September 18, 2020

Overview
Government regulators identified Data Integrity Risks for multiple systems at a North American pharmaceutical manufacturer. This manufacturer turned to Grantek to perform a risk assessment to determine the criticality and risk levels for their systems that include Process Automation Systems (PAS), CIP Skids, Fillers and Isolator, packaging, and product/air quality systems. The PAS systems and CIP skids were generating paper reports, so it was deemed that they didn’t need to satisfy the requirements for 21 CFR Part 11 – at the time. As a result of these audits, the client asked Grantek to re-evaluate the system’s designs, and allow for the long-term storage of Batch Data, unique logins, auto logout, and 21 CFR Part 11 Readiness.

Challenges
Grantek performed an onsite audit to identify hardware architecture and software versions of the systems that have been rated a Data Integrity medium risk and which systems the client needs more information in order to identify the current state of these systems. Grantek has knowledge of the different systems and can leverage this knowledge to streamline this onsite audit phase and subsequent phases. The information gathered from the onsite audit was instrumental for Grantek to define the current Data Integrity controls of each system and develop a plan to close the gap between the current state and the Data Integrity Remediated future state. Grantek performed an onsite audit for the following list of systems: portable particle counter, filter integrity tester, air sampler, SCADA, CIP skid, sterilizer control panels and high vacuum steam sterilizer controller.

Solutions
Grantek identified a Data Integrity medium risk rating for 12 different systems and a low risk rating for 3 systems across 5 different categories of systems that were designed by a range of vendors with varying levels of data integrity knowledge and remediation capabilities. Grantek delivered a multi-phased approach to develop one unified Data Integrity Remediation standard for the client to utilize as a road map and have confidence their goals will be met by a multitude of vendors for the 15 different systems.

The multi-phased approach to develop one standard Data Integrity Remediation standard started with an onsite audit of the equipment to outline a definition of the current equipment hardware/software including bench test setup.

Grantek also worked with the client to define the path forward that will specify the requirements to close the gap between the current state of the systems and the Data Remediated future state that will resolve the issues uncovered by government regulators. This path forward includes execution phases to bench test solutions, update GAMP documentation, factory acceptance testing (FAT), and Commission/site acceptance testing (SAT).