Are You Throwing Out GxP Records Electronically?
A number of firms have been cited for GxP records in their disposal bins(1-3). It is easy to read these observations and conclude they do not apply to your firm – but are you sure? You might have instructed personnel that they must never place a regulated document in the paper bin – but have you also instructed them to do the same with electronic disposal bins – the Recycle Bin in workstation computers? Physical disposal bins have a greater chance for discovering improper disposal of records, because they are visible to anyone nearby. In contrast, a Recycle Bin on a workstation is visible only when opened and examined by an authorized user. The physical bin is also in view as it is carried to the disposal station—the person can be stopped prior to arrival; conversely, the default workstation configuration permits anyone with workstation access the right to quietly, quickly delete the Recycle Bin with a couple of mouse clicks. Inspectors have uncovered improper use of the Recycle Bin during inspections(4) and issued citations for GxP records in disposal bins.
Understanding that electronic disposal bins (Recycle Bins) carry greater risks, how would you answer the following:
- Have you reduced the risks in some workstations by restricting the user’s ability to empty the Recycle Bin?
- Have you considered an alternate workstation shell program to restrict a user’s ability to send files to the Recycle Bin?
- Do you conduct period inspections of workstation Recycle Bins, looking for deleted files?
- Do you have a process to manage files/records, GxP records, found in the Recycle Bin of a workstation?
- Do users know which records are required by regulations, and to never place any of these records in the Recycle Bin, as it is the equivalent of placing papers in the disposal bin?
The shift to electronic records requires a shift in thinking about our practices, and this includes the Recycle Bin.
by: Mark E. Newton, Associate Sr. Consultant, Global Quality Laboratories for Eli Lilly and Company
See more popular blog posts from Mark on Data Quality and Data Integrity:
- Data Integrity and Your Interfaces
- Data Quality and Data Integrity: What is the difference?
- Data Integrity from the Bottom Up
- Your Administrator
- GAMP: Administrators for Instruments – Your Administrator Part 2
Are you looking for a hands-on approach for identifying, mitigating, and remediating potential causes of breaches in data integrity?
Don’t miss this special half-day Data Integrity Workshop focused on key data integrity issues facing the pharmaceutical product lifecycle. This interactive workshop will identify important regulatory issues impacting data integrity, answer key questions surrounding current expectations, and provide an overview of the Application Integrity Policy. Learn more about the Data Integrity Workshop and how to register.
1. Novacyl Wuxi Pharmaceutical Co., Ltd. 12/19/14. FDA Warning Letter http://www.fda.gov/ICECI/EnforcementActions/WarningLetters/ucm427976.htm
2. Sun Pharmaceutical Industries Limited – Karkhadi 5/7/14 FDA Warning Letter http://www.fda.gov/ICECI/EnforcementActions/WarningLetters/2014/ucm397054.htm
3. Wockhardt Limited 7/18/13 FDA Warning Letter http://www.fda.gov/ICECI/EnforcementActions/WarningLetters/2013/ucm361928.htm
4. Micro Labs Limited. WHO Notice of Concern http://apps.who.int/prequal/info_applicants/NOC/MicroLabs_NoC_30May2014.pdf