Maxims of Electronic Records Integrity

Electronic records (e-records) integrity is the validity of data and their relationships. For e-records to be trustworthy and reliable, the links between data, raw data, metadata, and records must not be compromised or broken. Without e-records integrity, it is difficult to regenerate a previous result reliably.

This article discusses these e-records integrity maxims applicable to the medicines’ manufacturing operations.  The lifecycle, the validity and fidelity, and the reliability to the e-records integrity are maxims or fundamental rules in an effective e-records integrity program.

These maxims are elements to consider in the e-records integrity controls to CGMP e-records.

Lifecycle

Maxim 1: E-records, as information objects, have a lifecycle (1).

E-records lifecycle refers to how e-records are generated, recorded, processed (including analysis, transformation, or migration), reported, checked, used for decision-making, retained, archived, and finally discarded at the end of the retention period (2).

The precise management of the e-records must be performed through its lifecycle (3). 

One element in quality management is the e-records integrity. Thisintegrity can be affected at any stage in the e-records lifecycle. It is consequently important to understand the lifecycle components for each type of e-record, and ensure controls based on the criticality and risk at all stages (2).

During the operation stage, e-records are generated, recorded, transformed, accessed, used, logically deleted, migrated, and retired (physically deleted).  During this stage, the integrity of the e-records can be compromised. The objective of the implementation and enforcement of the e-records requirements are to preserve the e-records integrity. These requirements include: 

• Only authorized people can modify the e-records stored on data servers or any other media. 

• There are records of changes made.

• Entry of e-records considered critical checked by a designated person other than the one who made the records or checked by the system itself.

• Availability of a procedural control for cancellation, changes to the level of approval, and for entering or editing e-records, including changing of personal password.

The effectiveness of the controls associated with e-records integrity must be monitored.

To keep the focus on the e-records integrity technical controls during the operation stage, these controls can be categorized in three spaces:  e-records storage, e-records during processing, and e-records while in transit.

FDA guidance says that data integrity is critical throughout the CGMP data lifecycle, including in the creation, modification, processing, maintenance, archival, retrieval, transmission, and disposition of data after the record’s retention period ends (4).

Measure of validity

Maxim 2: As a state or condition, e-records integrity is a measure of the validity and fidelity of a data object (5). 

E-records integrity is the foundation of GMPs. The information properly recorded is the basis for manufacturers to assure product identity, strengths, purity, and safety (6). The collected e-records also demonstrate that the manufacturing process adheres to the GMPs, including instructions.

E-records integrity is a requirement that information, programs and configurations are changed only in a specified and authorized manner. It is necessary that e-records be protected against alteration without appropriate permission.

All workflows associated with e-records that need to be protected against alteration without appropriate permission are carefully designed and tested (4).

As applicable, the e-records workflows that must be carefully designed (2) and tested are:

• Generation of the data

• Recording of the data

• Completeness of the data

• Processing of the data

• Data error checking

• Integration of data

• Security of data and associated warehouses

• Data mappings to warehouses

• Correctness and completeness of printouts

• Generation of audit trails, as applicable

• Management of the metadata

• Disposal of data during the retirement of the associated system(s) and during the end of the retention period.

For the organizational purpose of the lifecycle to the above workflows, these can be grouped one of the following: records retained by computer storage, during processing, and while in transit (7). 

EU guidelines state, “The electronically stored data shall be protected, by methods such as duplication or back-up and transfer on to another storage system, against loss or damage of data, and audit trails shall be maintained” (8).

Security

Electronic record: collection of related data treated as a unit (1)

Data: the contents of a record; it is the basic unit of information that has a unique meaning and can be transmitted (2)

Raw data: the original record (data), which can be described as the first-capture of information, whether recorded on paper or electronically (3)

System owner: the person responsible for the availability, and maintenance of a computerized system and for the security of the data residing on that system (4).

References

Maxim 3: As a function related to security, e-records integrity service maintains information exactly as it was inputted and is auditable to affirm its reliability (9).

Because maintaining e-records integrity is a primary objective of the GMP principles, it is important that everyone associated with a computer system in a regulated entity is aware of the necessity for the security considerations. The regulated entity must ensure that personnel are aware of the importance of e-records security, the procedures and system features that are available to provide appropriate security, and the consequences of security gaps. Such system features could include routine surveillance of system access, the implementation of file verification routines, and exception and/or trend reporting.

Security controls must be established for all computer systems as a mean of ensuring e-records protection.  Computer security is the principal enabler to create the integrity of e-records.

A number of unrelated regulated entities have had problems linked to the proper control over computer systems to prevent unauthorized changes in e-records. Usually, these regulated entity sites alter or delete critical e-records.

The system owner is the person responsible for providing the e-records protection suitable controls over the application, infrastructure (e.g., network, database server), and database components.  These record protection controls ensure that only authorized personnel can make changes to any component of the computer system and the security of the e-records residing on the system. 

Finally, application level security and associated authority checks control the access to the computer system applications (i.e., applications security).

FDA states that “appropriate controls shall be exercised over computer or related systems to assure that changes in master production and control records or other records are instituted only by authorized personnel” (10).  

References

1. O. López, "Electronic Records Life Cycle," in Data Integrity in Pharmaceutical and Medical Devices Regulation Operations (CRC Press, Boca Raton, FL, 1st ed., 2017), pp. 39-45.

2. EMA, Q&A GMP Data integrity, New (Amsterdam, The Netherlands, Aug 2016).

3. CFDA, Data Integrity Guidance, Draft (Beijing, China, Sep 2017).

4. FDA, Data Integrity Guidance (Rockville, MD, December 2018).

5. O. López, "Control of Records," in Pharmaceutical and Medical Devices Manufacturing Computer Systems Validation (Routledge/Productivity Press, New York, NY, 1st ed., 2018), pp. 138-140

6. J. Wechsler, Pharm. Tech. 38 (9) 16-18 (2014).

7. NIST, SP 800-33 - Underlying Technical Models for Information Technology Security (Gaithersburg, MD, December 2001).

8. EU, 2003/94/EC Laying down the principles and guidelines of good manufacturing practice in respect of medicinal products for human use and investigational medicinal products for human use (Brussels, October 2003).

9. O. López, "Security," in Data Integrity in Pharmaceutical and Medical Devices Regulation Operations (CRC Press, Boca Raton, FL, 1st ed., 2017), pp. 162-166.

10. FDA, 21 CFR 211.68(b).

About the Author

Orlando Lopez is an electronic records integrity subject matter expert.