Another term that cannot be found in regulations or guidelines: orphan data. How can we define it, and what requirement should be connected to it? Let's try to find out together.
Definition
How is the general lifecycle is built up? Collection/observation -> Processing/Review -> Reporting
(-> Archival, but let's not keep this step in scope).
In an ideal world, all collected data gets processed and then reported. I perform an LC-test, process the chromatograms then report the impurity content in the CoA. Seems obvious and all.
But what happens to the chromatograms not processed (because a System Suitability Test fails), or the processed data not reported (due to bad integration)? Those are the orphan data!
Let me offer a simple, but a bit more formal definition (again, not brand new, but descriptive): 'Data that is not processed, reported or accounted for.'
Requirements
And since the data integrity came into fashion, these orphan data can be a central characters in the horror movie called 'Fighting against the suspicion of Testing into compliance'.
How can you prove you don't plan to do anything with those data in the future? How did you choose which data not to process or not report? Really not the most comfortable questions for a while now.
To avoid going to this badly chosen movie theater, there are only a few requirements to keep:
1. Don't try to hide these data. These are data collected or processed in GxP environment, so never delete that. The best scenario is if you have the data deletion fully forbidden in your system.
2. Highlight/mark these record that you don't plan to use them, possibly with a remark about why. The best case is if you can lock these records to protect them from processing or reporting later.
3. Make a reconciliation when reviewing.The formal review of an analytical report, batch record or CoA should contain an element where you seek for orphan data, and you make sure requirements #1 and #2 are fulfilled.
+1. You can also establish a system where you look for orphan data in your computerized system's periodic review. You should find nothing due to requirement 3, but at least after implementation for a few years it cannot hurt.
Comments