2015-01-29 21:33:23| 分类: EDQM
Term | Definition | Expectation / guidance (where relevant) |
术语 | 定义 | 期望/指南(相关时) |
Data | Information derived or obtained from raw data (e.g. a reported analytical result) | Data must be: A – attributable to the person generating the data L – legible and permanent C – contemporaneous O – original (or ‘true copy’) A – accurate |
数据 | 从原始数据获得或衍生的信息(例如,所报告的检验结果) | 数据必须: A—可追踪至产生数据的人 L—清晰,能永久保存 C—同步 O—原始(或真实复制) A—准确 |
Raw data | Original records and documentation, retained in the format in which they were originally generated (i.e. paper or electronic), or as a ‘true copy’. Raw data must be contemporaneously and accurately recorded by permanent means. In the case of basic electronic equipment which does not store electronic data, or provides only a printed data output (e.g. balance or pH meter), the printout constitutes the raw data. | Raw data must: ? Be legible and accessible throughout the data lifecycle. ? Permit the full reconstruction of the activities resulting in the generation of the data |
原始数据 | 原始记录和文件,按原始产生的形式保留(即纸质或电子)或“真实复制”。原始数据必须是同步产生的,采用可以永久保留的方式准确记录。如果基础电子仪器不能存贮电子数据,或仅提供打印数据输出(例如,天平或pH计),则打印数据应成为原始数据。 | 原始数据必须: ? 清晰可读,在数据的整个生命周期内均可以获得 ? 可以据原始数据对数据产生的整个活动进行重现 |
Metadata: | Metadata is data that describe the attributes of other data, and provide context and meaning. Typically, these are data that describe the structure, data elements, inter-relationships and other characteristics of data. It also permits data to be attributable to an individual. | Example: data (bold text) 3.5 and metadata, giving context and meaning, (italic text) are: sodium chloride batch 1234, 3.5mg. J Smith 01/07/14 Metadata forms an integral part of the original record. Without metadata, the data has no meaning. |
元数据 | 元数据是指描述其它数据属性的数据,提供语境和含义。一般来说,这些数据描述数据的结构、数据要素、内在关系和其它数据特性。它还允许数据追踪至个体。 | 例如:数据(粗体) 3.5 和元数据,提供语境和意义(斜体)为 氯化钠批号1234,3.5mg.J Smith 01/07/14 元数据所形成原始记录不可分割的一部分,没有元数据,数据就没有意义。 |
Data Integrity | The extent to which all data are complete, consistent and accurate throughout the data lifecycle. | |
数据完整性 | 数据完整性应能保证在数据的整个生命周期内,所有数据均完全、一致和准确。 | |
Data governance | The sum total of arrangements to ensure that data, irrespective of the format in which it is generated, is recorded, processed, retained and used to ensure a complete, consistent and accurate record throughout the data lifecycle. | Data governance should address data ownership throughout the lifecycle, and consider the design, operation and monitoring of processes / systems in order to comply with the principles of data integrity including control over intentional and unintentional changes to information. Data Governance systems should include staff training in the importance of data integrity principles and the creation of a working environment that encourages an open reporting culture for errors, omissions and aberrant results. Senior management is responsible for the implementation of systems and procedures to minimise the potential risk to data integrity, and for identifying the residual risk, using the principles of ICH Q9. Contract Givers should perform a similar review as part of their vendor assurance programme |
数据管理 | 为保证数据,不论这些数据产生的形式如何,的记录、处理、保留和使用能保证在数据的整个生命周期内均完全、一致和准确所采取的措施的总和 | 数据管理应说明生命周期中数据所有权,要考虑对过程/系统的设计、操作和监控,以符合数据完整性原则,包括对信息有意和无意更改的控制。 数据管理系统应包括对员工进行数据完整性原则的重要性培训,以及创造工作环境鼓励公开报告错误、遗漏和异常结果的文化。 |
Data Lifecycle | All phases in the life of thedata (including raw data) from initial generation and recording through processing (including transformation or migration), use, data retention, archive / retrieval and destruction. | The procedures for destruction of data should consider data criticality and legislative retention requirements. Archival arrangements should be in place for long term retention (in some cases, periods up to 30 years) for records such as batch documents, marketing authorisation application data, traceability data for human-derived starting materials (not an exhaustive list). Additionally, at least 2 years of data must be retrievable in a timely manner for the purposes of trend analysis and inspection. |
