This project has been funded in whole or in part with Federal funds from the Division of AIDS (DAIDS), National Institute of Allergy and Infectious Diseases, National Institutes of Health, Department of Health and Human Services, under contract No. HHSN272201200009C, entitled NIAID HIV and Other Infectious Diseases Clinical Research Support Services (CRSS).

Laboratory Information Systems

Version 5.0, August 2012

Define a Laboratory Information System (LIS) and describe its purpose

Describe validation processes and what they accomplish List processes to ensure secure LIS access Describe requirements for altered records in an LIS Describe LIS emergency preparedness processes Describe the purpose of an audit trail

Objectives

2

A LIS performs or assists with the following laboratory functions:

A. Report generationB. Documentation of safety incidentsC. Test orderingD. A and CE. A and B

Pre-Assessment Question #1

3

Which statement(s) below is⁄are true regarding LIS validation?

A. If the system is purchased, validation is not requiredB. Validation is necessary for implementation of all

laboratory information systemsC. Re-validation is required for upgrades and changes to

the systemsD. B and C

Pre-Assessment Question #2

4

Policies and procedures regarding use of the LIS should address the following:

A. All members of the laboratory team should have the same level of access within the LIS to ensure proper coverage during holidays and time off

B. Passwords should be real words as they are easier to remember

C. Passwords should require renewal periodically

Pre-Assessment Question #3

5

Which of the following are requirements for altered records in an LIS?

A. For revised reports, the laboratory is required to only include corrected results

B. Maintain a documented system to ensure that all revised reports are identified as revised, corrected, or amended on the laboratory reports

C. None of the above

Pre-Assessment Question #4

6

Emergency preparedness requires processes to be in place for:

A. Continuity of operationsB. Recovery of current dataC. Retrieval of archived dataD. All of the above

Pre-Assessment Question #5

7

Audit trails should capture the following information:

A. Time/date stamps of all data entry/manipulationB. Individual performing taskC. Sequential edits performed on information D. All of the above

Pre-Assessment Question #6

8

Topics of Discussion

Policies/Security/Access Codes Auto-Verification

Procedures/Procedure Manuals Validation

Data Entry/Reports Data Retrieval/Storage

Hardware and Software Regulations

Systems Maintenance Environment

9

What is a LIS?

What is its purpose?

How do you use your LIS?

Laboratory Information Systems

10

Validation

Documentation

Prior to implementation Changes to “dictionaries” Upgrades, overlays, software/programming changes

Frequency

11

Validation (cont’d)

Process

Calculations Interfaces ReferenceRanges Reports

AbsurdAbnormalNormalAges,Genders

12

Maintain a documented system to ensure that all revised reports are identified as revised, corrected, or amended.

For revised reports, the laboratory must ensure both previously incorrect and new results are reported together.

LIS – Altered Records

13

Electronic Records

Original reference ranges Flags or comments Date of original report Equipment or method used to produce results

Must be able to print complete copies of participant records

Retrieval time allowances

14

Audit Trails

Information that must be associatedwith activities performed:

Date

Time

Individual performing

task

Sequentialedits

performed on information

15

When revised reports are issued, should the laboratory ensure that both the new result and the previous incorrect result are reported together?

A. Yes

B. No

Skill Check

16

Protection of Electronic Records

17

Elements of LIS SOPs

Emergency procedures

End-user operation of LIS

Preservation of data and equipment

Reporting archived data during downtime

System maintenance and documentation

18

Unexpected destructive event (e.g., fire, flood)

Hardware failure

Software failure

The laboratory should maintain the following procedures for the preservation of data and equipment in case of:

Protection of Electronic Records:Written Procedures

19

Protocols for periodic backing up and storing of

information

More LIS Procedures

Protocols/procedures for restoring information from

backed up media

Procedures for off-sitestorage of backup data

Protection of Electronic Records: Written Procedures (cont’d)

20

Protection of Electronic Records: Backup

How often should you backup?

Archival of backup materials Organization and

duplication

21

Stored study participant results data and archival information must be easily and readily retrievable.

The LIS must be able to reproduce archived test results completely, including the reference range originally given for that test, and any flags, footnotes, or interpretive comments that were attached to that result at the time of the original report.

Protection of Electronic Records: Data Retrieval and Storage

22

When multiple identical analyzers are used for reporting study participant test results, there should be the ability to trace results back to the original instrument on which the test was performed.

The data storage capacity of the LIS should be sufficient to meet the needs of the sponsor.

