EMA GMP数据完整性问答(中英对照版)(2016.08).pdf

Translated by April from CPAPE, only for study and communication, not for commercialization 1 EMA Data integrity Q 是否有可能对原始数据和元数据进行重建、修改或删除？ Controls over paper records are discussed elsewhere in this guidance. 指南中每处都讨论了对纸质记录的控制。 Computerised system controls may be more complex, including setting of user privileges and system configuration to limit or prevent access to amend data. It is important to review all data access opportunities, including IT helpdesk staff, who may make changes at the request of the data user. These changes should be procedurally controlled, visible and approved within the quality system. 计算机化系统控制可能更为复杂，包括使用者权限的设置，以及限制或阻止修改数据的系统设 置。审查所有接触数据的机会很重要，包括 IT 技术支持维护员工，该员工可能按照数据使用者 的要求改动数据。这些改动应该程序受控、可视化，并且在质量体系中得到批准。 How data is transferred to other locations or systems for processing or storage; Data should be protected from possibility of intentional or unintentional loss or amendment during transfer to other systems (e.g. for processing, review or storage). Paper records should be protected from amendment, or substitution. Electronic interfaces should be validated to demonstrate security and no corruption of data, particularly where systems require an interface to present data in a different structure or file format. 如何转移数据到其他地方或系统以进行处理或存储；在转移到其他系统过程中（例如出于处理、 审查或存储的目的），应避免有意或无意丢失或修改数据的可能性。应避免修改或替换纸质文 件。应对电子界面进行验证，证明数据安全无破坏，尤其当系统要求以不同结构或文件格式显示 数据时。 Translated by April from CPAPE, only for study and communication, not for commercialization 6 Does the person processing the data have the ability to influence what data is reported, or how it is presented. 处理数据的人员是否有能力影响报告哪些数据，或者如何呈现数据。 7. Data lifecycle: What risks should be considered when assessing the processing data into usable information? 7. “数据数据生命周期生命周期”：当当评估处理评估处理数据为有效数据为有效信息时应考虑何种风险？信息时应考虑何种风险？ The following aspects should be considered when determining risk and control measures: 在确定风险和控制措施时应考虑以下因素： How is data processed; 如何处理数据； Data processing methods should be approved, identifiable and version controlled. In the case of electronic data processing, methods should be locked where appropriate to prevent unauthorised amendment. How is data processing recorded; 如何记录数据处理（情况）； The processing method should be recorded. In situations where raw data has been processed more than once, each iteration (including method and result) should be available to the data checker for verification. Does the person processing the data have the ability to influence what data is reported, or how it is presented; 处理数据的人员是否有能力影响报告哪些数据，或者如何呈现数据。 Even validated systems which do not permit the user to make any changes to data may be at risk if the user can choose what data is printed, reported or transferred for processing. This includes performing the activity multiple times as separate events and reporting a desired outcome from one of these repeats. 如果使用者可选择性的打印、报告或转移处理数据，即使不允许使用者改变数据的“确认后系 统”也会承担风险。包括多次进行活动作为分开的事件，以及在重复结果中报告理想的结果。 Data presentation (e.g. changing scale of graphical reports to enhance or reduce presentation of analytical peaks) can also influence decision making, and therefore impact data integrity. 数据呈现（例如：改变图像报告的比例以加强或减弱分析峰值的展现）也能影响决策的制定，因 此影响数据完整性。 