数据的生命周期 | 数据(包括原始数据)自初始产生和记录,到处理(包括转化或移植)、使用、数据保留、存档/恢复和重建的整个生命阶段。 | 数据重建程序应考虑数据关键性和法规保留要求。对记录,例如批记录、上市许可申报数据、追踪性数据或人来源的起始物料(本清单未穷尽)应有长期保留的存档安排(在有些情况下,长达30年)。另外,至少2年的数据必须可以及时恢复用于趋势分析或现场检查。 |
Primary Record | The record which takes primacy in cases where datacollected or retained concurrently by more than one method fail to concur. | In situations where the same information is recorded concurrently by more than one system, the data owner should define which system generates and retains the primary record, in case of discrepancy. The ‘primary record’ attribute should be defined in the quality system, and should not be changed on a case by case basis. |
基准记录 | 采用不止一种方法同步收集数据而未能相互一致时作为基准的记录。 | 如果相同的信息采用不止一个系统同步记录,数据所有者应定义在差异时是哪个系统产生和保留基本记录。“基准记录”属性应在质量体系里定义,不应根据各案进行变更。 |
Original record / True Copy: | Original record: Data as the file or format in which it was originally generated, preserving the integrity(accuracy, completeness, content and meaning) of the record, e.g. original paper record of manual observation, or electronic raw data file from a computerised system True Copy: An exact copy of an original record, which may be retained in the same or different format in which it was originally generated, e.g. a paper copy of a paper record, an electronic scan of a paper record, or a paper record of electronically generated data | Original records must preserve the integrity (accuracy, completeness, content and meaning) of the record. Exact (true) copies of original records may be retained in place of the original record (e.g. scan of a paper record), provided that a documented system is in place to verify and record the integrity of the copy. It is conceivable for raw data generated by electronic means to be retained in an acceptable paper or pdf format. However, the data retention process must be shown to include verified copies of all raw data, metadata, relevant audit trail and result files, software / system configuration settings specific to each analytical run*, and all data processing runs (including methods and audit trails) necessary for reconstruction of a given raw data set. It would also require a documented means to verify that the printed records were an accurate representation. This approach is likely to be onerous in its administration to enable a GMP compliant record. * computerised system configuration settings should be defined, tested and ‘locked’ as part of computer system validation. Only those variable settings which relate to an analytical run would be considered as electronic raw data. |
原始记录/真实复制 | 原始记录: | 原始记录必须保留记录的完整性(准确性、完全性、内容和含义)。如果有一个文件记录体系来确认和记录复印件的完整性,则也可以采用真实复印件代替原件(例如,纸质记录扫描)进行保存。 可以对电子方式产生的原始数据进行纸质或PDF格式保存,但必须显示数据的留存过程,以包括所有原始数据、元数据、相关审计追踪和结果文件、每一分析运行过程中软件/系统设置标准,一个给定的原始数据系列重建所需的所有数据处理运行情况(包括方法和审计追踪),经过确认的复本。还要求有一个书面方法来确认打印的记录是准确的重现。该方法可能使符合GMP的记录管理变得繁杂。 *计算机系统参数设置应作为计算机系统验证的一部分进行界定、测试和“锁定”。只有与分析运行相关的变量设定才会被认为是电子原始数据。 |
Computer system transactions: | A computer system transaction is a single operation or sequence of operations performed as a single logical ‘unit of work’. The operation(s) that make up a transaction are not saved as a permanent record on durable storage until the user commits the transaction through a deliberate act (e.g. pressing a save button). The metadata (i.e., user name, date, and time) is not captured in the system audit trail until the user commits the transaction. In Manufacturing Execution Systems (MES), an electronic signature is often required by the system in order for the record to be saved and become permanent. | Computer systems should be designed to ensure that the execution of critical operations are recorded contemporaneously by the user and are not combined into a single computer system transaction with other operations. A critical processing step is a parameter that must be within an appropriate limit, range, or distribution to ensure the desired product quality. These should be reflected in the process control strategy. Examples of 'units of work': ? Weighing of individual materials ? Entry of process critical manufacturing / analytical parameters ? Verification of the identity of each component or material that will be used in a batch ? Verification of the addition of each individual raw material to a batch (e.g. when the sequence of addition is considered critical to process control – see figure 2) Addition of multiple pre-weighed raw materials to bulk vessel when required as a single manufacturing step (e.g. when the sequence of addition is not considered critical to process control – see figure 3) |
