Data integrity risks are inherently proportional to the complexities of the processes and computerized systems where the data is sourced from. Particle counter data plays a critical role in the pharmaceutical product lifecycle. By selecting the right equipment and services, you can mitigate these risks and have more reliable data from a validated source.
There is much discussion lately on the topic of “data integrity.” Organizations such as the Food and Drug Administration (FDA) and Medicines and Healthcare Products Regulatory Agency (MHRA) in the United Kingdom and other such regulatory organizations around the world have released industry guidelines for data integrity. PIC’s Guidance on Data Integrity was published in August 2016. Health Canada, the World Health Organization (WHO), and the Therapeutic Goods Administration (TGA) in Australia have all also discussed data integrity, stemming from FDA’s ALCOA approach.
FDA warning letters within the last year have cited several companies for a lack of data integrity in their processes and for flaunting data integrity based on a lack of proper traceability and security measures.
A new acronym, ALCOA, had been released to the masses. In April 2016, the FDA released a draft guidance document entitled “Data Integrity and Compliance with CGMP Guidance for Industry.” Under the question of “What is Data Integrity?” the following answer was provided by the FDA:
For the purposes of this guidance, data integrity refers to the completeness, consistency, and accuracy of data. Complete, consistent, and accurate data should be attributable, legible, contemporaneously recorded, original or a true copy, and accurate (ALCOA).
Although ALCOA has been around for many years, it has now taken on a phoenix-like resurgence. But data integrity is nothing new. Data integrity has been the expectation in PIC’s Guide to GMP, Chapter 4 and Annex 11, ISO 13485: Sections 4.2.3, 4.2.4, as well as the Australian Code to GMP human blood, blood components, human tissues and human cellular therapy products: Sections 400-415.
As you see, data integrity is not new — however, I would like to explain what you should look for when investing in a monitoring system or portable monitoring instruments such as particle counters, which sample and record critical environmental data used to make informed decisions about cleanroom status, product safety, and batch releases during a product’s lifecycle.
What does ALCOA actually mean?
ALCOA is basically a set of guidelines which assist in verifying if your data is Attributable, Legible, Contemporaneous, Original, and Accurate. Since particle counter data is deemed critical data, it is important to understand that the data source is accurate and reliable, and the system or instrument can be validated to verify data records and who made them. Follow the who, what, when, and where approach, and then ALCOA will make sense.
Where does ALCOA fit into systems that monitor your critical environments? Remote and Portable Particle Counter instruments used in non-viable monitoring must have data integrity and data accuracy. The data records must be reliable and traceable and above all accurate. Since we are monitoring invisible particles, how can we be sure the data is good data?
Finding the weak points
Where are the vulnerable areas where data from a particle counter could be questionable and the integrity compromised?
There are several areas to look closely at when selecting the right particle counter for your monitoring system and mitigating data integrity risks in order to minimize and reduce product recall and further investigations.
Location: Are you 100 percent sure that the particle counter is in the right location? Is the location ID built into the remote sensor? Are we sure that after the unit comes back from service that it has been put back in the right location? Human error plays a major role and it has been shown that mistakes can occur and remote particle counters coming back from service are mistakenly placed at the wrong location. What does this mean? As the data coming from the sensor is picked up from the EMS from the wrong location, a small mistake can have a huge impact and lead to major data integrity issues.
Solution: Look for remote particle counters with technology where the location ID is embedded in the location mounting bracket rather than the particle counter. This way, any remote particle counter can be inserted and the data will be confirmed from the right location 100 percent of the time.
Particle count data integrity: Current airborne particle counters use light scattering technology with a laser diode and a photo detector to convert light scattered from a particle into raw electrical data (mV signal) and the particle counter electronic circuits can interpret this data for particle size accuracy and particle count accuracy. The level of light scattered is proportional to the size of the particle.
Solution: Choose a particle counter that has the best “self-diagnostics” which constantly monitor the sensor’s health. The more diagnostics there are, the more likely a service alarm will trigger an event that can be managed quickly and without major data compromises or product integrity questions being raised.
Laser health: If the laser light is not running at its optimum intensity then there is an accuracy error factor that comes into play. Laser health should be monitored consistently and error signals communicated if laser levels drop below optimum ranges.
Solution: Confirm that laser power has a feedback loop that is constantly monitored to keep laser power at optimum levels, and if not, a laser fault service alarm should be issued to notify users there is an issue with the laser and therefore the data could be compromised and not accurate.
Photodetector health: If a photodetector (the electronic device that picks up scattered light from the particle passing through the laser beam) is defective, some less technologically advanced remote particle counters will continue reporting zero counts and no light will be picked up and therefore no counts will be registered. Even if particles are present they will go through the particle counter optics undetected. In normal clean environments reporting of 0 counts for several hours is not uncommon. There is a false sense of security if the photodetector is not monitored.
Solution: Choose a sensor where the photodetector is monitored so zero count errors are not going to be an issue due to a dead photodetector.
Sensor health: One of the biggest problems with particle counter data integrity occurs when contamination builds up around the sensors optics and mirrors. This normally happens during cleaning operations when the inlet is not capped, causing cleaning solution to coat the optics, which cause the sensor to fail calibration. If you are on annual calibrations and there is a calibration failure, how confident are you in your data for the last 12 months?
Solution: A particle counter that monitors sensor health is a good choice and assists in sending out service notifications when background contamination becomes an issue. These advanced instruments can mitigate failed calibrations and assist in maintaining data integrity. These sensors can be pulled from service, tested, and recalibrated before failed calibration issues could potentially ground your batches.