8. Data lifecycle: What risks should be considered when checking the completeness and accuracy of reported data and processed information? Translated by April from CPAPE, only for study and communication, not for commercialization 7 8. “数据数据生命周期生命周期”：当检查当检查报告数据和处理后信息的完整性和准确性时应考虑何种风险报告数据和处理后信息的完整性和准确性时应考虑何种风险? The following aspects should be considered when determining risk and control measures: 在确定风险和控制措施时应考虑以下因素： Is original data (including the original data format) available for checking; 能否检查原始数据（包括原始数据的格式）； The format of the original data (electronic or paper) should be preserved, and available to the data reviewer in a manner which permits interaction with the data (e.g. search, query). This approach facilitates a risk-based review of the record, and can also reduce administrative burden for instance utilising validated audit trail exception reports instead of an onerous line-by-line review. 应保留原始数据的格式（电子数据或纸质数据），并能限制数据审查员对数据的操作（例如：检 索，查询）。此方法促进对记录进行基于风险的审查，也能减少监管压力，例如使用验证后审计 追踪“异常报告”替代繁重的逐行检查。 Are there any periods of time when data is not audit trailed; 有没有不能对数据进行审计追踪的时期； This may present opportunity for data amendment which is not subsequently visible to the data reviewer. Additional control measures should be implemented to reduce risk of undisclosed data manipulation. 这条能显示使数据审查员无法看到数据修改的机会。应采取额外的控制措施，减少隐蔽操纵数据 的风险。 Does the data reviewer have visibility and access to all data generated; 数据审查员是否有权限能看到所有产生的数据； This should include any data from failed or aborted activities, discrepant or unusual data which has been excluded from processing or the final decision-making process. Visibility of all data provides protection against selective data reporting or testing into compliance. 这应包括所有失败或中止活动的数据，被处理过程或最终制定决策过程排除掉的不一致或异常的 数据。所有数据的可视性避免选择性使用数据进行报告或“测试到合规”。 Does the data reviewer have visibility and access to all processing of data; 数据审查员是否有权限能看到所有数据的处理情况； This ensures that the final result obtained from raw data is based on good science, and that any data exclusion or changes to processing method is based on good science. Visibility of all processing information provides protection against undisclosed processing into compliance. Translated by April from CPAPE, only for study and communication, not for commercialization 8 这确保最终结果应包含基于良好科学的原始数据，以及所有基于良好科学的处理方法中排除或改 变的数据。所有处理信息的可视化能避免隐蔽的“测试到合规”。 9. Data lifecycle: What risks should be considered when data (or results) are used to make a decision? 9. “数据数据生命周期生命周期”：当使用数据（当使用数据（或或结果）结果）来来制定决策制定决策时时应考虑何种风险？应考虑何种风险？ The following aspects should be considered when determining risk and control measures: 在确定风险和控制措施时应考虑以下因素： When is the pass / fail decision taken; 何时做出通过/不通过决策； If data acceptability decisions are taken before a record (raw data or processed result) is saved to permanent memory, there may be opportunity for the user to manipulate data to provide a satisfactory result, without this change being visible in audit trail. This would not be visible to the data reviewer. 如果在永久保存记录（原始数据或处理结果）之前做出可接受数据的决策，使用者可能有机会操 纵数据以得到满意的结果，而审计追踪看不到这种变化。数据审查员看不到这个过程。 This is a particular consideration where computerised systems alert the user to an out of specification entry before the data entry process is complete (i.e. the user saves the data entry), or saves the record in temporary memory. 在完成数据处理前或记录临时保存前，计算机化系统警告使用者出现 OOS，对这种情况应特别 加以考虑。 10. Data lifecycle: What risks should be considered when retaining and retrieving data to protect it from loss or unauthorised amendment? 10. “数据“数据生命周期生命周期”：当当保留保留和和取回取回数据数据以以避免丢失或未授权修改时应考虑何种风险？避免丢失或未授权修改时应考虑何种风险？ The following aspects should be considered when determining risk and control measures: 在确定风险和控制措施时应考虑以下因素： How / where is data stored; 如何/何处存储数据； Storage of data (paper or electronic) should be at secure locations, with access limited to authorised persons. The storage location must provide adequate protection from damage due to water, fire, etc. 应把数据（纸质或电子）存放到安全的位置，并仅使得到授权的人员可获得。