计算机系统处理 | 计算机系统处理是一个单独的操作或一系列作为单个逻辑“工作单元”的操作,组成一个处理,在用户通过一个清楚的动作认可前不会长期存贮作为永久的记录(例如,按下保存按键)。在用户认可该处理前,元数据(即用户名、日期和时间)不会被审计追踪系统捕捉到。在生产执行系统中,系统通常会要求一个电子签名以使记录得以存贮成为永久记录。 | 计算机系统的设计应保证关键操作的执行被用户同步记录,不会与其它操作一起被合并为一个单独的计算机系统处理。一个关键处理步骤是一个参数,必须在一个适当的限度、范围内,或分配范围内,以保证所需的产品质量。这些应反映在工艺控制策略中。 “工作单元”的例子: ? 单个原料的称重 ? 关键生产/分析参数的处理输入 ? 将用于一个批次的每个成分或原料的识别确认 ? 要向一个批次中增加每一种原料的确认(例如,如果加料顺序被认为是工艺控制的关键参数---参见图2) ? 作为一个单独的生产步骤,需要向大罐中添加多种预称重的原料(例如,添加顺序被认为对工艺控制并不关键----参见图3) |
Audit Trail | GMP audit trails are metadata that are a record of GMP critical information (for example the change or deletion of GMP relevantdata). | Where computerised systems are used to capture, process, report or store raw data electronically, system design should always provide for the retention of full audit trails to show all changes to the data while retaining previous and original data. It should be possible to associate all changes to data with the persons making those changes, and changes should be time stamped and a reason given. Users should not have the ability to amend or switch off the audit trail. The relevance of data retained in audit trails should be considered by the company to permit robust data review / verification. The items included in audit trail should be those of relevance to permit reconstruction of the process or activity. It is not necessary for audit trail review to include every system activity (e.g. user log on/off, keystrokes etc.), and may be achieved by review of designed and validated system reports. Audit trail review should be part of the routine data review / approval process, usually performed by the operational area which has generated the data (e.g. laboratory). There should be a mechanism to confirm that a review of the audit trail has taken place. When designing a system for review of audit trails, this may be limited to those with GMP relevance (e.g. relating to data creation, processing, modification and deletion etc). Audit trails may be reviewed as a list of relevant data, or by a validated ‘exception reporting’ process. QA should also review a sample of relevant audit trails, raw data and metadata as part of self inspection to ensure on-going compliance with the data governance policy / procedures. If no audit trailed system exists a paper based audit trail to demonstrate changes to data will be permitted until a fully audit trailed (integrated system or independent audit software using a validated interface) system becomes available. These hybrid systems are currently permitted, where they achieve equivalence to integrated audit trail described in Annex 11 of the GMP Guide. If such equivalence cannot be demonstrated, it is expected that facilities should upgrade to an audit trailed system by the end of 2017. |
审计追踪 | 如果计算机系统用于电子捕获、处理、报告或存贮原始数据,系统设计应能保持提供全面审计追踪的保存,在保存之前和原始和数据时显示对数据进行的所有更改。伴随对数据的所有更改,应可以显示做这些更改的人,更改均应有时间记录,并给出理由。用户不应具备修订或关闭审计追踪的能力。 公司应考虑保存在审计追踪里的数据的相关性,以使得全面的数据审核/确认成为可能。包括在审计追踪里的项目应是那些关于允许重建过程或活动的参数,审计追踪审核不需要包括每个系统活动(例如,用户登录/退出,键盘敲击等),可以通过对经过设计和验证的系统报告进行审核来达到目的。 审计追踪审核应是日常数据审核/批准过程的一部分,通常由产生数据的操作区域(例如,化验室)来实施。应该具备一种机制来确认进行了审计追踪的审核。在设计一个系统对审计追踪进行审核时,可能会局限于GMP相关性(例如,关于数据创建、处理、修正和删除等)。审计追踪可以作为相关性数据清单来审核,或由一个验证过的“例外报告”过程来审核。QA也应该审核样品的相关审计追踪、原始数据和元数据,作为自检的一部分,来保证与数据管理方针/程序的现行符合性。 如果没有审计追踪系统,则在全面审计追踪(整合的系统或使用一个验证过的界面的独立的审计软件)系统可以实施前,基于审计追踪的纸来证明对数据的更改也是允许的。只要它们可以等同达到GMP指南附录11中所述的整合审计追踪目的,这些混合系统目前是允许的。如果不能证明该等同性,则期望工厂在2017年底前将其升级至审计追踪系统。 | |
Data Review | There should be a procedure which describes the process for the review and approval of data, including raw data. Data review must also include a review of relevant metadata, including audittrail. Data review must be documented. A procedure should describe the actions to be taken if data review identifies an error or omission. This procedure should enable data corrections or clarifications to be made in a GMP compliant manner, providing visibility of the original record, and audit trailed traceability of the correction, using ALCOA principles (see ‘data’ definition). | |
