes Single line cross-out Audit trail

35 Data Review Audits Metrics Detect

Audit of GxP business processes and systems to ensure: Employees remain compliant with policies, procedures and controls SOPs remain compliant

36 Audit of GxP business processes and systems to ensure: Employees remain compliant with policies, procedures and controls SOPs remain compliant with existing regulations and current practice All systems are functioning properly GxP audits are performed by trained and qualified auditors

39 Good documentation practices on electronic records = ALCOA

Activity Paper Records Electronic Records SOP Approval Review the document content and apply wet signature Review the document content and apply e-signature Batch Record Review Review the data in

42 Activity Paper Records Electronic Records SOP Approval Review the document content and apply wet signature Review the document content and apply e-signature Batch Record Review Review the data in paper Batch Record Review supporting data which is also paper Review modified/deleted data that s lined out, initialed and dated Review the electronic data on screen Review supporting data which may be in another system Review modified/deleted data that s captured in audit trail Many processes are similar, however some require a new way of thinking

43 Findings and Investigations Governance Corrective Actions Respond Effective response to data integrity issues

44 Control the way systems are designed, validated, and maintained Quality Management System Network Management Review

45 Quality Policies Operating standards Standard Operating Procedures (SOPs) Records, Protocols, Reports, Manuals

46 Staff is required to report departures from procedures Any report involving data integrity concerns is documented triaged by a multidisciplinary team Non-retaliation for whistleblowers

47 CAPA system Objective indicator to analyze the measures taken to ensure the resolution of nonconforming conditions. CAPA system is the formal improvement process

49 Most importantly consider the patient

51 Overview -

52 Data Integrity Why CMOs?

53 DI Assessment of CMOs and Testing Sites Large Molecules Small Molecules Devices Biosimilars Conjugates Peptides Testing Sites Packaging

54 Planning the Assessment Internal External

55 Internal Planning

56 Risk Classification Example Risk CMO Analytical Testing Sites High Risk DP, high revenue stream and/or high supply and business risk Clinical/ Commercial DS and DP Release and Stability testing Medium Risk DS and Devices or medium supply and/or business risk Packaging Components/ Cell Bank/ Import Testing Low Risk Packaging sites, starting matl, intermediates or low supply and/or business risk Raw Material and other testing requirements such as standard qualification tests, non-routine testing

57 DI Assessment Execution Process Depending on the risk level, the DI assessment is conducted with a Subject Matter Lead Expert (SMLE), Subject Matter Expert (SME) or Quality Site Manger (QSM). The SME and QSM will be trained by the SMLE Site Risk Level Data Integrity SME Use Site Manager training level High SMLE & SME, QSM SMLE trains SME, QSM Medium SME & QSM SME trains QSM Low QSM This can be conducted with audit in tandem

58 External Planning Planning with the CMO

59 Management at the CMO consists of.

60 Execution on the DI Assessment Process at the CMOs

61 Data Integrity Reporting/ Findings at CMO

62 DI Maintenance- After the Initial Assessment

63 Summary

65 Evaluate equipment, systems, records, the flow of data through multiple systems, self-inspections/ audits, procedures, personnel, training and training records Increase employee knowledge/ perform ongoing training this can be completed through User Acceptance testing (UAT) prior to release of the application Create procedures for Data Integrity and ensure existing procedural alignment Develop mechanisms that reinforce data integrity concepts/practices (example: ensure the users are trained to review the data that s created within the systems and review the critical data (relating to Critical process parameters (CPPs) and Critical Quality Attributes (CQAs)) in the audit trail

66 Perform investigations if data integrity issues are found and ensure these are mitigated during the project Evaluate equipment/ systems and Determine the risks if noncompliant Determine how big the problem is, is it a systemic issue involving multiple pieces of equipment or an individual one-off situation Recommend ranking the risks and tackling the largest issues first, the greatest chances for data manipulation (intentional or unintentional) with the biggest impact

72 Questions Comments - Thank you!