When carrying out reviews of particlecounters five general and important data integrity questions are:
当进行粒子计数器的审查时,有5个常见和重要的数据完整性问题:
Is electronic data available?
是否有电子数据?
Is electronic data reviewed?
是否对电子数据进行审核?
Is meta data (audit trails) reviewedregularly?
元数据(审计追踪)是否定期审核?
Are there clear segregation ofduties?
是否有明确的职责分工?
Has the system been validated for itsintended use?
系统的预期用途是否经过验证?
To add to theabove, ensuring that the counter has been calibrated by a competent person andits optical sensors are free from contamination, enable the data collected tobe reliable and representative of the cleanroom environment.
此外,亦须确保计数器已由合适的人员校正,其光学传感器亦没有受到污染,以确保所采集的数据可靠并能代表洁净室环境。
In addition tothese broader questions, individual particle counters should be assessedagainst regulatory data integrity expectations. The types of data integrityissues which can impact upon a particle counter, and thus which need anassessment, include:
除了这些广泛的问题,粒子计数器应根据监管数据完整性的期望进行评估。数据完整性问题的类型可能影响粒子计数器,因此需要进行评估,包括:
1. Lack of definitions of data, leadingto incorrect record storage. This can arise if personnel are unaware of whatthe raw data and the original record are (such as a print-out or a pdf ofparticle data), what comprises a complete record. The definition of data shouldbe captured in a procedure.
缺乏数据的界定,导致不正确的记录存储。如果人员不知道哪些是原始数据和原始记录(如打印输出或粒子数据的pdf)?一份完整记录由什么组成?那么就会出现这种情况。应在规程中描述数据的界定。
2. System access. Particle countersshould require password access, with each user having a unique password. Thisensures that each particle counting event is tied to a specific user, with dateand time information additionally captured.
系统访问。粒子计数器应要求密码访问,每个用户都应有一个唯一的密码。这可以确保每个粒子计数事件都追溯到具体的用户,取样日期和时间。
3. Hierarchy of control. The particlecounter should come equipped with different levels of access. This wouldinclude, as a minimum, a basic user, who can turn the counter on and off; asupervisor level, who can change location settings and review audit trails; andan administrator who can change limits or delete data or clear buffers. Theadministrator is typically someone independent of the users, as required indata integrity guidance, and ideally independent of the departments who use theparticle counter.
控制等级。粒子计数器应该配备不同级别的访问权限。这至少包括,一个基础用户,可以开启和关闭计数器;一个主管级别用户,可以改变采样点设置和审查审计追踪;以及一个管理员账户,可以改变限度或删除数据或清除缓存。管理员通常由独立于用户的人员担任,正如数据完整性指南要求的那样,理想情况下是独立于粒子计数器的使用部门。
With control oflocation settings, technology is available for remote particle counters wherethe location identification is embedded in a location mounting bracket ratherthan the particle counter, which is more reliable for trending a given locationof the level of airborne particles at a specified position in the cleanroom.
对于采样点设置的控制,可以利用技术将位置标识嵌入位置安装支架而不是远端的粒子计数器中,这种技术对于在洁净室指定位置确定空气中粒子水平的给定位置更为可靠。
4. In relation to passwords and accesslevels, each instrument is expected to have an approved list of users alongwith their job titles. As people leave an organization, their user name andpassword need to be removed from the counter and the user list updated by theadministrator.
关于密码和访问级别,每台仪器都应有一份经核准的用户清单及其职务名称。当人员离职时,他们的用户名和密码需要从计数器中删除,并由管理员更新用户列表。
5. Data capture, where data is capturedin temporary files. Unless particle counters are connected to a facilitiesmanagement system, the long-term storage of the raw data is not possible sincea typical portable particle counter will only hold a buffer ofa set number of data points and once the buffer is full the data isoverwritten. This means data must be printed-out or transferred at regularintervals in order to prevent data loss.
数据采集,如数据被采集到临时文件中。除非粒子计数器连接到设备管理系统,否则不可能长期保存原始数据,因为一个典型的便携式粒子计数器只能容纳一定数量数据点的缓存,一旦缓存满了,数据就会被覆盖。这意味着数据必须定期打印或传输,以防止数据丢失。
6. Data retrieval, which follows on fromdata capture. This concerns the ability to retrospectively retrieve data aftera particle counting session and this is again linked to the ability to retrievestored data, which will be limited by the buffer overwriting and the inabilityto store data in an electronic format for long periods of time without removingthat data to a secondary source or turning that data into a record (print-outor pdf).
数据检索。这涉及到在粒子计数之后回顾性检索数据的能力,这又关系到已存储数据的检索能力,数据检索将受到缓存覆盖以及无法长时间以电子格式存储数据的限制,如不将数据转移到辅助来源或将数据转换为记录(打印输出或pdf)。
Where data canbe produced as a portable document file rather than as a print-out, this addsgreater security. The pdf cannot be adjusted, and the paper is less likely tofade. With the print-out, this is often on thermal paper, which is prone tofading. Where a facilities monitoring system is used this will bring with itsimilar data integrity concerns as with a particle counter. However, the data iscaptured electronically leading to fewer ‘touch points’ compared with thestandalone counter where data typically has to be transcribed or entered into adatabase. Each data entry is a step where error can occur. Toovercome this, some particle counters have the functionality for datatransmission where data is transmitted via wired or wireless ethernet to asecure server where the user keeps the final records. This form of datatransfer can prove to be robust provided the process of data transfer has beenqualified.
