大数跨境
首页
>
APIC《数据完整性问答》第3版更新啦!变更内容&双语对照
>
0
0

APIC《数据完整性问答》第3版更新啦!变更内容&双语对照

APIC《数据完整性问答》第3版更新啦!变更内容&双语对照 小易说合规
2025-10-20
1
导读:APIC《数据完整性问答》第3版更新啦,一起来看看吧:
PART.01
变更内容
第三版增加了空白表格 (Blank Forms) 控制策略,详细说明了如何控制从电子系统中打印出来的空白表格,内容梳理如下:
  1. 定义
2. 表格关键性 (Criticality) 的评估与定义
需进行表格关键性评估,定义表格关键性级别,主要考虑以下三因素:
1)数据关键性:表格记录的数据的关键性。例如,是用于生产和放行活动,还是用于支持流程。
2)伪造可能性:发生伪造的可能性。例如,相较于由同一部门且仅限少数人员印制使用的表格,由不同部门及人员共用或由独立部门印制的纸质表格更不易被篡改(跨部门流通表单/独立部门集中印制)。
3)数据冗余度:表格记录数据的冗余度水平。例如,是主要原始数据,还是总结或引用了在其他地方也记录的数据。
3. 针对关键表格的控制策略和增强 DI 保证的措施
根据表格关键性采取不同级别的控制措施。对于关键表格保证措施如下:
4. 表格设计要求(避免 DI 问题)
表格设计应避免潜在的数据完整性问题,设计要求包括:
• 清晰的字段定义:清楚地定义用于记录数据的字段,使操作员清晰理解如何输入数据,包括规范限制和/或示例。
• 异常处理指导:如果数据不符合预期如何处理的说明。
• 逻辑序列:确保表格具有逻辑时间序列。
• 标准化:采用公司可识别和标准化的模式/框架。
• 归档规则:定义表格归档规则。
PART.02
原文中英双语附后:
原料药委员会(APIC)数据完整性常见问题(FAQ)
FAQ-DI-APIC-TF-Version-3-Oct-25
1. Introduction引言
This document contains a collection of frequently asked questions that have been submitted by the industry to the DI taskforce. The intention of this document is that this is a living document that will be updated as new questions are opposed to the group.
本文档汇集了行业向数据完整性(DI)工作组提交的常见问题。本文件旨在成为一份动态更新的文档,当有新问题提交给该工作组时,文档将随之更新。
Questions to the taskforce can be submitted by using this link: Contact - APIC (cefic.org)。
如需向工作组提交问题,可通过以下链接:Contact - APIC(cefic.org)。
2. Digital and electronic signatures数字签名与电子签名
Q1: What is the difference between a digital and an e-signature?
问题1:数字签名与电子签名有何区别?
A: A digital signature is attached to an electronic file and not maintained within an electronic system and stays with the data and moves with the data. The signature can be verified by the recipient. An e-signature is executed and maintained within a validated electronic system and stays in the electronic system. The e-signature can only be verified in the source system.
答:数字签名附加在电子文件上,并非在电子系统内维护,它与数据绑定并随数据一同转移,接收方可验证该签名;电子签名在经验证的电子系统内执行和维护,仅存在于该电子系统中,且只能在源系统中验证。

Q2: What is the best practice to handle hybrid signature?
问题2:处理混合签名的最佳实践是什么?
(Hybrid signature is mixing handwritten or ‘wet’ signatures and digital signatures/e-signature on the same document)
(混合签名指在同一份文档上同时使用手写签名(“湿签名”)与数字签名/电子签名)
A: It is the preference to sign off documents fully wet or fully digital. Hybrid signature should be more exceptional if there are no other options. In that case the handwritten signature(s) must be applied first and afterwards the document can be prepared for digital signature(s). In that way the metadata for the digital signature(s)/e-signature(s) can be maintained. The fully signed electronic document is the official GXP document. (a printout doesn’t contain the metadata and verification of digital signatures/e-signatures can’t be done) The wet or a true copy of the wet signature and e-signed copy must be kept as a linked document in a secure, validated for intended use, environment, in line with the company’s record management policy.
答:文档最好全程使用湿签名或全程使用数字签名。只有在无其他可选方案时,混合签名才应作为特殊情况使用。若使用混合签名,必须先签署手写签名,之后再为文档准备数字签名,这样才能保留数字签名/电子签名的元数据;经完整签署的电子文档是正式的GXP文档(打印件不包含元数据,无法验证数字签名/电子签名),湿签名或湿签名的真实副本,以及电子签名副本,必须按照公司的记录管理政策,作为关联文档存储在安全且经验证符合预期用途的环境中。

