LIMS 专注您的专注

Smart Dedicated Efficient

化验室的数据完整性-实验室数据管理软件Laboratory Data Management Software

2020-11-03 10:53

Some analytical laboratories managelaboratory data using commercial software like LIMS or scientific datamanagement systems. Whether the software is validated at the site, either bythe vendor or by the user, the user is responsible for assuring its compliancewith 21 CFR Part 11. The Quality Unit should understand completely thefunctionality, features, and capability of the software. All automaticequipment used in pharmaceutical manufacturing environment, including computersused to test drug products, must also comply with 21 CFR Part 211.68.Regulatory expectations for computerized systems used in the manufacture of APIare found in the ICH Q7 Guidance for Industry (6,8,43).

有一些化验室利用商业软件例如LIMS或科学数据管理系统来管理数据。无论软件是否在企业内由供应商或者企业进行过验证,用户必须对是否符合法规 21CFR 第11部分负责。质量部门应当认识到软件的全部、功能、特点以及用途。所有用于药企生产区域的自动化设备,包括用于监测药品的电脑,都应遵从法规 21CFR 第211.68部分。监管机构对用于生产API计算机系统的期望都在ICH Q7 行业指南中。

Browser-enabled user logins from multiplecomputers pose a potential risk. Login functionality is recommend­ed to beproperly challenged, mitigated, and verified. An additional layer of securityshould be embedded in the software that allows only user logins that have beenverified by specific, permitted IP addresses as filter logins.


Laboratory data management softwaretypically is validated using the following steps (not necessarily in thisorder):


l Document the software name and version number 记录软件名声以及版本号

l Define the period for software updates 定义软件更新的周期

l Check and validate e-signatures 检查和验证电子签名

l Validate the software for its intended use 验证软件预期使用目的

l Determine capability of meeting 21 CFR Part 11 requirements interms of audit trail and controls 在审计跟踪和控制方面确定满足21 CFR第11部分要求的能力

l Test the software on the network for data transmission 在网络上测试软件进行数据传输

l Set up controls and traceability of printouts and define numberof printouts allowed 建立打印输出的控制和可追溯性,并定义允许打印输出的数量

l Check data and security of offshore and Cloud data 检查离线和云数据的数据和安全性

l Validate Cloud-based data management system for security andpossibility of compromise 验证基于云的数据管理系统安全性与可能性的协议

l Establish quality service agreement and contingency plan forCloud-based systems and deter­mine exact physical location of servers 建议服务器安全协议以及基于云的数据管理应急计划,定义服务器确切物理位置

l Verify record and logic behind the algorithms used incalculations 验证计算中使用的算法背后的记录和逻辑

l Calculate manually the common statistical computations used bysoftware (such as mean, stan­dard deviation, percentage of relative standarddeviation to complex math like potency content, similarity factor (F2) valuesfor dissolution analysis, and coefficient of variation for uniformity ofdosage) and compare with software values


l Check data transmission and losses from instruments to attachedcomputer 检查数据传输和从仪器到相连计算机的丢失

l Check data transmission to computer, server, and interfaces inbetween, and validate for intended functionality of analysis, data acquisition,processing, reporting, tracking, and security 检查传输至电脑、服务器、以及相连界面、并验证分析的预期功能、数据获取、处理、上报、追溯和安全。

l Ensure PDFs of any converted data files are not editable andbear a date-and-time stamp 确保任何转换后的数据文件的pdf文件不可编辑,并带有日期和时间戳

l Confirm that intended software is compatible with COTS softwarefor any laboratory instrument (e.g., HPLC, GC, and PSD). 确认预期的软件与用于任何实验室仪器的COTS软件兼容(如HPLC、GC和PSD)

6.5.1Controls 控制措施

Thefollowing are the minimum controls needed to validate laboratory datamanagement software:


l Identify the person responsible for updates and maximum possiblesoftware updates to be per­formed by the software vendor and in-house IT personnel


l Address any changes to software through change history


l Establish secure unique user login identifications and periodicchange of passwords


l Restrict permission to delete data to administrator or ITpersonnel


l Maintain copies of older versions of software whenever versionis updated (recommended) and ensure that backed-up data from previous versionscan still be accessed


l Check software integrity on a periodic basis


l Maintain detailed list of roles, responsibilities, andprivileges for all staff who use the laboratory data management software 维护使用实验室数据管理软件的所有员工的角色、职责和特权的详细列表

6.5.2Common Deficiencies that May Lead to Data Compromise 可能导致数据泄漏的常见缺陷

l Browser-based interface enabling simultaneous logins with thesame IDs without sufficient con­trols to prevent redundant data activity


l Not investigating qualification errors or shortfalls accordingto nonconformance procedure


l Not enabling, reviewing, or publishing audit trails 不启用、检查或使用审计跟踪

l Installing features without complete understanding, leading todata compromise


l Lapses in training, e.g., lack of training or inadequatetraining for tasks being performed


6.5.3Spreadsheet Validation 电子表格验证

Manylaboratories use customized spreadsheets for calculations. To avoid possibledata breaches, the Quality Unit should validate the customized spreadsheettemplate for its intended use and protect it by restricting permissions toalter the template or delete data.


Typically,customized spreadsheets are validated by customizing them to the intended usewith a stan­dardized formula in the USP or another valid source, comparing themanual calculations against the spreadsheet calculations, and testingboundaries and functions.

通常来说,应依据USP标准或其他法规依据,将手工计算与电子表格计算进行比较,以及测试界限以及功能,来定制预期使用的表格。 Spreadsheet Controls 电子表格控制

Thefollowing are the minimum controls to be put in place for customizedspreadsheets, which are recommended to be captured in the SOPs:


l Encrypt with password protection


l Restrict editing (set to “Read only”) so previous data is notretained in the template


l Save spreadsheets to a designated location on the server andcapture the file location on each spreadsheet


l Change passwords and revalidate customized spreadsheetsperiodically per established SOPs 依据建立起的SOP定期更改密码以及重新验证定制的电子表格 CommonDeficiencies in Spreadsheets 电子表格常见缺陷

The following are commonly seendeficiencies in spreadsheets that may lead to data compromise and risk of dataintegrity problems:


l Spreadsheets not validated 未验证电子表格

l Accidental or deliberate formula changes made in unprotectedspreadsheets (e.g., in Figure, data was manipulated; the failing value of 96.30 was replacedwith a passing value of 98.23, which was entered manually on the unprotectedsheet)


l Entering passing results in unprotected spreadsheets (Figure


l Lack of controls on spreadsheet access and lack of training ofstaff to respect password control


Figure ValidatedSpreadsheet: API Assay Failure (Failure Result is 96.30)


Seek Advice


Call Us




On Trial