数据审核 | 应有一个程序描述对数据,包括原始数据,的审核和批准。数据审核还必须包括对相关元数据的审核,包括审计追踪。数据审核必须进行书面记录。 应有一个程序描述如果数据审核发现错误或遗漏时应采取的措施。该程序应使得对数据的修正或澄清以符合GMP的方式进行,使用ALCOA原则,提供修正所涉及的原始记录的可见性,和审计追踪的追溯性(参见“数据”的定义)。 | |
Computerised system user access / system administrator roles | Full use should be made of access levels to ensure that people have access only to functionality that is appropriate for their job role. Facilities must be able to demonstrate the access levels granted to individual staff members and ensure that historical information regarding user access level is available. Shared logins are not acceptable. Where the computerised system design supports individual user access, this function must be used. This may require the purchase of additional licences. It is acknowledged that some computerised systems support only a single user login or limited numbers of user logins. Where alternative computerised systems have the ability to provide the required number of unique logins, facilities should upgrade to an appropriate system by the end of 2017. Where no suitable alternative computerised system is available, a paper based method of providing traceability will be permitted. The lack of suitability of alternative systems should be justified based on a review of system design, and documented. System administrator access should be restricted to the minimum number of people possible taking account of the size and nature of the organisation. System Administrator rights (permitting activities such as datadeletion, database amendment or system configuration changes) should not be assigned to individuals with a direct interest in the data (data generation, data review or approval). Where this is unavoidable in the organisational structure, a similar level of control may be achieved by the use of dual user accounts with different privileges. All changes performed under system administrator access must be visible to, and approved within, the quality system. The individual should log in using the account with the appropriate access rights for the given task e.g. a laboratory manager performing data checking should not log in as system administrator where a more appropriate level of access exists for that task. | |
计算机化系统用户权限/系统管理员职责 | 应对进入权限的功能进行全面使用,以保证人员只具有与完成其工作职责相当的操作权限。工厂必须可以证明赋予给个人的登录层级,保证可以获得关于用户进入级别的历史信息。 采用相同的登录名和密码是不能接受的。如果计算机系统设计支持单个用户登录,则必须使用该功能。这可能要求购买额外的许可。 大家知道有些计算机系统仅支持一个用户登录,或有限数据用户登录。如果有可替代的计算机系统具备提供所需数据唯一登录的能力,工厂应在2017年底升级至适当的系统。如果没有适当的可替代计算机系统,则允许采用纸质方式来提供追踪。缺乏可替代系统的适用性应基于对系统设计的审核进行论证,并进行书面记录。 系统管理员权限应根据组织机构的规模和属性而限于最少人数。 系统管理员的权利(允许的活动如数据删除、数据库修正或系统参数更改)不应被赋予对数据有直接利益的个人(数据产生、数据审核或批准)。如果在组织机构内无法避免,则应使用不同特权的双重用户账号来达到类似水平的控制。所有在系统管理员权限下实施的变更必须可以由质量体系看见,并在质量体系内进行批准。 个人应采用适当的进入权限进行登录来执行指定的任务,例如,如果有一个更适合该任务操作的已有权限,则化验室经理实施数据检查不应采用系统管理员身份登录。 | |
Data retention | Raw data (or a true copy thereof) generated in paper format may be retained for example by scanning, provided that there is a process in place to ensure that the copy is verified to ensure its completeness. Data retention may be classified as archive or backup Data and document retention arrangements should ensure the protection of records from deliberate or inadvertent alteration or loss. Secure controls must be in place to ensure the data integrity of the record throughout the retention period, and validated where appropriate. Where data and document retention is contracted to a third party, particular attention should be paid to understanding the ownership and retrieval of data held under this arrangement. The physical location in which the data is held, including impact of any laws applicable to that geographic location should also be considered. The responsibilities of the contract giver and acceptor must be defined in a contract as described in Chapter 7 of the GMP Guide | |
