manual entries and recorded electronic data.

Lack of documentation for system outages impacting record integrity.

Such symptoms not only raise alarms regarding compliance but also indicate potential breaches of protocols that ensure data integrity and accuracy as outlined in 21 CFR Part 11 and EU Annex 11.

Likely Causes (by category: Materials, Method, Machine, Man, Measurement, Environment)

In addressing the symptoms noted, a structured approach to identifying the likely causes revealed several key areas of concern:

Cause Category	Specific Cause	Description
Man	Employee Training	Personnel were not adequately trained on the use of the ERES system.
Method	Data Entry Procedures	Inconsistent procedures for data entry led to discrepancies.
Machine	System Configuration	Improper configuration of ERES software resulted in missing audit trails.
Measurement	Calibration of Equipment	Failure to regularly validate electronic capture systems
Environment	IT Infrastructure	System interruptions occurred during critical electronic signature events.

Identifying these causes is crucial for developing an effective investigation strategy to prevent recurrence.

Immediate Containment Actions (first 60 minutes)

Upon notification of the discrepancies, immediate containment actions were essential to mitigate further risk and prevent non-compliance:

1. **Alert the Quality Assurance (QA) team** to review the current batch records and halt any ongoing batches pending resolution.
2. **Initiate an electronic freeze** on the system to prevent further entries or modifications until the investigation is completed.
3. **Conduct a quick assessment** of the last 24 hours of electronic transactions and document any unauthorized activities.
4. **Communicate with IT support** to evaluate the status of the electronic records system and identify any outages or errors occurring during the inspection.

These actions helped create a controlled environment which was crucial in maintaining data integrity while further investigations proceeded.

Investigation Workflow (data to collect + how to interpret)

Following the immediate containment actions, a structured investigation was initiated to collect relevant data and understand the scope of the issue:

• **Data Access Logs:** Examination of access logs to identify who interacted with the system during the timeframe of the discrepancies.
• **Audit Trails:** Review all available audit trails, focusing on points of entry where discrepancies were noted.
• **Batch Records:** Collect both electronic and manual batch records, comparing them for consistency.
• **User Training Records:** Assess whether personnel responsible for the entries had completed sufficient training on using the ERES system.
• **System Configuration Review:** Involve IT to evaluate the existing configuration of the ERES, identifying anomalies.

This data collection allowed for a thorough understanding of how the discrepancies arose and facilitated the next stage: root cause analysis.

Root Cause Tools (5-Why, Fishbone, Fault Tree) and when to use which

For this investigation, the following root cause analysis tools were applied effectively:

5-Why Analysis

Beginning with the 5-Why analysis, this method helped identify the core reason behind the failure of electronic signatures appearing for batch documentation. For instance:

1. Why were signatures missing? 
   - Because system did not prompt for signatures.
2. Why didn’t the system prompt? 
   - Due to improper software configuration.
3. Why was the software misconfigured? 
   - Personnel lacked training on best practices for configuration changes.
4. Why didn't they receive proper training? 
   - There was no documented training requirement established.
5. Why was there no documented requirement? 
   - Standard Operating Procedures (SOPs) were outdated.

Fishbone Diagram

The fishbone diagram was used to categorize potential causes more broadly, linking them back to specific categories such as People, Process, Equipment, and Environment. This method provided a visual representation that made it clearer to see interrelations between factors contributing to failures.

Fault Tree Analysis

Finally, a fault tree analysis of the electronic records system was performed, allowing for a more precise diagrammatic approach to assessing how failures propagate through software controls and user interactions.

CAPA Strategy (correction, corrective action, preventive action)

Based on the findings from the investigation, a comprehensive CAPA strategy was developed:

Related Reads

• Ensuring Compliance with Electronic Records and Electronic Signatures (ERES) in Pharma
• Ensuring EHS Regulatory Compliance in Pharmaceutical Manufacturing

• **Correction:** Addressed immediate issues by re-establishing proper electronic signatures for the affected batch and validating the integrity of rectified records.
• **Corrective Action:** Updated training programs for all personnel involved with ERES systems, ensuring completion of hands-on training and competency assessments.
• **Preventive Action:** Revise the SOPs and validate the software configurations regularly to prevent similar issues in the future. Implement a structured review of system changes to provide oversight.

This multi-faceted approach ensured that not only were immediate issues resolved but also, steps were taken to avoid recurrence of similar problems in the future.

Control Strategy & Monitoring (SPC/trending, sampling, alarms, verification)

To ensure compliance moving forward, a robust control strategy was developed:

• **Statistical Process Control (SPC):** Implement continuous monitoring of electronic records through SPC tools to detect deviations in real-time.
• **Regular Sampling:** Schedule regular sampling of records—both manual and electronic—to verify data integrity and catch anomalies early.
• **Alarm Systems:** Integrate alarm systems that will alert supervisors to failures in data entry or lapses in required signatures.
• **Verification:** Establish a process for periodic audits of the ERES to verify that controls are functioning correctly and ensure compliance with regulatory standards.

Validation / Re-qualification / Change Control impact (when needed)

The need for validation and re-qualification was immediate given the findings of system misconfiguration:

• **Re-qualification:** The ERES was subjected to a full re-qualification process to ensure compliance with GxP computerized systems requirements.
• **Validation Efforts:** Revised validation protocols were necessary to ensure changes made post-investigation validated that the system behaved as required.
• **Change Control:** Enhanced change control documentation was introduced to provide a structured approach for future modifications of the system.

By reinforcing validation efforts and change control, the organization aimed to create a culture of continual improvement and compliance.

Inspection Readiness: what evidence to show (records, logs, batch docs, deviations)

To prepare for potential future inspections, the following evidence should be collected and maintained:

• **Logs and Records:** All access logs and audit trails should be preserved and readily accessible for review.
• **Batch Documentation:** Maintain comprehensive batch records including all corrections made post-discrepancy.
• **Deviation Reports:** Clearly document any deviations and all actions taken to investigate and resolve those issues.
• **Training Records:** Ensure that training documentation is updated, including records of training sessions and competencies achieved by employees.

This evidence is essential in demonstrating compliance and an organization’s commitment to quality in electronic records management during regulatory inspections.

FAQs

What are electronic records and electronic signatures (ERES)?

ERES refer to the digital records and signatures used in compliance with regulatory requirements for data integrity in pharmaceutical operations.

What are the primary regulations governing ERES?

Key regulations include 21 CFR Part 11 and EU Annex 11, which outline the requirements for electronic records and signatures.

What are common failure modes associated with ERES?

Common failures include missing electronic signatures, system outages, and discrepancies between manual and electronic records.

How can organizations ensure ERES compliance?

Organizations can ensure compliance by implementing thorough training, continuous monitoring, and robust change control practices.

What documentation is necessary to show compliance during inspections?

Documentation should include access logs, batch documents, deviation reports, and training records among others.

What role do audits play in maintaining ERES compliance?

Regular audits assess systems and processes for compliance, ensuring ongoing adherence to regulatory requirements.

How can root cause analysis improve ERES management?

Root cause analysis identifies fundamental issues contributing to failures which can inform corrective actions and preventive measures.

What is the importance of validation in ERES systems?

Validation ensures that ERES systems perform as intended and meet regulatory requirements for data integrity and security.