Have you validated your lab computer systems?

computer system validation

The security of your laboratory’s data plays a major role in the safety of your product, and thus laboratory computer system validation is an important FDA regulation.

According to the Code of Federal Regulations (21 CFR 11.10 Electronic Records), persons who use systems to create, modify, maintain, or transmit electronic records shall employ procedures and controls designed to ensure the authenticity, integrity, and, when appropriate, the confidentiality of electronic records, and to ensure that the signer cannot readily repudiate the signed record as not genuine. Such procedures and controls shall include:

  1. Validation of system
  2. Accurate and complete records
  3. Protection of record
  4. Limiting system access
  5. Audit trails to record actions that create, modify or delete records, etc.

A company recently received the following observation:

….. Appropriate controls are not exercised over computers or related systems to assure that changes in master production and control records or other records are instituted only by authorized personnel. Electronic records are used, but they do not meet requirements to ensure that they are trustworthy, reliable and generally equivalent to paper records.

Specifically, laboratory computer systems have not been properly validated to restrict access to appropriate personnel. The …. software was not validated and there was no manufacturer qualification record for the GC software. The GC was used to perform all testing associated with …. products. Users performing analysis had administrative privileges on the GC and could create, destroy, modify test results. The acquisition and quantification of data is not attributable to specific users as the user login for this system were not activated until 3 weeks ago. Additionally, audit trails in … software on the GC were turned not on until approximately 3 weeks ago as well.

For more information on implementing computer system validation, as well as other controls for electronic systems, refer to the FDA Guidance Document, Guidance for Industry: Part 11, Electronic Records; Electronic Signatures – Scope and Application August 2003.

To view more observations pertaining to data integrity, refer to the following GMP Trends® Issues: 1090, 1085, and 1080

Stay in Compliance! Subscribe today!

Become A Subscriber And Stay Ahead of the FDA

To get the most out of GMP Trends®, sign up to one of our subscription packages for valuable, up-to-date information you won't find anywhere else! Every subscription provides the most frequently cited FDA 483 observations taken from recent FDA Inspections. The non-essential information is redacted to streamline the facts in an easily readable format. Join the thousands of professionals who rely on GMP Trends® to keep them informed of the latest FDA Enforcement Trends!