MHRA数据完整性指南 20180309

发布时间:2018-03-13 22:25

由于排版和文件长度问题,这里只有最后一部分。前面部分可进入博客浏览或点击阅读原文下载中英文PDF。

英文原文PDF下载链接:https://www.gov.uk/government/uploads/system/uploads/attachment_data/file/687246/MHRA_GxP_data_integrity_guide_March_edited_Final.pdf


6.17.    Data retention 数据保存
Data retention may be for archiving (protected data for long-term storage) or backup (data for the purposes of disaster recovery).
数据保存可能是为了归档(为了长期存贮而受保护的数据)或备份(为了灾难恢复而保存的数据)。
Data and document retention arrangements should ensure the protection of records from deliberate or inadvertent alteration or loss. Secure controls must be in place to ensure the data integrity of the record throughout the retention period and should be validated where appropriate (see also data transfer/migration).
数据和文件保存安排应确保保护记录不受有意无意修改和丢失。必须有安全控制确保记录在保存时段内的数据完整性,适当时应进行验证(也请参见数据转移/迁移)。
Data (or a true copy) generated in paper format may be retained by using a validated scanning process provided there is a documented process in place to ensure that the outcome is a true copy.
以纸质方式生成的数据(或真实副本)可以使用经过验证的扫描程序来保存,前提是有书面程序确保结果是真实副本。
Procedures for destruction of data should consider data criticality and where applicable legislative retention requirements.
数据销毁程序应考虑数据关键程度以及(适用时)法定保存要求。
6.17.1.    Archive 归档
A designated secure area or facility (e.g. cabinet, room, building or computerised system) for the long term, retention of data and metadata for the purposes of verification of the process or activity.
为长期保存数据和元数据以对程序或活动进行确认时所指定的安全区域或设施(例如,柜子、房间或计算机化系统)。
Archived records may be the original record or a ‘true copy’ and should be protected so they cannot be altered or deleted without detection and protected against any accidental damage such as fire or pest.
归档记录可能是原始记录或“真实副本”,应保护其不会在不被发现的情况下被修改或删除,保护其不受意外损坏如火灾或虫害。
Archive arrangements must be designed to permit recovery and readability of the data and metadata throughout the required retention period. In the case of archiving of electronic data, this process should be validated, and in the case of legacy systems the ability to review data periodically verified (i.e. to confirm the continued support of legacy computerised systems). Where hybrid records are stored, references between physical and electronic records must be maintained such that full verification of events is possible throughout the retention period.
归档安排设计必须能在所需的整个保存期内恢复数据和元数据并保持其可读性。如果归档的是电子数据,则此程序应经过验证,如果是遗留系统,则应定期验证其审核数据的能力(即确认持续支持遗留的计算机化系统)。如果存贮的是混合记录,物理和电子记录之间应保持可索引,如此可以在整个保存期内对事件进行全面确认。
When legacy systems can no longer be supported, consideration should be given to maintaining the software for data accessibility purposes (for as long possible depending upon the specific retention requirements). This may be achieved by maintaining software in a virtual environment.
如果不再支持遗留系统,则应考虑为了数据可进入的目的而保留该软件(依特定的保留要求而确定的尽可能长的时限)。这可以通过在虚拟环境中保留软件来做到。
Migration to an alternative file format that retains as much as possible of the ‘true copy’ attributes of  the data may be necessary with increasing age of the legacy data. Where migration with full original data functionality is not technically possible, options should be assessed based on risk and the importance of the data over time. The migration file format should be selected considering the balance of risk between long-term accessibility versus the possibility of reduced dynamic data functionality (e.g. data interrogation, trending, re- processing etc). It is recognised that the need to maintain accessibility may require migration to a file format that loses some attributes and/or dynamic data functionality (see also ‘Data Migration’).
随着遗留数据的年代增加,可能需要移植成替代文件格式保留尽可能多的数据“真实副本”属性。如果移植所有的原始数据功能从技术上来讲不可能,则可以基于风险和数据在长期内的重要性来评估可选做法。选择移植文件格式时应考虑长期可进入与减少动态数据功能可能性之间的平衡(例如,数据疑问、趋势分析、重新处理等)。已知保存可进入性可能需要移植成一种丢失一些属性和/或动态数据功能的文件格式(也参见“数据迁移”)。
6.17.2.    Backup
备份
A copy of current (editable) data, metadata and system configuration settings maintained for recovery including disaster recovery.
一份保存当前(可编辑)数据、元数据和系统参数设置用于恢复,包括灾难恢复的副本。