Q3: Is it acceptable to use a scanned image of a wet signed document as GXP? (internal use)
问题3:将湿签名文档的扫描件用作GXP文档(内部使用)是否可行?
A: It is only acceptable if the scanned image is a verified true copy of the original wet signed record and allowed by your local, legal and regulatory requirements. The wet or a true copy of the wet signature must be retrievable, reproducible and unaltered for the retention period of the record.
答:只有当扫描件是原始湿签名记录的经验证真实副本,且符合当地法律法规要求时,才可行;在记录的保存期内,湿签名或湿签名的真实副本必须可检索、可重现且未被篡改。

Q4: How do I need to handle a document with a scanned image of a wet signed document that I also need to sign? (external use, e.g. with third parties, working on different locations)
问题4:若一份包含湿签名扫描件的文档还需本人签名(外部使用,如与异地第三方合作),应如何处理?
A: This document can be used if the party who’s sending this scanned document has an established true copy process in place and the scanned document is already verified and attested as a true copy. The sender should have and an established document retention policy in line with your expectations.
答:若发送该扫描件的一方已建立真实副本流程,且该扫描件已被验证并证明为真实副本,则可使用该文档;发送方应制定符合你方预期的文档保存政策。

Q5: How do we handle digitally signed documents in an electronic document management system?(e.g. loading an Adobe digitally signed document into your document management systems without loosing the digital signature certificate)
问题5:如何在电子文档管理系统中处理数字签名文档?(例如,将Adobe数字签名文档加载到文档管理系统中,且不丢失数字签名证书)
A: The document management system should be validated for this intended use, verifying that the digital signature is maintained in the system and that it is possible to retrieve it when necessary. This process should be defined and documented. If it is not possible to maintain this digital signature in the system, the digitally signed document should be stored in a secure validated environment.
答:文档管理系统必须经验证符合该预期用途,确保数字签名在系统中得以保留,且在需要时可检索,此流程需明确规定并形成文件记录;若无法在系统中保留该数字签名,则应将数字签名文档存储在安全且经验证的环境中。
3. Password management密码管理
Q1: When I logged into a system, do I need to re-authenticate myself for every data entry?
问题1:登录系统后,每次录入数据都需要重新验证身份吗?
A: No, it depends upon the criticality of the data/action. This criticality should be based upon process mapping and a risk assessment as explained in the guide. Criticality of the data and/or responsibility associated with the action should be taken into account when evaluating electronic signature requirements.
答:不需要,这取决于数据/操作的重要性;数据/操作的重要性应基于流程图谱和指南中所述的风险评估来确定,评估电子签名要求时,需考虑数据的重要性以及与操作相关的职责。

Q2: What are the requirements for e-signature components?
问题2:电子签名组成部分有哪些要求?
A: This practice is described in 21CFR11, chapter 11.200 ‘e-signature and components’: (i) When an individual executes a series of signings during a single, continuous period of controlled system access, the first signing shall be executed using all electronic signature components (= user ID and password or biometrics); subsequent signings shall be executed using at least one electronic signature component that is only executable by, and designed to be used only by, the individual. (ii) When an individual executes one or more signings not performed during a single, continuous period of controlled system access, each signing shall be executed using all of the electronic signature components.
答:《联邦法规汇编》第21篇第11章(21CFR11)第11.200节“电子签名及组成部分”对此操作有相关规定:(i)当个人在单次连续的受控系统访问期间执行一系列签名操作时,第一次签名需使用所有电子签名组成部分(即用户ID和密码或生物识别信息),后续签名至少需使用一个仅该个人可执行且仅为该个人设计使用的电子签名组成部分;(ii)当个人在非单次连续的受控系统访问期间执行一次或多次签名操作时,每次签名均需使用所有电子签名组成部分。

Q3: Is the storage of passwords in the internet browser allowed for GXP applications?
问题3:在GXP应用程序中,允许在互联网浏览器中存储密码吗?
A: No, ideally this feature should be deactivated in all browsers used for GXP applications.
答:不允许,理想情况下,所有用于GXP应用程序的浏览器都应禁用此功能。
4. Access management访问管理
Q1: Can I use generic accounts for 3rd party support employees? (e.g. lab technicians, on-line support SAP)
问题1:第三方支持人员(如实验室技术人员、SAP在线支持人员)能否使用通用账户?
A: No. The account should be attributable to the person executing the actions and there should be processes and systems in place to manage this.
答:不能;账户应可追溯到执行操作的个人,且需有相应的流程和系统来管理这一要求。