存储处必须提供充 足保护措施以防止水、火等破坏。 What are the measures protecting against loss or unauthorised amendment; Translated by April from CPAPE, only for study and communication, not for commercialization 9 保护数据丢失或未授权修改的措施有哪些？ Data security measures should be at least equivalent to those applied during the earlier Data lifecycle stages. Retrospective data amendment (e.g. via IT helpdesk or data base amendments) should be controlled by the pharmaceutical quality system, with appropriate segregation of duties and approval processes. 数据安全性措施至少应与数据生命周期早期应用相一致。药品质量体系应通过适当的任务隔离与 申请过程来控制可追溯性数据修复（例如，通过 IT 帮助或数据为基础的修复）。 Is data backed up in a manner permitting reconstruction of the activity; 以一定方式备份数据能否允许活动重建； Back-up arrangements should be validated to demonstrate the ability to restore data following IT system failure. In situations where metadata (including relevant operating system event logs) are stored in different file locations from raw data, the back-up process should be carefully designed to ensure that all data required to reconstruct a record is included. 应验证备份情况，以保证按照 IT 系统出问题时可修复数据。对于原始数据的元数据（包括相关 操作系统事件记录）存储在不同文件位置，应谨慎设计程序以保证所有数据可重建记录。 Similarly, true copies of paper records may be duplicated on paper, microfilm, or electronically, and stored in a separate location. 同样的，应对纸质记录的“真实副本”可在纸上，微缩胶卷或者以电子形式复制，并存储在不同 位置。 What are ownership / retrieval arrangements, particularly considering outsourced activities or data storage; 什么是所有权/恢复安排，尤其考虑外包活动或数据存储； A technical agreement should be in place which addresses the requirements of Part I Chapter 7 and Part II Section 16 of the GMP guide. 应按照 GMP 指南 Part I 第 7 章和 Part II 第 16 节要求适当考虑技术合作。 11. Data lifecycle: What risks should be considered when retiring or disposal of data in a controlled manner at the end of its life? 11. “数据生命数据生命周期周期”：当当在数据在数据生命末期生命末期以以受控方式受控方式对对数据进行停用或处置数据进行停用或处置时时应考虑什么风险？应考虑什么风险？ The following aspects should be considered when determining risk and control measures: 在确定风险和控制措施时应考虑以下因素： The data retention period 数据保存期 This will be influenced by regulatory requirements and data criticality. When considering data for a single product, there may be different data retention needs Translated by April from CPAPE, only for study and communication, not for commercialization 10 for pivotal trial data and manufacturing process / analytical validation data compared to routine commercial batch data. 这个会受到监管要求和数据重要性的影响。当考虑单个产品数据时，与常规商业批次数据相比， 关键试验数据和生产工艺/分析验证数据的数据保存需求可能不同。 How data disposal is authorized 如何授权数据处理 Any disposal of data should be approved within the quality system and be performed in accordance with a procedure to ensure compliance with the required data retention period. 对数据的任何处理都应经质量体系批准，并按照确保数据保存期要求合规性程序进行。 12. Is it required by the EU GMP to implement a specific procedure for data integrity? 12. EU GMP 是是否要求否要求为为数据完整性实施数据完整性实施明确明确的程序？的程序？ There is no requirement for a specific procedure, however it may be beneficial to provide a summary document which outlines the organisations total approach to data governance. 无特殊要求，但提供概述组织数据管理全部方法的总结文件会有利。 A compliant pharmaceutical quality system generates and assesses a significant amount of data. While all data has an overall influence on GMP compliance, different data will have different levels of impact to product quality. 一个合规的药品质量体系会产生大量的数据并对其进行评估。当所有数据对 GMP 合规产生全体 影响时，不同的数据对产品质量会产生不同水平的影响。 A quality-risk management (ICH Q9) approach to data integrity can be achieved by considering data risk and data criticality at each stage in the Data lifecycle. The effort applied to control measures should be commensurate with this data risk and criticality assessment. 