Backup and recovery processes should be validated and periodically tested. Each back up should be verified to ensure that it has functioned correctly e.g. by confirming that the data size transferred matches that of the original record.
备份和恢复流程应经过验证并定期测试。每个备份均应经核查以确保其运行正确,例如,确认所转移的数据数量与原始记录相符。
The backup strategies for the data owners should be documented.
应记录数据所有者的备份策略。
Backups for recovery purposes do not replace the need for the long term, retention of data and metadata in its final form for the purposes of verification of the process or activity.
恢复目的的备份并不能取代以流程或动作核查为目的以其最终形式长期保存数据和元数据需求。
6.18.    File structure
文件结构
Data Integrity risk assessment requires a clear understanding of file structure. The way data is structured within the GXP environment will depend on what the data will be used for and the end user may have this dictated to them by the software/computerised system(s) available.
数据完整性风险评估需要清楚了解文件结构。GXP环境中数据结构形式取决于数据用途以及最终用户可能采用何种软件’计算机化系统呈现这些数据。
There are many types of file structure, the most common being flat files and relational databases.
目前有许多类型文件结构,最常见的是扁平文件和关系数据库。
Different file structures due to their attributes may require different controls and data review methods and may retain meta data in different ways.
依其属性不同,不同的文件结构可能会需要有不同的控制和数据审核方法,可能会以不同方式保存元数据。
6.19.    Validation – for intended purpose (GMP; See also Annex 11, 15)
根据既定用途进行验证(参见附录15和GAMP5)
Computerised systems should comply with regulatory requirements and associated guidance. These should be validated for their intended purpose which requires an understanding of the computerised system’s function within a process. For this reason, the acceptance of vendor- supplied validation data in isolation of system configuration and users intended use is not acceptable. In isolation from the intended process or end-user IT infrastructure, vendor testing is likely to be limited to functional verification only and may not fulfil the requirements for performance qualification.
计算机化系统应符合法规要求及相关的指南要求。应验证其符合既定用途,这就需要了解流程内计算机化系统的功能。为此,供应商提供的独立于系统参数设置和用户既定用途以外的验证数据的可接受标准是不被接受的。脱离了既定的流程或终端用户IT设施,供应商测试可能会仅局限于功能性验证,可能无法满足性能确认的要求。
Functional verification demonstrates that the required information is consistently and completely presented. Validation for intended purpose ensures that the steps for generating the custom report accurately reflect those described in the data checking SOP and that the report output is consistent with the procedural steps for performing the subsequent review.
功能性验证证明所需的信息得到完整一致的呈现。既定用途的验证确保生成个性报告的步骤准确反映数据检查SOP中所述的内容,并且报告输出与执行后续审核的程序步骤一致。
6.20.    IT Suppliers and Service Providers (including Cloud providers and virtual service/platforms (also referred to as software as a service SaaS/platform as a service (PaaS) / infrastructure as a service (IaaS)).
IT供应商和服务提供商(包括云服务提供商和虚拟服务/平台(也请参见SAAS/PAAS/IAAS))
Where ‘cloud’ or ‘virtual’ services are used, attention should be paid to understanding the service provided, ownership, retrieval, retention and security of data.
如果使用了“云”或“虚拟”服务,则应注意了解所提供的服务、数据所有者、检索、保存和安全。
The physical location where the data is held, including the impact of any laws applicable to that geographic location, should be considered.
还应考虑数据放置的物理位置,包括该地理位置所有适用法律的影响。
The responsibilities of the contract giver and acceptor should be defined in a technical agreement or contract. This should ensure timely access to data (including metadata and audit trails) to the data owner and national competent authorities upon request. Contracts with providers should define responsibilities for archiving and continued readability of the data throughout the retention period (see archive).
委托方和受托方的职责应在技术协议或合同里界定。协议应确保可及时进入数据(包括元数据和审核追踪),在要求时及时联系到数据所有者和国家监管机构。与供方的合同应指定归档和数据在整个保存期内(参见归档)持续可读性的职责。
Appropriate arrangements must exist for the restoration of the software/system as per its original validated state, including validation and change control information to permit this restoration.
应有适当的安排可将软件/系统按原始经验证的状态进行恢复,包括验证变更控制信息,以允许其恢复。
Business continuity arrangements should be included in the contract, and tested. The need for an audit of the service provider should be based upon risk.
合同中应包括业务持续性安排,并进行测试。对服务提供商是否需要进行审订应基于风险来确定。



