GAMP® Guide: Records and Data Integrity

Print this page         
Records and Data Integrity Cover

Published: March 2017
Pages: 152

Table of Contents ( 681 KB)

Formats Member Price Nonmember Price  
Bound Version $200 / €185 $395 / €360 buy now
Individual Download $200 / €185 $395 / €360 buy now

The importance of ensuring data integrity is reflected in guidance, citations, and public comments of Regulators and Health Agencies. A number of companies have suffered serious regulatory and financial consequences as a result of unacceptable pharmaceutical data integrity practices. The current global regulatory focus and increased interest on data integrity has resulted in the need to develop industry guidance on this topic. A holistic approach to records and data integrity is required.

The ISPE GAMP® Guide: Records and Data Integrity provides principles and practical guidance on meeting current expectations for the management of GxP regulated records and data, ensuring that they are complete, consistent, secure, accurate, and available throughout their life cycle.

This approach is intended to encourage innovation and technological advancement while avoiding unacceptable risk to product quality, patient safety, and public health.

The ISPE GAMP Guide: Records and Date Integrity is intended as a stand-alone ISPE GAMP Guide aligned with the ISPE GAMP 5: A Risk-Based Approach to Compliant GxP Computerized Systems. It has been designed so that it may be used in parallel with guidance provided in ISPE GAMP 5 and other ISPE GAMP Good Practice Guides. Although the scope of this document is wider, it replaces the previous ISPE GAMP Good Practice Guide: A Risk-Based Approach to Compliant Electronic Records and Signatures.

This Guide has been developed by the GAMP Community of Practice (CoP) of ISPE; a world-wide community of practitioners and subject matter experts who over twenty-five years have been developing internationally accepted guidance on risk-based approaches to safeguard patient safety, product quality, and data integrity.

This Guide has been produced with significant input and review from regulators worldwide, including key specialists from leading regulatory authorities working (MHRA and WHO) in this area.

The ISPE GAMP® Guide: Records and Data Integrity is intended to be a complete and comprehensive single point of reference covering the requirements, expectations, and principles of pharmaceutical data integrity. Topics covered include regulatory focus areas, the data governance framework, the data life cycle, culture and human factors, and the application of Quality Risk Management (QRM) to data integrity. As such, it is of great interest to anyone with a responsibility for ensuring data integrity, including:

  • Executives and managers
  • Process and data owners, and data stewards
  • Technical system owners
  • System developers, maintainers, and users
  • Quality Assurance and Quality Control
  • Clinical, manufacturing, and laboratory personnel
  • Validation and compliance specialists
  • Suppliers of systems and services
  • IT and engineering professionals

Readers will gain an invaluable insight into the pressing hot topic of pharmaceutical data integrity, gaining an in-depth understanding of the key requirements and principles, and gain an awareness of practical approaches and techniques to effectively address data integrity challenges. The ISPE GAMP Guide: Records and Data Integrity will assist regulated companies and their suppliers to achieve the high level of data integrity expected by regulatory authorities worldwide.

Structure of the ISPE GAMP® Guide: Records and Data Integrity:

  1. Data integrity requirements, critical areas of regulatory focus and concern, and key concepts
  2. Framework for data governance and the importance of human factors
  3. Complete data life cycle approach as part of a Quality Management System (QMS), from creation to destruction
  4. Further information on how to apply the Quality Risk Management (QRM) approach from ISPE GAMP® 5 to record and data integrity
  5. More detailed information, including “how to” guidance for specific topics, in a series of management, development, and operation appendices
 

ER&S GPG Section/Topics

RDI Guide Mapping

1

Introduction

  • Overview
  • Purpose
  • Scope
  • Benefits
  • Objectives
  • Structure of this Guide
  • Key Concepts
  • Current Regulatory Situation

Section 1 Introduction

  • Background
  • Purpose
  • Scope
  • Structure of this Guide
  • Key Concepts
  • Regulatory Focus

 

2

Risk Management Process

  • Overview
  • Process Steps
  • Points to Consider

Section 5 Quality Risk Management

  • Introduction
  • Process Risk Assessment
  • Quality Risk Management Approach
  • Product and Process Context

3

Applying the Risk Management

Process

  • Corporate level Activities
  • Applying the process to New/Existing Systems
  • Previously assessed Systems

Section 5 Quality Risk Management

Appendix M1: Corporate Data Integrity Program

4

Controls

  • Electronic Record Controls
  • Electronic Signature Controls
  • Hybrid Records
  • User/Supplier Responsibilities
  • Technical and procedural controls and requirements
  • Section 5 Quality Risk Management
  • Appendix D3: Risk Control Measures for Records, Data, and Electronic Signatures
  • Appendix O2: Paper Records and Hybrid Situations
  • Appendix D1: User Requirements

 

Appendix 1 – Validation

  • Validation of GxP Computerized Systems is covered in GAMP 5.
  • The need for validation of systems for intended use related to Data Integrity is covered in RDI Section 2 Regulatory Focus.
 

Appendix 2 – Audit Trail and Data Security

  • Appendix M4: Data Audit Trail and Audit Trail Review
  • Appendix D1: User Requirements
  • Appendix D3: Risk Control Measures for Records, Data, And Electronic Signatures
 

Appendix 3 – Record Retention, Archiving, and Migration

Appendix O1: Retention, Archiving, And Migration

 

Appendix 4 – Copies of Records

  • Section 4 Data Life Cycle
  • Appendix M6: Inspection Readiness

 

Appendix 5 – 21 CFR Part 11 Legacy Systems

Appendix M1: Corporate Data Integrity Program

 

Appendix 6 – Examples of Records and Signatures Required by GxP Regulations

Excerpts of regulations no longer included in Guidance. Refer to primary regulatory sources

 

Appendix 7 – Case Studies

Case study information to be published separately or as input to proposed future Guidance and Practical Approaches to Records and Data Integrity document

 

Appendix 8 – Copy of GAMP 4, Appendix M3 Guideline for Risk Assessment

Section 5 Quality Risk Management

 

Appendix 9 – Example Template Form for Risk Assessment and Identification of Controls

Appendix D3: Risk Control Measures for Records, Data, And Electronic Signatures

[Guide does not include template forms].

 

Appendix 10 – Form for Previously Assessed 21 CFR Part 11 Systems

Appendix M1: Corporate Data Integrity Program

[Guide does not include template forms].

 

Appendix 11 – Current Regulatory Situation

Section 2 Regulatory Focus.

 

Appendix 12 – Glossary

Glossary

 

Appendix 13 – References

References

My ISPE

  • Click to go to My Communities of Practice
  • Click to go to My Affiliate or Chapter
  • Click to go to My Profile