10 STANDARDS AND PROCEDURES
Annex 117 is part of the European GMP Guidelines
and contains terms of reference for computerized
systems used by organizations in the pharmaceutical industry. Note that Annex 11 is a guidance, not
a regulation ( 21 CFR Part 11 is a regulation).
Annex 11 defines the criteria for managing electronic records and signatures. These guidelines are similar
to those of their U.S. counterpart. The central consideration of both the EU GMP Annex 11 and 21 CFR Part
11 documents is to ensure that records are entered correctly, cannot be tampered with, can be stored for the
retention period as well as retrieved (in full) at any time
during use and during the retention period. In each
regulation, there is a strong focus on record accuracy,
integrity, security, and retrieval.
From the guidance, there are several important
components of a proper data management system,
which forms the basis for the following recommended standard operating procedures (SOPs).
FDA Data Integrity and Compliance with cGMP
Guidance for Industry
This FDA guidance document is currently a draft
guidance8 intended to clarify the role of data
integrity in current good manufacturing practice
(cGMP). The primary expectation is for data to be
accurate and reliable. It does not establish legally
enforceable responsibilities, but rather describes
the FDA’s current thinking. It is not a required
document to adhere to, but it is advisable to be
familiar with the text.
Key technical terms used in this document
• Static record format, where static indicates a
fixed data document such as a paper record or
• Dynamic record format, which means a record
that allows interaction between the user and
record content, such as entering values manually in the system database.
• For a computer or related system, the “system”
refers to the ANSI definition, which includes
people, machines, and methods organized to
accomplish a set of specific functions. In addition, this system can include compute hardware,
software, peripherals, networks, cloud infrastructure, operators, and documents (manuals,
MHRA GxP data integrity guidance
The MHRA GxP guidance document produced by
the United Kingdom emphasizes that data integrity is fundamental to ensuring that medicines are
of the required quality in a pharmaceutical quality
system. The result of effective, robust data governance is complete, consistent, and accurate data
used throughout the system.
To safeguard against unethical behavior, the following is the recommended best practices:
• Data manipulation should not be allowed.
• All records should be created automatically (and
not created after the fact from memory).
• Data should retain its unchanged time information.