Maintain data integrity in computerized systems
In this article, we review tools and practical recommendations focused on maintaining data integrity in computerized systems
The integrity of data in computerized systems goes beyond compliance with regulations. It is about protecting products for human use and ensuring the investigations carried out.
Ensuring data integrity in computerized systems requires reliable methods and practices that involve the devices, the software, the infrastructure, the processes, the operating procedures, the admin users and the end-users. All of them must be aligned to ensure that the data is complete, consistent, accurate and following the guidelines of the ALCOA rule.
How to guarantee the integrity of data in computerized systems?
To ensure the integrity of data in computerized systems we can make use of effective management tools and recommendations:
Validation based on risk
Validate systems compliant with GxP ensuring that the protocols and operation of the computerized systems address the quality and robustness of the data. Verifying the operation in the management of system processes, the security in the processing of information, the management of end-users and those who administer the system, the management applied by external suppliers and the security of the IT infrastructure (servers, networks, communications, etc.).
We must take into account the life cycle of the data, from how it is obtained, used and stored. Controlling its use, data collection, all electronic data storage locations, printed documents and PDF reports. And ensuring that the quality management system defines the roles and responsibilities in validating the system.
Finally, there must be a validation plan that contemplates the objectives, tasks and acceptance criteria and the participating personnel.
Audit Trail Review
An audit trail must be a record of management of all critical data in a system, impossible to erase. To be useful and compliant with GxP, and audit trail must answer four questions: Who? What? When? And Why?
The next step will be to define the relevant data for GxP and ensure that they are included in an audit trail. It is also necessary to assign roles and a testing program to test the functionality of the audit trail. The depth of the audit trail revision should be proportional to the complexity of the system and its intended use.
Also, it is necessary to understand the scope of the audit trail: records of events, historical files, queries to databases, reports or other mechanisms that show events related to the systems, electronic records or raw data contained in the registry.
Plan for business continuity
There must be a plan that ensures business continuity in the event of a disaster. The plan should indicate how quickly the functions of the computerized systems can be restored, as well as the likely impact of any data loss.
The IT infrastructure must incorporate an uninterrupted power source in power outages, such as batteries or the option to switch to an alternative power source when necessary.
Select suitable systems and service providers
It is important to check that the suppliers also work following the relevant regulations and that the system complies with the purposes pursued, obtaining proof of the effectiveness of the software according to the use for which it is to be applied, for example.
It is important to know the organizational culture of the providers and their maturity concerning data management. Ask what resources they offer to guarantee the integrity of data in computerized systems and, if possible, audit those resources.
Software updates, improvements or changes in the standards operation of the system should be requested, evaluated and executed in a secure manner, as determined by the regulations. It is key to collaborate with suppliers to keep them informed about regulatory changes and to update the quality systems that will be required.
IT quality and systems validation
Of course, computerized systems require a fully qualified IT environment, following GxP regulations and requirements.
Prepare a backup copy and save the electronic data in a pre-established program and a secure location, including the audit trails. Verify, also, the recovery of all data. Electronic files must be validated, secured and maintained in a state of control during the entire life cycle of the data.
More than 10 years of experience support the work of our team, supporting the momentum of companies in the pharmaceutical, food, healthcare and cosmetics sectors. We develop and implement validation strategies for computerized systems and the assurance of data integrity.
You can contact us by phone at +34 902 995 129 or through our contact form.