also reported, raising red flags about the overall validity of the data.

Additional symptoms included:

• Frequent data entry errors noted in quality assurance logs.
• Inconsistencies between physical data entries and their electronic counterparts.
• System audit logs showing manipulation of data timestamps.
• Inability to retrieve archived electronic records during internal audits.

These symptoms were indicative of inadequate backup and archiving controls, prompting immediate attention to correct the identified issues.

Likely Causes

To thoroughly understand the underlying issues, it’s essential to categorize potential root causes. An analysis of the incident indicated several contributing factors, which can be classified as follows:

Category	Potential Cause
Materials	Outdated software utilized for electronic record management.
Method	Lack of standardized procedures for data entry and backup.
Machine	Inadequate server capacity leading to potential data loss.
Man	Insufficient training for employees on ERES handling.
Measurement	Failure to incorporate adequate monitoring tools for data integrity.
Environment	Poor cybersecurity measures allowing unauthorized access.

Immediate Containment Actions (first 60 minutes)

Upon recognizing the data integrity issues, the response team acted quickly to mitigate potential data loss. Critical containment actions included:

1. Immediate suspension of use of the impacted electronic record system to prevent further data entry.
2. Forming a cross-functional response team, including IT, Quality Assurance, and Compliance personnel.
3. Initiating a backup procedure for all active data in the system to safeguard against immediate loss.
4. Implementing access restrictions to all users to prevent further manipulation of data.
5. Documenting all immediate actions taken to ensure traceability and compliance.

Investigation Workflow (data to collect + how to interpret)

Following containment, a systematic investigation was initiated. This involved collecting various forms of data to support root cause analyses, including:

• Audit trail logs to track user activity and identify unauthorized access.
• Backup records to ascertain potential data loss or discrepancies in archived information.
• Previous internal audit reports to trace past compliance issues.
• Training records of employees who used the electronic record system for insights into knowledge gaps.
• Interviews with stakeholders to gain insights into observed anomalies and perceived system functionality.

The interpretation of this data was critical. For example, discrepancies in audit trail logs versus recorded actions indicated the extent of unauthorized modifications, leading to focused inquiries into staff training and access controls.

Root Cause Tools (5-Why, Fishbone, Fault Tree) and when to use which

Determining the root cause requires effective analytical tools. In this scenario, multiple approaches were utilized:

• 5-Why Analysis: The team utilized this method to drill down beyond symptoms to uncover primary causes, such as, “Why was there unauthorized access?” leading to “Because there were inadequate user permissions in the electronic records system.”
• Fishbone Diagram: This was employed to categorize potential causes visually, facilitating group discussions and focusing on specific areas such as Method and Environment.
• Fault Tree Analysis: This tool was utilized for complex system failures, particularly in understanding interdependencies in server errors associated with data loss risks.

CAPA Strategy (correction, corrective action, preventive action)

The Corrective and Preventive Action (CAPA) strategy was pivotal in addressing the identified failures:

Related Reads

• Mastering Regulatory Submissions and Dossier Preparation in Pharma
• Achieving QMS Compliance in the Pharmaceutical Industry

• Correction: Immediate fixes, such as adjusting user permissions and conducting thorough backups of electronic records.
• Corrective Action: Development of a comprehensive training program for all users and implementation of more rigorous access controls and monitoring systems.
• Preventive Action: Establishing an ongoing review of ERES compliance management procedures and implementing regular audits to ensure adherence to established practices.

Control Strategy & Monitoring (SPC/trending, sampling, alarms, verification)

To ensure ongoing compliance and data integrity, an effective control strategy was established, focusing on statistical process control (SPC) and continuous monitoring. Key elements included:

• Implementing real-time sampling to routinely check data accuracy.
• Setting up trending systems to identify patterns in data manipulation or loss over time.
• Establishing alarming systems for any unauthorized access attempts or data discrepancies detected within the electronic systems.
• Executing regular verification of backup systems to ensure integrity and recovery capabilities were maintained.

Validation / Re-qualification / Change Control impact (when needed)

Regulatory compliance requires that any changes made as a result of the incident must be validated and documented. Validation efforts were undertaken to verify the integrity of electronic records post-correction. This included:

• Re-validation of the electronic record systems after implementing new backup protocols to ensure compliance with 21 CFR Part 11 and EU Annex 11.
• Assessment of potential impacts on current and future validation and change control activities, including the addition of new users to the ERES.

Inspection Readiness: what evidence to show (records, logs, batch docs, deviations)

Effective inspection readiness demands comprehensive preparation. As part of the remediation strategy, the following evidence was gathered:

• Detailed records of all investigations carried out, including meeting notes and decision logs.
• Updated training records demonstrating all ERES users have undergone required training.
• Documentation of corrective and preventive actions taken, with associated timelines.
• All relevant audit trail logs for review during inspections.
• Archiving policies and backup records showing regular compliance checks.

FAQs

What are electronic records and electronic signatures (ERES)?

Electronic records are digital representations of data used throughout the manufacturing process. Electronic signatures are the digital equivalent of handwritten signatures used to verify the authenticity of electronic records.

What regulatory requirements apply to electronic records?

Electronic records are governed under 21 CFR Part 11 in the US and EU Annex 11 regulations, which establish criteria for their acceptance and compliance.

How can I ensure data integrity in my electronic records system?

Implement robust backup and archiving controls, establish access permissions, maintain comprehensive audit trails, and conduct regular training for all users.

What does CAPA involve in the context of electronic records?

CAPA in electronic records focuses on identifying underlying problems, correcting immediate issues, and preventing future occurrences through systematic improvements.

How often should backup procedures be conducted?

Backup procedures should be scheduled regularly, ideally daily or weekly, depending on data criticality and volume, while also ensuring backup integrity through verification processes.

What is the role of training in ERES compliance?

Training ensures that all employees understand their responsibilities regarding data integrity, proper use of electronic records, and compliance with regulatory requirements.

How do you demonstrate compliance during inspections?

Show comprehensive documentation, including SOPs for electronic records management, training records, audit trail logs, and CAPA reports related to data integrity.

What monitoring tools help with electronic records?

Statistical process control applications, automated alert systems for unusual access attempts, and scheduled integrity checks are key monitoring tools.