 

7.    Glossary术语

Acronymor wordor phrase

术语

Definition定义

eCRF

ElectronicCaseReportForm


电子病历

ECG

Electrocardiogram


心电图

GXP

Good ‘X’ Practice  where‘X’ isusedas  acollective  termforGDPGoodDistributionPractice,

GCPGoodClinical  practice,GLP –GoodLaboratoryPractice

GMPGoodManufacturingPracticeGPvPGoodPharmacovigilance  Practice


表示一系列的优良规范,GDP优良销售规范,GCP优良临床规范,GLP优良实验室规范,GPvP优良药物警戒规范

Data Quality

Theassurancethatdataproducedisexactlywhatwasintendedtobeproducedandfitforitsintendedpurpose.ThisincorporatesALCOA

数据质量

数据按其既定生成方式产生并适用其既定用途的保障。它包括ALCOA

ALCOA

AcronymreferringtoAttributable,Legible,  Contemporaneous,Originaland Accurate.


指可追溯性、清晰、同步、原始和准确

ALCOA  +

Acronymreferringto Attributable,Legible,  Contemporaneous,Original and Accurate ‘plus’ Complete,Consistent,Enduring,andAvailable.


指可追溯性、清晰、同步、原始和准确“加上”完整、一致、持久和可及性

DIRA

DataIntegrityRiskAssessment


数据完整性风险评估

Terminology

Thebodyoftermsusedwithaparticulartechnicalapplicationinasubjectofstudy,profession,etc.

术语

在研究对象或专业中与特殊技术应用程序一起使用的术语本身

Datacleaning

Theprocessofdetecting and correcting (orremoving)corruptorinaccuraterecordsfroma record  set,table,ordatabase  andreferstoidentifying incomplete,incorrect, inaccurate orirrelevantparts ofthedata  andthenreplacing,modifying, or deleting the dirtyor  coarsedata.

数据清洁

从一个记录系列、表、或数据库中发现和纠正(或删除)受损或不准确记录,并指向识别数据的不完整、不正确、不准确或不相干部分然后替换、修改或删除脏的或粗糙的数据的过程

Format

Thesomethingisarranged  orset out

格式

安排或设置的东西

Directlyaccessible

Atonce;withoutdelay

直接可进入

立即,没有延迟

Procedures

Writteninstructionsorotherdocumentationdescribingprocessi.e.standardoperating procedures(SOP)

程序

书面指令或其它描述流程的文件,即标准操作程序SOP

Advanced electronicsignatures

an electronicsignature  based upon cryptographicmethods oforiginatorauthentication, computed  byusing aset ofrules  andasetofparameters suchthat the identity ofthesignerand  theintegrity ofthe data  canbe verified.

先进电子签名

一种基于创作者身份认证加密方法的电子签名,使用一系列规则和一系列参数进行计算,如此签名者的身份和数据的完整性可以得到确认

Validated scanning  process

A processwherebydocuments/  itemsarescanned as aprocesswith  added controlssuchas location  identifiers and OCRsothateachpage duplicateddoes not have tobefurtherchecked byahuman.

经验证的扫描程序

一种文件/物品扫描程序,有增加的控制如位置识别器和OCR,使得所复制的每页均不需要经过人工检查


 

8.    References参考文献

1.    Computerised systems. In: The rules governing medicinal products in the European Union. Volume 4: Good manufacturing practice (GMP) guidelines: Annex 11. Brussels: European Commission. (http://ec.europa.eu/enterprise/pharmaceuticals/eudralex/vol-4/pdfs-en/anx11en.pdf).
计算机化系统,EU GMP附录11
2.    OECD series on principles of good laboratory practice (GLP) and compliance monitoring. Paris: Organisation for Economic Co-operation and Development. (http://www.oecd.org/chemicalsafety/testing/oecdseriesonprinciplesofgoodlaboratorypracticeglp  andcompliancemonitoring.htm).
OECD的GLP和合规监测原则系列
3.    Good Clinical Practice (GCP) ICH E6(R2) November 2016 (http://www.ich.org/products/guidelines/efficacy/article/efficacy-guidelines.html).
优良临床规范(GCP)ICH E6(R2)
4.    Guidance on good data and record management practices; World Health Organisation, WHO Technical Report Series, No.996, Annex 5; 2016. (http://apps.who.int/medicinedocs/en/m/abstract/Js22402en/).
优良数据和记录管理规范指南,WHO
5.    Good Practices For Data Management And Integrity In Regulated GMP/GDP Environments – PIC/S; PI041-1(draft 2); August 2016. (https://picscheme.org/en/news?itemid=33).
受GMP/GDP约束环境下数据管理和完整性优良规范,PIC/S
6.    MHRA GMP data integrity definitions and guidance for industry. London: Medicines and Healthcare Products Regulatory Agency; March 2015. (https://www.gov.uk/government/uploads/system/uploads/attachment_data/file/412735/Data_in  tegrity_definitions_and_guidance_v2.pdf).
MHRA GMP数据完整性定义和行业指南
7.    MHRA/HRA DRAFT Guidance on the use of electronic consent (http://www.hra-decisiontools.org.uk/consent/)
MHRA/HRA电子知情同意书使用指南草案
8.    EU Pharmacovigilance legislation: http://ec.europa.eu/health/human-use/pharmacovigilance
EU药物警戒法
9.    The Human Medicines Regulations 2012 (Statutory Instrument 2012 No. 1916):  http://www.legislation.gov.uk/uksi/2012/1916/contents/made
人药法规
10.    EU Good Pharmacovigilance Practice Modules:  http://www.ema.europa.eu/ema/index.jsp?curl=pages/regulation/document_listing/document_li sting_000345.jsp&mid=WC0b01ac058058f32c
EU 优良药物警戒规范模块

 

Revision History

Revision

Publication Month

Reasonforchanges

Revision  1

March2018

None.Firstissue.

 


powered by 魔灵书 © 2018 WwW.molingshu.Com