2015年6月25日---符合性问题,GMP
Data integrity is fundamental in a pharmaceutical quality system which ensures that medicines are of the required quality. A robust data governance approach will ensure that data is complete, consistent and accurate, irrespective of the format in which data is generated, used or retained.
数据完整性在药品质量体系中是一个基本的问题,它确保药品具备所需的品质。坚实的数据管理方法可以确保数据完整、一致和准确,而不论数据产生形式如何,如何使用或保存。
An increased focus on data integrity and governance systems has led to serious consequences for several companies. This is the first of a series of 3 blogs which will explore elements of organisational behavior and system design which can mean the difference between data integrity success and failure.
对数据完整性和数据管理体系持续增加的关注已导致几个公司面临严重的后果。本文是一个三篇博文系列中的第一篇,其中将探讨组织行为和系统设计可能导致截然不同的数据完整性成败结果。
An increased focus on data integrity and governance systems has led to serious consequences for several companies
对数据完整性和数据管理体系的关注持续增长已导致几个公司面临严重后果
One of the top global issues reported in the pharmaceutical media over the past 2 years has been data integrity. Regulatory actions resulting from data integrity failures have led to the withdrawal of supply across multiple markets, product recall, and serious reputational damage for those companies concerned. However this hot topic is not a new requirement, as basic data integrity principles are already described in international good manufacturing practice guidance.
在过去2年中,数据完整性一直是制药媒体中报道的问题之首。由于数据完整性失败而导致的法规行为已导致了受影响公司将多个市场的供应撤销、产品召回以及严重的名誉受损。但是,这个新的话题并不是一个新的要求,因为基本的数据完整性原则早已在国际GMP指南中有了描述。
There is a general misconception that data integrity failures only result from acts of deliberate fraud. Yet in the collective experience of my colleagues and me, the majority of issues relate to bad practice, poor organisational behaviour and weak systems, which create opportunities for data to be manipulated. However there is a way for companies to navigate the troubled waters of data integrity deficiencies by taking some basic behavioural, procedural and technical steps to significantly improve their systems.
有一个常犯的错误是认为数据完整性问题只有蓄意造假才会导致该问题。在对我和我同事的经验的总结中,我们发现其实大多数问题是因为不良的操作规范、不良的组织行为和差的系统,创造了数据造假的机会。但是其实公司还有是办法通过采取一些基本的行为方面的、程序方面的以及技术方面的措施来显著提升其系统,从而引导数据完整性缺陷的问题之水流向正确的方向。
Impact of organisational culture: is your company behaving well? 企业文化的影响:你的公司行为得当吗?
The impact of organisational culture and senior management behaviour on data governance must not be underestimated. Indicators with relevance to data governance provide a measure of the workforce’s understanding and reporting behaviour, combined with the management’s receptiveness to ‘bad news’. Is error or system failure reported as an opportunity for improvement, or is there a mind-set around ‘not wanting to cause trouble’? To remove the incentive to manipulate, re-create or amend data, the managerial response to ‘bad news’ must be fair and consistent, and not based on a fear of consequences.
企业文件和高层管理的行为对数据管理的影响绝对不能低估。与数据管理相关的指标决定了员工了解和报告行为的测量方式,与管理可接受度合并成为“坏消息”。错误或系统失败报告后是会成为改进的机会,还是有一种想法“不想惹麻烦”?为了消除伪造、重新创建或修改数据的诱因,管理者对“坏消息”的反应必须公平一致,而不要因为害怕其后果而做出不当反应。
‘Led from the top; empowered from below’ “领导自上而下,授权自下而上”
Organisational culture is not just addressed by senior management putting the right words in a mission statement. I have seen that communicating expectations clearly to staff at all levels in the company, and then living by these principles, is the key to success. Leadership, engagement and empowerment of staff at all levels in the organisation can then combine to identify and deliver systematic data integrity improvements where good practice becomes automatic.
企业文化不仅是由高层管理在使命宣言里放一些好听的词语。我曾经见过将期望很明白地向公司所有层级的员工清楚地解释,然后坚持执行这些原则,这是成功的关键。领导、契约和组织内所有层级员工授权可以合在一起,用于识别和传递系统的数据完整性改进,这样良好的操作就成为自觉的行为了。
Aristotle (384 BC - 322 BC), Classical Greek philosopher.