Protection of Electronic Records: Data Retrieval and Storage (cont’d)

23

Data storage media, such as tapes, disks, etc., must be properly labeled, stored, and protected from damage or unauthorized use.

Documented procedures must allow for timely restoration of services utilizing the data storage media after an unexpected destructive event.

Protection of Electronic Records: Data Retrieval and Storage (cont’d)

24

Protection of Electronic Records: System Maintenance

There must be documented procedures for handling the shutdown and restarting of the LIS to ensure integrity of the data and uninterrupted delivery of laboratory services.

25

Protection of Electronic Records: System Maintenance (cont’d)

All unscheduled computer downtime periods and other computer problems must be documented, including the reasons for failure and corrective actions taken.

26

Documented contingency plans must be developed to handle services in the event of a computer system failure such that study participant results are reported promptly.

Records must be maintained to document regular maintenance of the LIS.

Protection of Electronic Records: System Maintenance (cont’d)

27

A documented procedure and a complete, up-to-date record of preventive maintenance must be readily available for all computer hardware.

There must be active review of computer system maintenance records by the laboratory manager or designee.

Protection of Electronic Records: Hardware and Software

28

Protection of Electronic Records: Hardware and Software (cont’d)

Errors detected during computer system usage or backup must be documented along with corrective action taken.

29

21 CFR Part 11

Sec. 11.10 (d)

Access to the LIS must be limited to

authorized individuals

30

Policies must be established stating who may use the computer system.

System Access and Security

Access study participant data

Enter study participant results

Change results

Alter computer programs

Access levels should identify who is authorized to:

Report results

31

System Access and Security (cont’d)

Security (user) codes should be established such that only specifically authorized individuals may access study participant data or alter programs.

32

Access codes and passwords should be used in such a manner that they are able to effectively control access to the system:

Access Codes

Do not post on terminals

Include numbers, not real words

Inactivate when employees leave

Do not give to other personnel

33

The LIS must provide secure, computer generated time stamped audit trails that record date and time of operator entries and actions that:

Audit Trails

Create Modify Delete

34

Audit Trails (cont’d)

The LIS should maintain an audit trail ofall activities

Identification of all personnel responsible for performance and verification of tests should be

available on the system

Time/date stamps of all data entry/manipulation

35

There must be an audit mechanism that allows the laboratory to identify all individuals who have modified study participant data, results, control files, or computer programs.

Audit Trails (cont’d)

36

Training of Personnel

There should be documentation that all appropriate users of the computer system have received adequate training initially and whenever the computer system is modified.

37

Timeline for Implementation Review of Available Systems/Selection

Acquisition

Training: System Admin and Key User(s)

Installation of Hardware, Server, Uploading of Software

Configuration/Database Creations

End-user Training Testing

Announcements

GO LIVE!

UAT, OQ, IQ

UAT, OQ, IQ

Does anyone have a laboratory system implementation experience they would like to share?

Story Time!

39

A LIS performs or assists with the following laboratory functions:

A. Report generationB. Documentation of safety incidentsC. Test orderingD. A and CE. A and B

Post-Assessment Question #1

40

Which statement(s) below is⁄are true regarding LIS validation?

A. If the system is purchased, validation is not requiredB. Validation is necessary for implementation of all

laboratory information systemsC. Re-validation is required for upgrades and changes to

the systemsD. B and C

Post-Assessment Question #2

41

Policies and procedures regarding use of the LIS should address the following:

A. All members of the laboratory team should have the same level of access within the LIS to ensure proper coverage during holidays and time off

B. Passwords should be real words as they are easier to remember

C. Passwords should require renewal periodically

Post-Assessment Question #3

42

Which of the following are requirements for altered records in an LIS?

A. For revised reports, the laboratory is required to only include corrected results

B. Maintain a documented system to ensure that all revised reports are identified as revised, corrected, or amended on the laboratory reports

C. None of the above

Post-Assessment Question #4

43

Emergency preparedness requires processes to be in place for:

A. Continuity of operationsB. Recovery of current dataC. Retrieval of archived dataD. All of the above

Post-Assessment Question #5

44

Audit trails should capture the following information:

A. Time/date stamps of all data entry/manipulationB. Individual performing taskC. Sequential edits performed on information D. All of the above

Post-Assessment Question #6

45

Guidance for Industry: Part 11, Electronic Records; Electronic Signatures – Scope and Application (August 2003). (www.fda.gov)

LIS Fundamentals (www.cap.org)

A Validation Approach for Laboratory Information Management Systems. (http://www.gxpandjvt.com/ivtnews/pdf/Nov03.pdf)

References

46

Wrap Up

47