数据保留 | 由纸质形式产生的原始数据(或真实复制本)可以采用例如扫描方式保留,如果有程序保证该复制的完整性是经过确认的话。 数据保留可以分为“存档”或“备份”。 数据和记录保留的安排应保证能保护记录被蓄意或无意篡改或丢失。 必须有安全控制来保证记录在整个保留期间的数据完整性,并在适当时进行验证。 如果数据和记录保留是委托给第三方进行,应特别注意对第三方的了解,以及在此情况下数据情况的安排。还要考虑数据所在的物理位置,包括地理位置可能适用的所有法律问题。合同委托方的责任和合同接受方的责任必须以GMP指南中第7章的合同形式描述。 | |
? Archive | Long term, permanent retention of completed data and relevantmetadata in its final form for the purposes of reconstruction of the process or activity. | Archive records should be locked such that they cannot be altered or deleted without detection and audit trail. The archive arrangements must be designed to permit recovery and readability of the data and metadata throughout the required retention period. |
? 存档 | 完整的数据和相关的元数据以其最终形式进行长期永久保留,以达到过程或活动重建的目的。 | 存档记录应落锁,保证其不能在未被察觉和审计跟踪情况下被篡改或删除。 存档安排的设计必须允许数据和元数据在所要求的整个保留时期内可以被恢复和读取。 |
? Backup | A copy of current (editable) data,metadata and system configuration settings (variable settings which relate to an analytical run) maintained for the purpose of disaster recovery. | Backup and recovery processes must be validated. |
? 备份 | 现行的(可编辑的)数据、元数据和系统参数设置(与分析运行相关的变量设置)为了灾难恢复的目的进行保留。 | 备份和恢复过程必须进行验证。 |
File structure | ||
文件结构 | ||
? Flat files: | A 'flat file' is an individual record which may not carry with it all relevant metadata (e.g. pdf, dat, doc ). | Flat files may carry basic metadata relating to file creation and date of last amendment, but cannot audit trail the type and sequence of amendments. When creating flat file reports from electronic data, the metadata and audit trails relating to the generation of the raw data is also lost, unless these are retained as a ‘true copy’. There is an inherently greater data integrity risk with flat files (e.g. when compared to data contained within a relational database), in that these are easier to manipulate and delete as a single file. |
? 扁平式文件 | “扁平式文件”是指单个记录,其可能不带有任何相关的元数据(例如,PDF、DAT、DOC文件)。 | 扁平式文件可能带有与文件创建和最后修订日期的基本元数据,但不能对修订的类型和顺序进行审计追踪。在从电子数据创建扁平式文件报告时,如果不是以“真实复制”的方式进行保留,与原始数据产生相关的元数据和审计追踪也会被丢失。 扁平式文件具有天生的更大的数据完整性风险(例如,相比于相关性数据库里保存的数据),这时作为单个文件,它更容易被捏造和删除。 |
? Relational database: | A relational database stores different components of associated data and metadata in different places. Each individual record is created and retrieved by compiling the data and metadata for review. | This file structure is inherently more secure, as the data does not exist in a single file. Retrieval of information from a relational database requires a database search tool, or the original application which created the record. |
? 相关性数据库 | 相关性数据库在不同位置存贮不同的相关数据和元数据内容。每个单个记录由汇总的数据和元数据进行创建和恢复,用于审核。 | 这种文件结构内在的安全性更好,因为数据不是以单个文件的形式存在。 从一个相关性数据库中懒得信息需要一个数据库搜索工具,或创建该记录的原始应用软件。 |
Validation – for intended purpose (See also Annex 15 and GAMP 5) | Computerised systems should comply with the requirements of EU GMP Annex 11 and be validated for their intended purpose. This requires an understanding of the computerized system’s function within a process. For this reason, the acceptance of vendor-supplied validation data in isolation of system configuration and intended use is not acceptable. In isolation from the intended process or end user IT infrastructure, vendor testing is likely to be limited to functional verification only, and may not compute the requirements for performance qualification. For example – validation of computerized system audit trail ? A custom report generated from a relational database may be used as a GMP system audit trail. ? SOPs should be drafted during OQ to describe the process for audit trail verification, including definition of the data to be reviewed. ? ‘Validation for intended use’ would include testing during PQ to confirm that the required data is correctly extracted by the custom report, and presented in a manner which is aligned with the data review process described in the SOP. | |
根据既定用途进行验证 (参见附录15和GAMP5) | 计算机系统应符合EU GMP附录11的要求,并根据其既定用途进行验证。这就要求理解计算机系统在处理过程中的功能。为此,供应商提供的独立于系统参数和既定用途以外的验证数据的可接受标准是不被接受的。脱离了既定的工艺或终端用户的IT硬件设施,供应商的测试可能仅局限于功能确认,可能不能达到性能确认的要求。 例如---计算机系统审计追踪的验证 ? 从一个相关性数据库中订制报告可以用作GMP系统的审计追踪 ? SOP应在OQ过程中起草,描述审计追踪确认的过程,包括要审核的数据的定义 ? “根据其既定用途进行验证”应包括PQ中的测试,以确认所需求的数据由订制报告正确提取,其表述方式与SOP中描述的数据审核过程相符合 |
欢迎光临 药群论坛 (http://yaoqun.net/) | Powered by Discuz! X3.2 |