Tom Middleton, Solutions Architect, Sparta Systems03.02.17
Improving patient safety is at the heart of the medical device industry, but many manufacturers may not realize that this starts with data integrity in the manufacturing process. The integrity of data generated by medical device manufacturers is extremely important, because properly recorded information is the basis for manufacturers to ensure product identity, strength, purity, and safety. The FDA defines data integrity as “the completeness, consistency, and accuracy of data. Complete, consistent, and accurate data should be attributable, legible, contemporaneously recorded, original or a true copy, and accurate.” Put simply, data integrity builds the necessary foundation upon which to create safe medical devices.
While most medical device manufacturers use electronic systems, there are still some companies that use paper systems or manual excel spreadsheets. Paper and manual systems have no controls, so there is an increased risk of data integrity issues. For example, it is significantly easier to manually change and reprint new versions of a document with different data when using a non-electronic system. While it is rare that a company or individual would act maliciously, it unfortunately does happen. Utilizing an electronic system where this information is locked down, automatically time stamped, and can’t be maliciously altered allows for greater confidence in the data. Manufacturers need to be assured that regardless of where information is stored, the system’s data is never invalid, falsified, or adulterated.
While electronic systems allow for greater controls, a special concern for electronic data is security. This refers to ensuring changes are made only by authorized personnel. User access to the system must require authentication and these systems should implement stringent document control, so any changes can be traced back to individual users. Another key to certifying the integrity of data is extensive audit trails. The FDA defines audit trails as “a secure, computer-generated, time-stamped electronic record that allows for reconstruction of the course of events relating to the creation, modification, or deletion of an electronic record.” Medical device manufacturers can think of an audit trail as the who, what, where, when, and why of a record. For example, an audit trail should detail at what time and location an authorized user made changes to a specific dataset, as well as the justification for the modification.
Company culture plays an important role in attitudes toward quality and data integrity. Non-compliance in the integrity of data can lead to warning letters and regulatory action from the FDA and other related agencies. Every year, there are new reports of manufacturing sites falsifying data to fast-track products to get them out the door and into the market. In fact, FDA sighted data integrity issues in 19 warning letters from the Center for Device and Radiological Health in 2016, including those sent to Grams Medical, Spectranetics Corporation, and Simpro. Issues around data integrity are often due to tension between the financial department and the patient safety department within the organization. Implementing electronic systems with proper controls and policies can alleviate this tension and prevent potential data integrity concerns.
These systems are mission critical for companies as manufacturing operations become increasingly global and complex. In today’s demanding market, investment in a quality system to enable business processes is not enough. Companies must be able to leverage their quality system’s data to support a comprehensive quality management strategy and be proactive in measuring and managing quality across the enterprise.
Tom Middleton, solutions architect at Sparta Systems, has spent twenty years conducting nearly 1,000 registration, surveillance, internal, and supplier audits as an ASQ/RAB Certified ISO and Global cGMP lead compliance auditor for Underwriter’s Laboratories and Bausch + Lomb’s Surgical Division. Specializing in management system audits and the development of internal and external audit programs and tools, Middleton has a passion for helping people ensure management system quality and robust compliance through value-added, process-driven auditing programs.
While most medical device manufacturers use electronic systems, there are still some companies that use paper systems or manual excel spreadsheets. Paper and manual systems have no controls, so there is an increased risk of data integrity issues. For example, it is significantly easier to manually change and reprint new versions of a document with different data when using a non-electronic system. While it is rare that a company or individual would act maliciously, it unfortunately does happen. Utilizing an electronic system where this information is locked down, automatically time stamped, and can’t be maliciously altered allows for greater confidence in the data. Manufacturers need to be assured that regardless of where information is stored, the system’s data is never invalid, falsified, or adulterated.
While electronic systems allow for greater controls, a special concern for electronic data is security. This refers to ensuring changes are made only by authorized personnel. User access to the system must require authentication and these systems should implement stringent document control, so any changes can be traced back to individual users. Another key to certifying the integrity of data is extensive audit trails. The FDA defines audit trails as “a secure, computer-generated, time-stamped electronic record that allows for reconstruction of the course of events relating to the creation, modification, or deletion of an electronic record.” Medical device manufacturers can think of an audit trail as the who, what, where, when, and why of a record. For example, an audit trail should detail at what time and location an authorized user made changes to a specific dataset, as well as the justification for the modification.
Company culture plays an important role in attitudes toward quality and data integrity. Non-compliance in the integrity of data can lead to warning letters and regulatory action from the FDA and other related agencies. Every year, there are new reports of manufacturing sites falsifying data to fast-track products to get them out the door and into the market. In fact, FDA sighted data integrity issues in 19 warning letters from the Center for Device and Radiological Health in 2016, including those sent to Grams Medical, Spectranetics Corporation, and Simpro. Issues around data integrity are often due to tension between the financial department and the patient safety department within the organization. Implementing electronic systems with proper controls and policies can alleviate this tension and prevent potential data integrity concerns.
These systems are mission critical for companies as manufacturing operations become increasingly global and complex. In today’s demanding market, investment in a quality system to enable business processes is not enough. Companies must be able to leverage their quality system’s data to support a comprehensive quality management strategy and be proactive in measuring and managing quality across the enterprise.
Tom Middleton, solutions architect at Sparta Systems, has spent twenty years conducting nearly 1,000 registration, surveillance, internal, and supplier audits as an ASQ/RAB Certified ISO and Global cGMP lead compliance auditor for Underwriter’s Laboratories and Bausch + Lomb’s Surgical Division. Specializing in management system audits and the development of internal and external audit programs and tools, Middleton has a passion for helping people ensure management system quality and robust compliance through value-added, process-driven auditing programs.