Data integrity has always been a key component of all the cGMP’s, only now taking on greater emphasis due to the use of electronic records / signatures. Cybersecurity is the preventing the theft / modification of e-records by unauthorized access. A growing concern for all – legal, financial, consumer, personal, and the FDA. t’s a recent concern for the medical products industries, a result of growing requirements for documentation / record keeping and companies increased reliance on networked electronic software, records and signatures.
The cGMPs have been around for decades. Electronic documentation requirements are newer. Initially there were regulations such as 21 CFR Part 11 in the U.S. and Annex 11 in Europe. But they are insufficient to prevent this growing threat. The FDA and news media have emphasized the prevalence of cybersecurity issues, such as data / identity theft, and hacking which pose hazards to many activities and businesses / industries.
Cybersecurity is an issue that will only increase over time, as records become more electronic, and communications are more networked or accessible to outsiders / hackers. As a result the FDA has mandated further requirements to be taken by regulated industries to better control data integrity and the cybersecurity threat, in validations, cGMP documentation, submissions to the Agency.
- Key Guidances on Cybersecurity
- Draft Guidance on Data Integrity
- How the cGMPs are Affected
- FDA’s enforcement approaches
- System vulnerabilities, Cloud, updates and other concerns
- Documented at Time of Performance
- Backup Data – the uncommon meaning
- Storage and retrieval”
- Original records,” “true copies,” or other “accurate reproductions
- Validation and unique documentation requirements
Who will Benefit
- Senior management
- Quality Assurance
- Regulatory Affairs
- Software development
- Programming, Documentation, Testing teams
- Research and Development
- Operations / Production
- Regulatory consultants
- Everyone involved in the U.S. FDA-regulated (cGMPS) and CE-marking (EU MDR) environments. Especially those involved in new medical product / combination product development, line extensions, and incremental product improvements; having to address data integrity and cybersecurity and validate and then document their decisions in harmony with regulations.