亚里士多德(公元前384-322),古典希腊哲学家
As the philosopher Aristotle observed: 正如哲学家亚里士多德所说:
“We are what we repeatedly do. Excellence, then, is not an act but a habit”.
“重复的行为造就了我们。因此,卓越不是一种行为,而是一种习惯。”
The data lifecycle 数据生命周期
With support from the correct organisational culture, the next important element of successful data governance is to understand the data lifecycle. This will enable the implementation of a system which is designed to assure the integrity of data throughout its life, beyond the limitations of data review.
有了正确的企业文化的支持,实施成功的数据管理的下一个重要的要素是了解数据的生命周期。这将会促进在其生命周期中实施确保数据完整性的系统,超出数据审核的限度。
The data lifecycle considers all phases in the life of the data, from initial generation and recording, through processing, use, archiving, retrieval, and (where appropriate) destruction. Failure to address just one element of the data lifecycle will weaken the effectiveness of the measures implemented elsewhere in the system.
数据的生命周期考虑了数据生命的所有阶段,从最初的产生和记录,到处理、使用、存档、恢复,和(适当时)销毁。其中任何一个要素的缺失都会削弱在系统中实施的其它措施的有效性。
Establishing data criticality and inherent integrity risk 建立数据关键性和内在完整性风险
In addition to staff training and implementation of data integrity policies, consideration should be given to the organisational (eg procedures) and technical (eg computer system access) controls applied to different areas of the quality system. The degree of effort and resource should be commensurate with data criticality (how it is used) and inherent risk (how it is generated).
除了员工培训,以及实施数据完整性方针外,还要考虑应用于质量体系不同领域的企业(例如程序)和技术(例如计算机系统登录)控制。提供资源和付出努力的程度应与数据关键程度(如何使用数据)及内在风险(数据是如何产生的)相称。
Data which relates to critical process control, batch release decisions or longterm stability may have significant impact to product quality. Other data, while of relevance to the operation of a GMP compliant facility, may be of lower criticality.
与关键工艺控制、批放行决定或长期稳定性研究相关的数据可能对产品质量具有重要影响。其它数据,虽然也与GMP符合性场所的操作相关,但可能其关键程度要低一些。
The way in which data is generated will influence the inherent data integrity risk. Data may be generated by a paper-based record of a manual observation or, in terms of equipment, a spectrum of simple machines (eg pH meters and balances) through to complex highly-configurable computerised systems (eg HPLC and ERP systems). The inherent risks to data integrity will differ depending upon the degree to which data generated by these systems can be configured, and therefore potentially manipulated.
数据产生的方式也对影响数据的内在完整性风险。数据可能是由人员观察所获得的纸质记录所产生,或者是设备产生,或简单设备的图谱所产生(例如pH计和天平),也可能是通过复杂的赋予许多参数运行的计算机化系统所产生(如HPLC和ERP系统)。数据完整性的内在风险会根据产生数据的系统能设置的参数程序有差异,因此有可能被伪造。
Our inspectorate finds that manufacturers typically focus data integrity and validation resources on large and complex computerised systems, while paying less attention to other systems with apparent lower complexity. Whereas simple machines may only require calibration, the data integrity risk associated with systems linked to user configurable software (eg PLC-linked production equipment and infra-red / UV spectrophotometers) can be significant, especially where the output can be influenced (modified or discarded) by the user. Without well designed controls it may be possible to manipulate data or repeat testing to achieve a desired outcome with limited opportunity of detection.
我们在检查中发现生产商一般会关注大型复杂的计算机化系统的数据完整性和验证资源,而不注意其它复杂性明显较低的系统。虽然简单设备可能只需要进行校正,但用户设置参数的软件相链接的系统(如PLC链接的生产设备和红外/UV光谱仪)的数据完整性风险可能是非常严重的,特别是如果输出会受到用户的影响的话(修改或丢弃)。控制设计不好的话,就有可能伪造数据或重复测试而获得想要的结果,而被发现的可能性则较低。
More detailed guidance on data integrity expectations, which builds on the behavioural issues, has been published by MHRA. My next blog in this series will look at ways in which systems can be designed to assure data quality and integrity.
更多数据完整性期望的细节已由MHRA公布。我是本系列下一篇博文将会探讨在如果设计系统方可确保数据质量和完整性。