可通过考虑数据生命周期各个阶段数据的风险和重要性，采取质量风险管理（ICH Q9）方法来 完成数据完整性。控制措施的程度应与数据风险和关键性评估相一致。 The approach to risk identification, mitigation, review and communication should be iterative, and integrated into the pharmaceutical quality system. This should provide senior management supervision and permit a balance between data integrity and general GMP priorities in line with the principles of ICH Q9 & Q10. 风险识别、减弱、审评和交流的方法应当迭代，并整合进药品质量体系中。这会按照 ICH Q9&Q10 要求在数据完整性和一般 GMP 优先权之间提供高层管理（参考）并达到平衡。 Translated by April from CPAPE, only for study and communication, not for commercialization 11 13. How are the data integrity expectations (ALCOA) for the pharmaceutical industry prescribed in the existing EU GMP relating to active substances and dosage forms published in Eudralex volume 4? 13. 现有现有 EU GMP Eudralex 卷卷 4 关于关于活性成分和制剂活性成分和制剂的的内容内容如何如何描述描述对制药企业对制药企业数据完整性的数据完整性的要求要求 （ALCOA）？ The main regulatory expectation for data integrity is to comply with the requirement of ALCOA principles. The table below provide for each ALCOA principle the link to EU GMP references (Part I, Part II and Annex 11): 数据完整性的主要监管要求是符合 ALCOA 原则。下表罗列了 EU GMP 参考（Part I, Part II 和附件 11）中与 ALCOA 原则相关的内容： BasicBasic RequirementsRequirements forfor MedicinalMedicinal ProductsProducts 药物制剂的基本要求药物制剂的基本要求 (Part(Part I):I): ChapterChapter 4 4 (1)(1) / / Chapter Chapter 6 6 (2)(2) BasicBasic RequirementsRequirements forfor ActiveActive SubstancesSubstances usedused asas StartingStarting MaterialsMaterials 作为起始物料的活性成分基本要求作为起始物料的活性成分基本要求 (Part(Part II)II) : : ChapterChapter 6 6 (3)(3) / / Chapter Chapter 5 5 (4)(4) AnnexAnnex 1111 ( (ComputerisedComputerised SystemSystem) ) 计算机化体系计算机化体系 A Attributable (data can be assigned to the individual performing the task) 4.20, c & f, 4.21, c & i, 4.29, e 6.14, 6.18, 6.52 2, 12.4, 15 L Legible (data can be read by eye or electronically and retained in a permanent format) 4.1, 4.2, 4.7, 4.8, 4.9, 4.10 5.43 6.11, 6.14, 6.15, 6.50 7.1, 9, 10, 17 C Contemporaneous (data is created at the time the activity is performed) 4.8 6.14 12.4, 14 O Original (data is in the same format as it was initially generated, or as a verified copy, which retains content and meaning) 4.9, 4.27, Paragraph “Record“ 6.14, 6.15, 6.16 8.2, 9 Translated by April from CPAPE, only for study and communication, not for commercialization 12 A Accurate (data is true / reflective of the activity or measurement performed) 4.1, 6.17 5.40, 5.45, 6.6 Paragraph “Principles“,5, 6, 10, 11 1Chapter 4 (Part I): Documentation 文件 2Chapter 6 (Part I): Quality Control 质量控制 3Chapter 5 (Part II): Process equipment (Computerized system)工艺设备（计算机化 系统） 4Chapter 6 (Part II): Process equipment 工艺设备 14. How should the company design and control their paper documentation system to prevent the unauthorised re-creation of GMP data? 14. 应如何应如何用计算机设计和控制用计算机设计和控制其其纸质文件体系，以避免未授权的纸质文件体系，以避免未授权的重建重建 GMP 数据？数据？ The template (blank) forms used for manual recordings may be created in an electronic system (Word, Excel, etc.). The corresponding master documents should be approved and controlled electronically or in paper versions. The following expectations should be considered for the template (blank) form: 应在电子系统（Word, Excel 等）中创建用于人工记录的模板（空白）表单。应批准并控制电 子化或纸质版的类似主文档。以下是创建模板（空白）表单应考虑的要求： have a unique reference number (including version number) and include reference to corresponding SOP number 设置独立参考编号（包括版本编号），并包括相关SOP编码的参考 should be stored in a manner which ensures appropriate version control 应以确保版本适当受控的方式进行存储 if signed electronically, should use a secure e-signature 如果有电子签名，应该使用安全的电子签名 The distribution of template records (e.g. blank forms) should be controlled. The following expectations should be considered where appropriate, based on data risk and criticality: 模板记录（例如：“空白”表格）的分发应该受控。