In a presentation on practical applications of data integrity for laboratories at the March 2019 MHRA Laboratories Symposium held in London, UK, MHRA Lead GCP and GLP Inspector Jason Wakelin-Smith highlighted the important role data process mapping plays in understanding these challenges and moving down the DI pathway.
He pointed out that understanding of processes and systems, which data maps facilitate, is a key theme in MHRA’s GxP data integrity guidance, finalized in March of 2018. The guidance is intended to be broadly applicable across the regulated practices, but excluding the medical device arena, which is regulated in Europe by third-party notified bodies.IPQ. MHRA Inspectors are Advocating Data Mapping as a Key First Step on the Data Integrity Pilgrimage
Data process maps look at the entire data life-cycle from creation through storage (covering key components of create, modify and delete) and include all operations with both paper and electronic records. Data maps are cross-functional diagrams (swim-lanes) and have the following sections:
- Data Creation
- Data Manipulation (include delete)
- Data Use
- Data Storage
Use a standard symbol for paper record, computer data and process step.
For computer data denote (usually by color) the level of controls:
- Fully aligned with Part 11 and Data Integrity guidances
- Gaps in compliance but remediation plan in place (this includes places where paper is considered “true copy”
- Not compliant, no remediation plan
Data operations are depicted utilizing arrows. The following data operations are probably most common, and are recommended for consistency:
- Data Entry – input of process, meta data (e.g. lot ID, operator)
- Data Store – archival location
- Data Copy – transcription from another system or paper, transfer of data from one system to another, printing (Indicate if it is a manual process).
- Data Edit – calculations, processing, reviews, unit changes (Indicate if it is a manual process)
- Data Move – movement of paper or electronic records
Data operation arrows should denote (again by color) the current controls in place:
- Technical Controls – Validated Automated Process
- Operational Controls – Manual Process with Review/Verified/Witness Requirements
- No Controls – Automated process that is not validated or Manual process with no Review/Verified/Witness Considerations