Q2: Can we extend the time of a user session before this is automatically locked for inactivity because of a HSE (health-safety-environment) concern? (e.g people need to interact in case of emergency in a DCS-distributed control system in production)
问题2:出于健康、安全与环境(HSE)考虑(例如,生产过程中分布式控制系统(DCS)出现紧急情况时,人员需进行干预),能否延长用户会话自动锁定前的无活动时间?
A: The inactive time of a user session should be managed by the user locking their computer station when they move away for an extend period of time to prevent unauthorised actions been taken by other persons. The automatic lock is a security measure. A reasonable amount of time should be supported by a risk assessment. This type of HSE concern should be managed independently of the GXP system with an emergency stop button as an example. If this is approach is not feasible, the computerized system should be designed as such that a fast intervention is possible. It is best practice for a system like a DCS to be configured in such a way that the screen does not completely goes into operating system lock and actions can be taken by clicking on the valve or object and entering a password to confirm the action.
答:当用户需长时间离开时,应锁定其计算机工作站,以防止他人进行未授权操作,从而管理用户会话的无活动时间,自动锁定是一项安全措施,合理的延长时间需有风险评估作为支撑;此类健康、安全与环境相关问题应独立于GXP系统进行管理,例如设置紧急停止按钮,若该方法不可行,则计算机化系统的设计应确保可快速进行干预,对于分布式控制系统(DCS)这类系统,最佳实践是将其配置为屏幕不会完全进入操作系统锁定状态,点击阀门或相关对象并输入密码确认后,即可执行操作。
5. Record life cycle management记录生命周期管理
Q1: How to protect critical paper records? Is it necessary to scan all records or is physical protection(fire protected cabinets, location of the paper record archive(s)) sufficient?
问题1:如何保护重要纸质记录?是否必须扫描所有记录,还是仅通过物理保护(防火柜、纸质记录档案存放位置)即可?
A: Records should be protected and retrievable for the appropriate retention period. There is no need to scan under the condition that the documents are stored in a safe and secure environment.
答:记录应妥善保护,在相应的保存期内可检索;只要文档存储在安全可靠的环境中,就无需进行扫描。

Q2: Is it allowed to replace a physical paper archive if your scan your records? Can the paper records be destroyed afterwards?
问题2:若扫描记录,能否用数字副本替代物理纸质档案?之后能否销毁纸质记录?
A: In practice this is possible if the digital copy is a true copy, however you need to comply with local legal and regulatory requirements to decide if you can destroy the paper records or not.
答:实际上,若数字副本是真实副本,则可替代;但能否销毁纸质记录,需符合当地法律法规要求。

Q3: If hardware and/or software packages are not supported anymore (Windows updates, application software), is it possible to print out the electronic data or do you need to keep the 'old' systems up and running? (with the risk that you're not able to see the electronic data anymore in case of soft and hardware errors)
问题3:若硬件和/或软件包不再受支持(如Windows系统更新、应用程序软件停止支持),是可以将电子数据打印出来,还是需要维持“旧”系统运行(存在软硬件故障导致无法查看电子数据的风险)?
A: A print-out is only allowed if it is a true copy with all raw data and meta-data. In practice this is very difficult. The first option is to migrate those data to an appropriate system. Another option is to create a virtual environment where you can run the legacy system in a validated state and where all data can be retrieved.
答:只有当打印件是包含所有原始数据和元数据的真实副本时,才允许打印,但在实际操作中,这一点很难实现;首选方案是将这些数据迁移到合适的系统中,另一种方案是创建虚拟环境,在经验证的状态下运行旧系统,确保所有数据均可检索。

