3 Steps to Evaluate ALCOA Data Integrity in Electronic Records.

How to Evaluate Alcoa Data integrity in Electronic Records

 

In this article, you will learn the instructions to evaluate ALCOA Data Integrity in Electronic Records.

The following three (3) steps are part of the GAP Assessment necessary to evaluate the compliance of your electronic records and forms against FDA Data Integrity (ALCOA) requirements.

  1. Request and confirm that all company electronic records and forms pertaining to the batch records, etc. are available and contain the critical requirements specified in the governing procedures and FDA ALCOA Guidance for Data Integrity.
  2. Evaluate each electronic record, form, and identify any gap.
  3. Document the necessary actions to address the identified gaps against the requirements of the ALCOA and FDA guideline requirement of data integrity as described in the following table:
Evaluation of Data Integrity ALCOA in Electronic Records

CHARACTERISTICS, ATTRIBUTES, AND CRITERIA

Security

S1: Unique, personal accounts with individual usernames and passwords.

S2: At least 3 user groups are in place (Admin, Supervisor, User) with proper segregation of duties.

S3: Password features set according to relevant SOP (complexity, expiry, login attempts, idle session)

S4: List of authorized users available.

Integrity

I1: Automatic, daily Backup is in-place

I2: Database and data folders protected from alteration/deletion

I3: Autosave function in place

I4: Generation of true copies is possible

Traceability

T1: Audit Trail is:

–  enabled at User, Security, and System levels

–   complete (Who, When What and Reason for a change)

–   safe from alteration

T2: Versioning is available and Overwrite is disabled

T3: Clock is protected

T4: Audit trail is reviewed

Electronic Signature

ES1: Uniqueness of identification of username and passwords.

ES2: Link between an electronic signature and the electronic record must exist

ES3: Manifestation of the Electronic signature is available.

 

How to Evaluate Electronic Records Against ALCOA
Characteristics to Evaluate in Electronic Records to be in compliance with ALCOA

SECURITY

Exercise appropriate controls to assure that changes to computerized, other records, or input of laboratory data into computerized records, can be made only by authorized personnel (§ 211.68(b)).

The system administrator role, including any rights to alter files and settings, it will be assigned to personnel independent from those responsible for the record content. To assist in controlling access, assign usernames, passwords, and maintain a list of authorized individuals and their access privileges for each CGMP computer system in use.

Implement documentation controls that ensure actions are attributable to a specific individual. Make sure that login credentials are unique and individual to each user.

INTEGRITY

BACK-UP – A true copy of the original data that is maintained securely throughout the records retention period (for example, § 211.180). The backup file should contain the data (which includes associated metadata) and should be in the original format or in a format compatible with the original format.  A backup is not the copies that may be created during normal computer use and temporarily maintained for disaster recovery (e.g., in case of a computer crash or other interruption). Such temporary backup copies would not satisfy the requirement in § 211.68(b) to maintain a backup file of data.

it is not acceptable to store data electronically in temporary memory, in a manner that allows for manipulation, before creating a permanent record. Electronic data that are automatically saved into temporary memory do not meet CGMP documentation or retention requirements.

Computer systems (including Laboratory Information Management System (LIMS) or an Electronic Batch Record (EBR) system) shall be configured to automatically save after each separate entry.

TRACEABILITY

AUDIT TRAIL – The audit trail must bring a secure, computer-generated, time-stamped electronic record that allows for the reconstruction of the course of events relating to the creation, modification, or deletion of an electronic record. An audit trail is a chronology of the “who, what, when, and why” of a record. Electronic audit trails include those that track creation, modification, or deletion of data (such as processing parameters and results) and those that track actions at the record or system level (such as attempts to access the system or rename or delete a file).

AUDIT TRAIL REVIEW – Audit trails that capture changes to critical data must be reviewed with each record and before final approval of the record. Audit trails subject to regular review should include, but are not limited to, the following:

  • change history of finished product test results,
  • changes to sample run sequences,
  • changes to sample identification, and
  • changes to critical process parameters.
  • ensuring that changes to records do not obscure previous entries.

Audit trails are considered part of the associated records. Personnel responsible for record review under CGMP should review the audit trails that capture changes to critical data associated with the record as they review the rest of the record. Control records, which include audit trails, must be reviewed and approved by the quality unit (§ 211.192). This is similar to the expectation that cross-outs on paper be assessed when reviewing data.

ELECTRONIC SIGNATURE

Electronic signatures must contain appropriate controls to be used instead of handwritten signatures or initials in any cGMP required record. The intent of the electronic signature requirement is to be able to clearly identify the individual responsible for signing the record. The electronic signature must have the appropriate controls to securely link the signature with the associated record. Moreover, electronic signatures are considered the legally binding equivalent of handwritten signatures.  Document the controls used to ensure that they are able to identify the specific person who signed the records electronically.