如数据可以生成PDF文件而不是打印文件,将增加更大的安全性。PDF文档不能修改,也不太可能褪色。而打印,往往是热敏纸,很容易褪色。如果使用设施监测系统,这将带来与粒子计数器类似的数据完整性问题。然而,数据是通过电子方式捕获的,因此与通常需要将数据转录或输入数据库的单机版计数器相比,“人工介入”更少。每个数据输入都是可能发生错误的步骤。为了解决这个问题,一些粒子计数器具有数据传输的功能,通过有线或无线以太网将数据传输到安全的服务器。如果数据传输过程经过确认,这种形式的数据传输是可靠的。
7. File deletion can occur where raw dataand metadata (‘data about data’, such as the time of sampling) are deleted fromthe counter before the data has been printed-put or transferred.An effective counter will have different levels of password access, with datadeletion only permitted by an administrator. Furthermore, the counter shouldhave an electronic audit trail in place so that any deletion of data istraceable.
原始数据和元数据(“数据的数据”,如采样的时间)在打印或传输之前,可能被删除。一个有效的计数器将有不同的密码访问级别,只有管理员才允许删除数据。此外,计数器应有电子审计追踪,以便追踪任何数据删除行为。
8. System security. In relation to aparticle counter this relates to access to the clock and calendar functions. Itshould not be possible for the user to alter the date or time, and suchpermission should rest with the administrator. Where the time is changed (suchas switching from daylight saving) this must be captured in the audit trail.Not having the particle counter clock in synchronicity with ‘real time’ wouldresult in the inability to link any significant particle count fluctuations withspecific events.
系统安全。关于粒子计数器,这涉及到对时钟和日历功能的访问。用户不应该可以更改日期或时间,这种权限应交由管理员。当时间改变时(例如切换夏令时),必须在审计追踪中捕捉到这一点。粒子计数器时钟不“实时”同步将导致无法将任何重大粒子计数波动与特定事件联系起来。
9. A further best practice element ofdata integrity is what to do during a ‘disaster’. This can range from asystematic failure where no data can be recovered to failure of instruments.The expectation is that disaster scenarios are documented. While this isunlikely to go into a standard operating procedure for a counter it might becaptured in a site policy or position paper.
数据完整性的另一个最佳实践要素是在“灾难”期间应该做什么。“灾难”可能是系统性故障,无法恢复数据,也可能是仪器故障。我们的期望是,灾难预案形成文件。虽然这不太可能成为一个计数器的标准操作程序,但它可能会被写入工厂的方针或立场文件。
Other Areas of Cleanroom Operations
洁净室操作的其他领域
There are otherareas to which data integrity can be applied. These include the systemsdesigned to monitor cleanrooms for pressure differentials. Such data isrequired to assess that the pressure differential between adjacent areas of adifferent cleanroom class, or in relation to an airlock, have not fallen toolow or gone negative, as well as to assess trends so that performance of theoverall air control system can be assessed. As with the particle counter, thedata needs to be time and date related; to be backed-up or stored long-term. Inaddition, the data capture system needs to be password controlled.
还有其他适用数据完整性的领域。包括用于监测洁净室压差的系统。这些数据用于评估不同洁净级别的邻近区域之间的压差,或与气闸有关的压差,没有降得太低或变成负值,以及评估趋势,以便评估整个空调系统的性能。与粒子计数器一样,数据需要与时间和日期相关联;需要长期备份或保存。此外,数据采集系统需要密码控制。
Data integrityalso extends to good practices in relation to assessing critical cleanroomparameters, such as pressure, temperature and humidity. The failure toacknowledge and investigate alarms would, for instance, be raised as a dataintegrity citation by a regulator. Where there is no system in place forautomated data capture, other data integrity concerns, which link to ethicalbehavior to support GMP, would extend to overwriting of data; backdating ofrecords; ineligible data; failure to give data context in terms of date andtime; incomplete data; and to missing data.
数据完整性还延伸至与关键洁净室参数(如压差、温度和湿度)的评估有关的良好实践。例如,未对报警进行报告和调查可能会被监管机构作为数据完整性缺陷提出。在没有自动数据采集系统时,其他用以支持GMP的道德行为问题,将延伸到数据覆盖、倒签记录;错误数据;未能提供日期和时间方面的数据环境;数据不完整;以及数据缺失。
Other areaswhere verification is important relate to gown control. Where reusable gowns arein place, the supply chain needs to be controlled to ensure that gowns arecollected, washed, laundered and (if required) sterilized. Many facilities haverestrictions on the number of times that a gown can be used since the cycle oflaundering and sterilizing will, at some point, affect gown integrity. Whilethis can be recorded manually, a more secure and reliable way to control gownuse is through the use of barcodes.
其他重要的领域包括洁净服控制。如洁净服可重复使用,需要对供应链进行控制,以确洁净服得到收集、清洗和(需要时)灭菌。许多工厂对洁净服的使用次数有限制,因为清洗和灭菌的程序在某种程度上会影响洁净服的完整性。虽然这可以手动记录,但一个更安全和可靠的方式是通过使用条形码。