Q4: If approved forms and templates that are part of a procedure are printed out of an electronic system just before use (e.g. training attendees sheets, checklists, housekeeping checklists, ...), is it necessary to have controlled issuance of those templates and forms, and to have a systematic audit trail review of those printing activities?
问题4:若从电子系统中打印经批准的表格和模板(属于程序的一部分)以备使用(如培训签到表、检查表、内务检查表等),是否需要对这些模板和表格进行受控发放,并对打印活动进行系统性审计追踪审查?
A: The term “FORM” should be used to refer to the controlled copies (blank forms) obtained from approved TEMPLATES stored as paper or through and electronic system. If the form is printed and data is collected on paper, various provisions are to be taken to assure proper adherence to ALCOA+ principles; paper may not fully effective to prevent falsification. When the data are collected with electronic means, the controls has to be provided by the electronic system itself. The criticality of forms should be defined, and controls should be based on criticality.
答:“表格(FORM)”一词应指从纸质存储或电子系统中存储的经批准模板(TEMPLATE)获取的受控副本(空白表格);若打印表格并以纸质形式记录数据,需采取各类措施确保严格遵守ALCOA+原则(纸质形式在防止伪造方面可能效果不佳),若以电子方式记录数据,则需由电子系统本身提供相应控制;需明确表格的重要性,并根据重要性制定控制措施。
A. Different levels of controls can be put in place to discourage falsification. For critical forms means to increase data integrity assurance include control the issuance of those documents, including controlled access for printing, reasoning for reprint, authentication of the original copy (e.g with stamps or signatures), control of distribution, binding in logbooks, second person review, reconciliation also through the audit trail review. Not all the above controls have to be put in place for all forms, in order to put the highest effort on most critical forms.
A. 可采取不同级别的控制措施来防范伪造,对于重要表格,提高数据完整性保障的措施包括控制文档发放(含打印访问控制)、记录重印理由、验证原始副本真实性(如盖章或签名)、控制分发、装订到日志本、双人审核、通过审计追踪审查进行核对等,无需对所有表格都实施上述所有控制措施,应将主要精力放在最重要的表格上。
B. The criticality of forms can be defined based on the criticality of data they will record (i.e if they are used for production and release activities or for supporting processes), but also based on the probability that a falsification takes place (e.g. a printed form that is shared between different departments and personnel or printed by an independent department is less prone to falsification than a form that is printed and used by the same department and by a limited number of people); the level of redundancy of the data that the form will capture (i.e. if it captures primary raw data or it summarizes or refer to data recorded also elsewhere) can also be considered in the form criticality assessment.
B. 表格的重要性可根据其将要记录的数据的重要性(例如,用于生产和放行活动的数据,还是用于辅助流程的数据)、伪造发生的可能性(例如,在多个部门和人员间共享或由独立部门打印的表格,比由同一部门、少数人打印和使用的表格更难被伪造)以及所记录数据的冗余程度(例如,记录的是原始数据,还是汇总数据或引用其他地方已记录的数据)来确定。
As per the example in the question, for the lower criticality blank forms (e.g. training attendees sheets), controlled printing only can be applied; for checklists, the control strategy should be designed based on the criticality of the data being collected.
如问题中的示例所示,对于重要性较低的空白表格(如培训签到表),仅需实施受控打印即可;对于检查表,则需根据所收集数据的重要性设计控制策略。
Finally, forms should carefully designed to avoid potentials for data integrity issue including: 
最后,表格设计应谨慎,避免潜在的数据完整性问题,包括:
• Clearly defined fields to record data that allows the operator to understand how the data should be entered including specification limits and/or exempla 明确界定数据记录字段,让操作人员清楚如何录入数据(含规格限值和/或示例);
• Instructions on what to do if data do not fit the expectations说明数据不符合预期时的处理方法;
• Logic time sequencing 合理的时间顺序
• Company Recognizable and standardized pattern/frame公司可识别的标准化格式/框架
• Archiving rules 归档规则
6. Various其他
Q1: How to deal with analytical testing where data is a visual check? (appearance, insoluble matter testing, TLC, ...)
问题1:如何处理数据需通过目视检查获取的分析测试(如外观检查、不溶物测试、薄层色谱(TLC)测试等)?
A: See table 1 ‘Minimum system requirements based on categories’ in the guide.
答:详见指南中的表1“基于类别的最低系统要求”。

Q2: Is it allowed to use a personal notes in a lab or production environment? (personal notes: containing training info/attention points you documented during training or during discussions with colleagues,...)
问题2:在实验室或生产环境中能否使用个人笔记?(个人笔记:包含培训期间或与同事讨论时记录的培训信息/注意事项等)
A: No. All information needed to perform activities in a GXP environment should be described in controlled procedures and work instructions. Any data supporting a GXP batch must be controlled, maintained and reviewed.
答:不能;在GXP环境中开展活动所需的所有信息,都应在受控程序和作业指导书中说明,所有支持GXP批次的相关数据,都必须受控、保存并审查。
中英文双语版,点击链接下载:
原料药委员会APIC数据完整性常见问题FAQV3.0-中英双语.pdf

【声明】内容源于网络
0
0
小易说合规
1234
内容 18
粉丝 0
小易说合规 1234
总阅读85
粉丝0
内容18