building business processes that optimize accurate and reliable data · 2015-10-03 · building...
Post on 07-Jul-2020
1 Views
Preview:
TRANSCRIPT
Building Business Processes that
Optimize Accurate and Reliable Data
2nd FDA/PQRI Conference on
Advancing Product Quality
5-7 October 2015
N. Bethesda, MD, US
Presentation by:
Monica J. Cahilly, M.S.
Green Mountain Quality Assurance, LLC
mcahilly@GMQA.net
2
Copyright of slide materials marked with the symbol (c) 2007-2015 GMQA LLC
is held by Green Mountain Quality Assurance LLC. Use of copyright materials
is restricted and these materials shall not be reproduced or distributed to anyone
not attending the training workshop without contractual licensing of the
materials or other express written permission of Green Mountain Quality
Assurance LLC.
(c) 2007-2015 GMQA LLC
OUTLINE
• What is “Data Integrity”?
• Good Documentation Practices
• Data Life Cycle
• Quality Management Systems
• Management Governance
• Data Integrity in a Global Context
• Q&A
(c) 2007-2015 GMQA LLC 3
(c) 2007-2015 GMQA LLC 4
External
Environment:
Economic, Societal,
Political, Legal, etc.
Internal Environment:
Quality Management
System ,
Management Culture
& Governance
Data Life Cycle
Good
Documentation
Practices
Data Integrity—A Growing
Concern
• Data Integrity (IEEE)* = “The degree to which a collection of data is complete, consistent, and accurate.”
* FDA Glossary of Computer Systems Software Development
Terminology (8/95)
FDA.gov 5
Data Integrity—A Growing
Concern
• Data Integrity (MHRA)* = The extent to
which all data are complete, consistent and
accurate throughout the data lifecycle.
– Data integrity arrangements must ensure that
the accuracy, completeness, content and
meaning of data is retained throughout the
data lifecycle.
*MHRA Data Integrity Definitions and Guidance March 2015
GOV.UK 6
What assures Data Integrity?
• Data Integrity (IEEE)* = “The degree to
which a collection of data is complete,
consistent, and accurate.”
– Good Documentation Practices are followed
– Content of Data is trustworthy and reliable,
i.e., the data is ‘valid’
• Achieved through: process validation and control,
data review practices, etc.
(c) 2007-2015 GMQA LLC 7
Creation & Processing of Data
• Good Documentation Practices
– A = Attributable
– L = Legible
– C = Contemporaneous
– O = Original
• or Certified Copy of Original
– A = Accurate
(c) 2007-2015 GMQA LLC 8
Good Documentation Practices
• Legible• Contemporaneous• Permanent
– Ink, preferably black– No pencil or white out
• Attributable• Traceable• Date Stamped• Changes with single line cross-out to retain original
entry, reason, initials, date• Accurate
(c) 2007-2015 GMQA LLC 9
21 CFR Part 11 = Good Documentation Practices for Electronic Data
• Legible• Contemporaneous• Permanent
– Ink, preferably black– No pencil or white out
• Attributable• Traceable• Time/Date Stamped• Changes with single line cross-out to retain original
entry, reason, initials, time/date• Accurate
(c) 2007-2015 GMQA LLC 10
Audit Trails
Time-date stamps
Metadata, Corroborating Paper Records, etc.
Log-on (e.g., User ID / password), E-Sigs
Annotation tools
Time-date stamps, late entry notation
Enforce saving of processing
Validation
No over-writing, Enforce saving of steps
The Paradigm Shift• How do we think about “data” and how do we
design our business processes?
• How do we validate systems that generate source
data with direct impact on patient safety, product
quality, application integrity…?
• How do we manage risks across the entire DLC?
(c) 2007-2015 GMQA LLC 11
(c) 2007-2015 GMQA LLC 12
External
Environment:
Economic, Societal,
Political, Legal, etc.
Internal Environment:
Quality Management
System ,
Management Culture
& Governance
Data Life Cycle
Good
Documentation
Practices
Data Life CycleIn the Broader Context of QbD / Pharma Product Life Cycle
• Do I have all my data?
– Design of data collection: protocol, process, method
– Data Life Cycle controls for data + metadata
• Has my data been objectively processed?
– Controls to Prevent & Detect Testing Toward Outcome
• Am I reviewing all my data?
– Printouts versus Source Electronic Records
– Review of Audit Trails
• Am I reporting all my data?
– Controls to Prevent & Detect Selective Reporting
(c) 2007-2015 GMQA LLC 13
Data Life Cycle
(c) 2007-2015 GMQA LLC 14
•Source eData
•Re-processing events
•Failures
•Objective Reporting
•Transparency in Failures
•Tracking & Trending Failures
•Objective Processing
•Handling Failures
•Design of Data Collection
•Transfers of Data + Metadata
Data Collection
Data Processing
Data Review
Data Reporting
What is the relevance of
Data Integrity?
