Data Integrity for Manufacturing Records
Followers of FDA warning letters and Form 483s will have noticed that over the last 12 – 18 months, there have been increasing mention of data integrity issues around manufacturing data, often as a result of outdated equipment and practices, such as:
- No backup of data from the SCADA system
- No logs of alarm messages for in-process excursions for critical manufacturing operations
- No tracking or trending of process alarms
- Personnel were able to, and did, change process limits to values outside those specified in the batch recipe
- Standalone manufacturing equipment not equipped with HMI / PLC / SCADA and lacking audit trails
Initial focus for data integrity may have been on laboratory data (who can forget all those analytical results issues?) but the findings above, coupled with the dire headlines in 2018 around carcinogens in blockbuster hypertension medications as a result of uncontrolled process changes, really bring the importance of data integrity in the manufacturing realm into the spotlight.
My early career was spent designing, building, commissioning and validating terminal filtration systems used in aseptic processing. When I got involved in the initial planning for the ISPE GAMP® Data Integrity for Manufacturing Records guide, I was very concerned that my knowledge was outdated. After two years working on the guide, supporting a team of current Subject Matter Experts who so generously gave their time and expertise to produce this guide, I can honestly say that it is the manufacturing systems themselves that are often outdated as they have changed little in the intervening years.
The PIC/S Data Integrity Guidance (PI 041-1 Draft 3 November 2018) talks about the importance of critical thinking, but maybe in manufacturing we need to start with the more basic paradigm of “joined-up thinking”. A manufacturing process will consist of many process control systems, each controlling a discrete step in the process – weighing, mixing, filtering, filling, packaging, cleaning etc. – and often made by different vendors using different PLCs and coding languages.
In general, industry has a robust level of expertise in the importance of commissioning, qualification and validation of both Process Control Systems and Manufacturing Execution Systems. Data integrity issues have arisen from a failure to understand that all too often it is the transfer of data between systems through the manufacturing process that create risks to the data and the associated metadata needed to preserve the GMP content and meaning.
Most companies will consider how the data is protected in each system but data integrity requires that we define, risk-assess, and protect the data as it flows throughout the entire data lifecycle from the initial creation of raw material identification at Goods In through to the measurement, recording and reporting of all of the Critical Process Parameters and Critical Quality Attributes, and culminating in the detailed review of the collated Batch Release data and Exception Reports from the whole manufacturing process, and the long term retention of such data.
The enormous strength of the ISPE GAMP® Data Integrity for Manufacturing Records guide is that it takes the reader through a logical pathway to define all of the data flows through the manufacturing process, to understand where the integrity of the data is at risk including understanding what’s special about the different types of data involved, and to address those risks in the practical, pragmatic manner that has been the trademark of all of the GAMP guides over the years.