Flow integrity: Flow is critical to accurate sizing of particles that scatter light. A remote particle counter with the most accurate flowrate must have a low +/- % flow error tolerance. If the flowrate is not accurate, the count data will not be accurate and wrong particle sizing can occur.
Solution: Considering particle size and count data are crucial factors in determining alarm limits, choose a sensor with the highest flow accuracy available for flowrate control.
Data storage redundancy: Having data records backed up on the remote particle counter assures redundancy in case a software issue occurs in the transmission of real time data.
Solution: Choosing a remote particle counter with sufficient buffering in data collection will enable critical data to be downloaded at a later stage back into the monitoring system software.
Audit trail: In order to follow the ALCOA standard, an audit trail built into the equipment or software is an absolute must. (21CFR11 in monitoring systems are required).
Solution: Seek particle counters with built in audit trails to satisfy ALCOA requirements for who, when, what, and where attributions.
User security levels: The system must conform to 21CFR11 guidelines. Up to three security levels from operator to manager and administrator must be available with the usual compliant parameters such as password length, password aging, and password control.
Solution: User security levels are a 21cfr11 requirement and particle counters should have the ability to manage and control user access.
System validation: A complete validation of the data records must be conducted by verifying the accuracy of the data to the location of where the data is generated. This is a must do exercise and should be rolled into the Installation and Operational Qualifications IQ/OQ protocols.
Solution: Seek particle counters with built-in IQ/OQ protocols and always conduct a Performance Qualification (PQ) to verify accuracy before going into production.
Calibration ISO 21501: The particle counter must be calibrated to meet ISO 21501 standards. The new revision of ISO 14644-1 requires particle counters to be calibrated to ISO 21501. It is currently the most accurate particle counter calibration and must be the calibration standard followed.
Solution: Make sure the supplier or distributor can offer local accredited ISO 21501 calibrations that are traceable.
Service level agreements: When the system is up and running it is required in PIC’s Annex 11 to have vendor support agreements in place to ensure business continuity. Regular testing and servicing of the sensor ensures the accuracy and reliability of data.
Solution: In order to mitigate system and instrument failures which can potentially leave your production paralyzed, leverage the expertise of your supplier to assist in getting you back up and running in the shortest possible time.
Audit your supplier: Monitoring system and monitoring instrument suppliers should be audited to verify that their products and services stand up to providing your facility with confidence in data accuracy and reliability. Your vendor should be able to accommodate site audits and assist proactively during the audit process.
ALCOA is nothing new, but regulators around the world are now actively taking a closer look at processes to find data gaps, data integrity issues, and lack of controls. It is prudent to verify that monitoring systems and instruments have the ability to secure the data and keep data integrity intact. The data must be traceable and validated by the system or by a validation process before the system or portable instrument is put into service. This strategy will provide greater confidence in the data when it comes to making critical decisions.
Particle counters and the data they produce play a critical role in a product’s lifecycle and therefore the data must be Attributable, Legible, Contemporaneous, Original, and Accurate. By understanding these requirements, you can make more informed decisions in choosing the right instruments and systems that provide critical data and mitigating any data integrity risks that may be questionable. When procurement decisions are to be made on which vendor to choose, the information contained in this article could help you in making the right choice to mitigate data integrity and data loss issues in your own environmental monitoring programs.
• FDA Data Integrity and Compliance with cGMP – Guidance for Industry Draft Guidance April 2016: https://www.fda.gov/downloads/Drugs/GuidanceComplianceRegulatoryInformation/Guidances/UCM495891.pdf
• MHRA GxP Data Integrity Definitions and Guidance for Industry: https://www.gov.uk/government/news/mhra-gxp-data-integrity-definitions-and-guidance-for-industry
• PIC/s Annex 11 Computerized Systems: https://www.picscheme.org/layout/document.php?id=975
• ISO 14644-1: 2015 Cleanrooms and associated controlled environments — Part 1: Classification of air cleanliness by particle concentration: https://www.iso.org/standard/53394.html
• ISO 21501-4:2007 Determination of particle size distribution — Single particle light interaction methods — Part 4: Light scattering airborne particle counter for clean spaces: https://www.iso.org/standard/40274.html
• Lighthouse Worldwide Solutions White Paper, “Risk Based Approach to Particle Counting”: http://www.golighthouse.com/en/tech-papers/risk-based-approach-to-particle-monitoring-33
• Lighthouse Worldwide Solutions — White Paper “Addressing Risks in Airborne Particle Counting”: http://www.golighthouse.com/en/tech-papers/apexr5-remote-particle-counter-128
• ISO 13485:2016 Medical devices — Quality management systems — Requirements for regulatory purposes: https://www.iso.org/standard/59752.html
• Australian Code to GMP human blood, blood components, human tissues and human cellular therapy products: 2013: https://www.tga.gov.au/publication/australian-code-good-manufacturing-practice-human-blood-and-blood-components-human-tissues-and-human-cellular-therapy-products
Jason Kelly is Director of Systems at Lighthouse Worldwide Solutions. He has spent over 20 years working in the Pharmaceutical Industry, managing many major Environmental Monitoring projects as well as developing testing protocols for IQ/OQ. Jason has also set up ISO 17025 Particle Counter facilities. Additionally, he has many years’ technical experience with particle counter calibrations to ISO 21501 standards. [email protected]; www.golighthouse.com