Compare the electronic record against the ALCOA requirement for data integrity and good documentation practices used to manage GxP information. Document the results in the following Table.

  • Determine if the electronic records are aligned and meet the requirements of the manual forms.
  • In case you don’t have a manual form, and it is using an electronic form only, then make the remark.
  • The results of the gap analysis shall be reviewed and containment actions documented and completed.

Describes the Results of the Gap Assessment for GxP electronic records.

Data Integrity ALCOA in Electronic Records

Important: This approach is a GAP Assessment used by regulated industries to evaluate its compliance with data integrity and is essential to ensuring Document Control Management (DCM) and Good Documentation Practices (GDPs).

ELECTRONIC RECORD EVALUATION CHARACTERISTICS, ATTRIBUTES, AND CRITERIA (Pass/Fails)? Meet ALCOA Criteria? If No, describe the issue(s) and remediation action(s)
# RECORD ID RECORD TITLE Security Integrity Traceability Electronic Signatures
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19

brought to you by CIQA logo

CIQA is a quality and regulatory consultant with 25 years of experience developing products and managing projects in the medical device supply chain, and pharmaceutical industries. His experience includes research, product development, operations management, manufacturing engineering, equipment design, regulatory affairs, and quality assurance. Specific questions about Document Control Management DCM or quality system training can be directed to CIQA at ramon.cayuela@ciqa.net.

A Document Control Management DCM procedure template is available from the CIQA Store.

TO PURCHASE A TEMPLATES PROCEDURE, click here.

CONTACT US IF NEED HELP TO MAKE OR EVALUATE DATA INTEGRITY ALCOA IN ELECTRONIC RECORDS?

Need Training, Help, or Support to Evaluate Data Integrity ALCOA in Electronic Records? 

SUBSCRIBE AND FOLLOW US TO LEARN MORE.

For more details on specific FDA expectations, follow us.

Quality procedures templates

Three (3) Options to Create Document Control Management DCM Procedures:

Bronze Option. You Can Create Your Own Quality Procedures, using a Template.

You can download samples of the Document Control Management DCM procedure templates in .pdf format. 

To see the complete list of the most popular quality procedures templates, click here.

In addition, you can request a quotation to buy online a full SOP template document in MS Word format that is completely editable, ready to fill, and adapt to your specific needs.

Silver Option. We Can Bring You a Formal Training on how to evaluate Data Integrity ALCOA in Electronic Records.

This option is recommended if you want to learn more about how to build robust quality system procedures. One of our expert(s) can provide online step-by-step training to your team (unlimited assistance) on how to build reliable SOPs using our template(s). Also, you can improve your corporate quality procedures and policies by incorporating our template(s) and tools.  It includes a fully editable template from the Bronze option, plus training, exams, and a training certificate for each assistant.  Request a quote now.

Gold Option. We Can Create Customized Quality Procedures.

One of our expert(s) will create and prepare your customized SOPs with the inputs and specific information of your company. It includes a fully editable template from the Bronze option, plus online support in document creation, implementation, and training. Request a quote online.

GET IN COMPLIANCE TODAY, CONTACT US (Hablamos Español)

REFERENCES:

For more information about how to evaluate Data Integrity ALCOA in Electronic Records, refer to:

https://www.fda.gov/regulatory-information/search-fda-guidance-documents/part-11-electronic-records-electronic-signatures-scope-and-application

https://www.fda.gov/media/118202/download

https://www.accessdata.fda.gov/scripts/cdrh/cfdocs/cfcfr/CFRSearch.cfm?fr=820.40

QS Regulation and Guidance • Quality System Regulation and Preamble

www.accessdata.fda.gov/scripts/cdrh/cfdocs/cfcfr/CFRSearch.cfm?CFRPart=820&showFR=1

www.fda.gov/MedicalDevices/DeviceRegulationandGuidance/PostmarketRequirements/QualitySystemsRegulations/ucm230127.htm

Inspection Guide – Pages 8, 15, 21, 22 and 23

https://www.fda.gov/ICECI/Inspections/InspectionGuides/ucm074899.htm

Guide to Inspections of Quality Systems [Quality System Inspection Technique (QSIT)]

www.fda.gov/iceci/inspections/inspectionguides/ucm074883.htm

Ramon Cayuela, MS, BS, Chemical Engineering

Ramon Cayuela, MS, BS, Chemical Engineering

CIQA President and CEO.
I've been working in validation engineering since 1992 with many multinational pharmaceutical companies. I love sharing my passion and knowledge with others. If you have any questions about anything (or just have general questions). I will be more than happy to assist you. You can count on the BEST customer service on CIQA. I go to great lengths to make sure my clients are 100% satisfied with their purchases and check emails/messages consistently throughout the day. You can rest assured that everything being sold here is as-described or your money back. I look forward to working with you!

Related Articles

Subscribe to get validation
news and free tips by email.

Need Additional Help?

Request for Quotation