A company recently received this 483 observation:
….. Appropriate controls are not exercised over computers or related systems to assure that changes in master production and control records or other records are instituted only by authorized personnel.
Specifically, for electronic laboratory equipment:
a. Your firm does not always require unique username and passwords for employees to gain access to the systems. For example, all analysts log in to the … software used for processing chromatograms using the same username and password.
b. There is no defined procedures for access level controls to electronic data acquisition systems.
c. Your HPLC software lacked an audit trail feature for the instrument to document all activities related to the chromatographic analysis, including creation, modification, or deletion of electronic raw data.
For more observations pertaining to data integrity, see Issue #1052 available today. It also has observations pertaining to lab controls, manufacturing controls, and medical devices.