Impact on:
• Patient Safety
• Product Quality
(c) 2007-2015 GMQA LLC 15
Risk Management
Methodology
• Risk Management Programs—ICH Q9
– Risk Assessment
– Risk Mitigation and Control
– Risk Communication
– Risk Review
Risk Management
Risk Assessment
Risk Mitigation
and Control
Risk Communi-
cation
Risk Review
16(c) 2007-2015 GMQA LLC
Create Data
Process Data
Review Data
Report Data
Create Data
Transfer Data
Store Data
Retrieve Data
Data Life Cycle =
Business Process + Data Flow
(c) 2007-2015 GMQA LLC 17
Create Data
Process Data
Review Data
Report Data
Create Data
Transfer Data
Store Data
Retrieve Data
Data Life Cycle =
Business Process + Data Flow
(c) 2007-2015 GMQA LLC 18
Data Life Cycle Risk Analysis
(c) 2007-2015 GMQA LLC 19
Instrument Data
Excel LIMS
23
27
18
Create Data
Process Data
Review Data
Report Data
Create Data
Transfer Data
Store Data
Retrieve Data
Data Life Cycle =
Business Process + Data Flow
(c) 2007-2015 GMQA LLC 20
We Consider Printouts to be the
“Raw Data” / the “Official Record”
Confidential and Proprietary to
GMQA LLC 21
Risk-Based Approach to
SLC and DLC
• “Critical” Thinking Skills for Data Reviewer
– What are the reviewer’s “blind spots”?
– Only looking at what you EXPECT to see?
– Or asking, WHAT COULD HAVE GONE WRONG?
Confidential and Proprietary to GMQA
LLC 22
Risk-Based Approach to
SLC and DLC
• “Critical” Thinking Skills for Data Reviewer
– What about ERROR PATTERNS?
• Frequency
• Pattern
• Determinate or Indeterminate
• Failure Effect
• Impact
Confidential and Proprietary to GMQA
LLC 23
Create Data
Process Data
Review Data
Report Data
Create Data
Transfer Data
Store Data
Retrieve Data
Data Life Cycle =
Business Process + Data Flow
Confidential and Proprietary to
GMQA LLC 24
Preserving Relationships between
Data + Data Attributes (‘Metadata’)
throughout Data Life Cycle
6.5
What?
When?
Why?
Who?
Confidential and Proprietary to
GMQA LLC 25
Risk Management of
Data Transfer and Storage
Instrument Data
File ShareStorage System
M A
Confidential and Proprietary to
GMQA LLC 26
Framework for Optimizing
Data Life Cycle• Subjective vs Objective Control
• Complex vs Simple
• Manual vs Automated
• Open-ended vs Well-defined
• Inconsistent vs Consistent
Confidential and Proprietary to GMQA
LLC 27
What is Goal of
Data Process Mapping?
• Process Understanding.
• Knowledge Management.
• Quality Risk Management.
• Business Process Improvements:
– Efficiencies, Effectiveness, Cost Reductions
Confidential and Proprietary to GMQA
LLC 28
Deming: “Quality costs less not more.”
Population of GxP Data:
Meaningful Decision-Making
Confidential and Proprietary to
GMQA LLC 29
(c) 2007-2015 GMQA LLC 30
External
Environment:
Economic, Societal,
Political, Legal, etc.
Internal Environment:
Quality Management
System ,
Management Culture
& Governance
Data Life Cycle
Good
Documentation
Practices
Quality Management Systems
Key to Data Integrity
• Training Program
• Risk Assessment & Management
• Validation (Computer, Method, Process)
• Data Life Cycle
• Investigations Program
• Data Review Program
– Critical Thinking Skills
(c) 2007-2015 GMQA LLC 31
Quality Management Systems
Key to Data Integrity
• Quality Audits & Inspections
• Vendor/Contractor Management
– Agreements
– Monitoring
• Management Culture & Controls
– Transparency & Accountability
– Tracking and Trending
– Risk Profiling
(c) 2007-2015 GMQA LLC 32
Creating a Management Culture to
Assure Data Integrity• Transparency
• Accountability
• Lead by Example
• Staying Continuously & Actively Involved
• Process Ownership / Personal Responsibility
• Set Realistic Expectations
• Fair and Just Consequences & Rewards
• Collaboration and Team Camaraderie
• Staying “Current” with the “C” in CGxPs
(c) 2007-2015 GMQA LLC 33
Global Community for Healthcare:
Medicines for All
• Safe
• Effective
• Quality
• Affordable
• Accessible
• Ethically Produced
34
Summary:
Data Integrity Compliance Goals• Accuracy, reliable design, consistent intended
performance of record systems, both paper document systems and computerized systems
• Data Controls (both paper and electronic) to ensure authenticity, integrity, confidentiality, readily retrievable, accuracy, consistency, completeness throughout Data Life Cycle
• Signature Controls (both hand-written and electronic) to ensure legally-binding
• Quality Systems and Management Governance in place to assure data integrity
Confidential and Proprietary to GMQA
LLC 35
Questions / Comments
(c) 2007-2015 GMQA LLC 36
Monica J. Cahilly, M.S.
Green Mountain Quality Assurance, LLC
mcahilly@GMQA.net
www.greenmountainQA.com
top related