以下是基于数据风险和重要性应考虑的相关 要求： enable traceability for issuance of the blank form by using a bound logbook with numbered pages or other appropriate system. For loose leaf template forms, the distribution date, a sequential issuing number, the number of the copies distributed, the department name where the blank forms are distributed, etc. should be known Translated by April from CPAPE, only for study and communication, not for commercialization 13 通过使用一个页面编码或其他合适体系的受约束的记录表，是空白表单的分发可追溯。对于活页 模板表格，应知道分发日期，序列分发编号，分发副本编号，空白表单分发到的部门名称等。 Distributed copies should be designed to avoid photocoping either by using a secure stamp, or by the use of paper colour code not available in the working areas or another appropriate system. 对分发的副本进行设计，避免通过使用安全戳进行复印，或在工作区域或其他适当系统使用纸质 色标进行复印。 15. What controls should be in place to ensure original electronic data is preserved? 15. 确保存储原始确保存储原始电子数据电子数据应应进行什么适当的控制？进行什么适当的控制？ Computerised systems should be designed in a way that ensures compliance with the principles of data integrity. The system design should make provisions such that original data cannot be deleted and for the retention of audit trails reflecting changes made to original data. 计算机化系统应按照确保符合数据完整性原则的方式进行设计。系统设计应预作安排，以确保不 能删除原始数据，以及保留反应原始数据变更的审计追踪情况。 16. Why is it important to review electronic data? 16. 审查电子审查电子数据为什么重要？数据为什么重要？ In the case of data generated from an electronic system, electronic data is the original record which must be reviewed and evaluated prior to making batch release decisions and other decisions relating to GMP related activities (e.g. approval of stability results, analytical method validation etc.). In the event that the review is based solely on printouts there is potential for records to be excluded from the review process which may contain un-investigated out of specification data or other data anomalies. The review of the raw electronic data should mitigate risk and enable detection of data deletion, amendment, duplication, reusing and fabrication which are common data integrity failures. 对于数据产生于电子系统的情况，电子数据是原始数据，必须经过审批，并且在做出批次放行决 策或其他 GMP 相关活动（例如：稳定性结果审批，分析方法验证等）的决策之前进行评估。当 仅基于打印件进行审查时，审查过程可能排除记录（可能包括未经调查的 OOS 数据或其他数据 异常）。原始电子数据的审查应减弱风险，并确保检测出数据删除、修改、复制、再利用和制 造，以上是常见的数据完整性问题。 Example of an inspection citing: 检查引用的例子： Raw data for HPLC/GC runs which had been invalidated was stored separately to the QC raw data packages and had not been included in the review process. 已无效的 HPLC/GC 运行的原始数据单独存储在 QC 原始数据文件包中，并未对其进行审查。 In the above situation, the procedure for review of chromatographic data packages did not require a review of the electronic raw data or a review of relevant audit Translated by April from CPAPE, only for study and communication, not for commercialization 14 trails associated with the analyses. This lead to the exclusion of records from the review process and to lack of visibility of changes made during the processing and reporting of the data. The company was unable to provide any explanation for the data which had been invalidated. 对以上情况，色谱数据包的审查程序未要求对电子原始数据进行审查，或未对与分析相关的审计 追踪进行审查。这会导致记录从审查过程中排除，并且在数据处理和报告过程中缺乏变更的可视 性。企业不能提供关于宣告无效的数据的任何解释。 17. Is a risk-based review of electronic data acceptable? 17. 对对电子数据基于风险的审查是否可行？电子数据基于风险的审查是否可行？ Yes. The principles of quality risk management may be applied during the review of electro