{"id":234,"date":"2018-08-27T14:14:54","date_gmt":"2018-08-27T14:14:54","guid":{"rendered":"https:\/\/www.pharmity.com\/?p=234"},"modified":"2019-11-12T15:34:52","modified_gmt":"2019-11-12T15:34:52","slug":"data-integrity-how-to-implement-an-effective-audit-trail","status":"publish","type":"post","link":"https:\/\/www.pharmity.com\/data-integrity-how-to-implement-an-effective-audit-trail\/","title":{"rendered":"Data Integrity &#8211; How To Implement An Effective Audit Trail"},"content":{"rendered":"<h4 align=\"justify\"><span style=\"color: #009999;\"><img loading=\"lazy\" decoding=\"async\" class=\"size-medium wp-image-235 alignright\" src=\"https:\/\/www.pharmity.com\/wp-content\/uploads\/2018\/08\/analytics-3088958_1920_Audit-Trail_image-300x200.jpg\" alt=\"Data Integrity - How To Implement An Effective Audit Trail\" width=\"300\" height=\"200\" srcset=\"https:\/\/www.pharmity.com\/wp-content\/uploads\/2018\/08\/analytics-3088958_1920_Audit-Trail_image-300x200.jpg 300w, https:\/\/www.pharmity.com\/wp-content\/uploads\/2018\/08\/analytics-3088958_1920_Audit-Trail_image-768x512.jpg 768w, https:\/\/www.pharmity.com\/wp-content\/uploads\/2018\/08\/analytics-3088958_1920_Audit-Trail_image-1024x683.jpg 1024w, https:\/\/www.pharmity.com\/wp-content\/uploads\/2018\/08\/analytics-3088958_1920_Audit-Trail_image-219x146.jpg 219w, https:\/\/www.pharmity.com\/wp-content\/uploads\/2018\/08\/analytics-3088958_1920_Audit-Trail_image-50x33.jpg 50w, https:\/\/www.pharmity.com\/wp-content\/uploads\/2018\/08\/analytics-3088958_1920_Audit-Trail_image-113x75.jpg 113w, https:\/\/www.pharmity.com\/wp-content\/uploads\/2018\/08\/analytics-3088958_1920_Audit-Trail_image.jpg 1920w\" sizes=\"auto, (max-width: 300px) 100vw, 300px\" \/><strong>Maintaining an audit trail is a regulatory compliance requirement, but what makes a good audit trail that is effective and complies with regulations? <\/strong><\/span><\/h4>\n<h4 align=\"justify\"><strong><span style=\"color: #009999;\">This article will explain what and audit trail is, what the applicable regulations are and the main aspects to consider when implementing an audit trail to contribute to safeguard clinical data integrity.<\/span><\/strong><\/h4>\n<p><!--more--><\/p>\n<p align=\"justify\"><span style=\"font-size: medium;\">Acceptance of data from clinical trials for decision-making purposes depends on the Regulatory Authorities\u2019 ability to verify the quality and integrity of the data.<\/span><\/p>\n<p align=\"justify\"><span style=\"font-size: medium;\">Data integrity has become a major priority during regulatory inspections and <\/span><span style=\"color: #009999;\"><span style=\"font-size: medium;\"><b>audit trail<\/b><\/span><\/span> <span style=\"font-size: medium;\">deficiencies in particular have been cited in a growing number of observations.<\/span><\/p>\n<p align=\"justify\"><span style=\"font-size: medium;\">EU GMP Annex 11, 21 CFR Part 11 and related guidance documents outline the current regulatory requirements for audit trails. <\/span><\/p>\n<p align=\"justify\"><span style=\"font-size: medium;\">ICH GCP defines audit trail as <\/span><span style=\"font-size: medium;\"><i>\u201cDocumentation that allows reconstruction of the course of events\u201d<\/i><\/span><sup><span style=\"font-size: medium;\">1<\/span><\/sup><span style=\"font-size: medium;\">.<\/span><\/p>\n<p align=\"justify\"><span style=\"font-size: medium;\">The basic definition of an audit trail is a log that contains metadata concerning when and by whom data has been originally entered, changed, or deleted<\/span><sup><span style=\"font-size: medium;\">2,3<\/span><\/sup><span style=\"font-size: medium;\">.<\/span><\/p>\n<p align=\"justify\"><span style=\"font-size: medium;\">The MHRA guidance on GXP Data Integrity published in March 2018 also covers the Audit Trail topic:<\/span><\/p>\n<p align=\"justify\">\u201c<span style=\"font-size: medium;\"><i>The audit trail is a form of metadata containing information associated with actions that relate to the creation, modification or deletion of GXP records. An audit trail provides for secure recording of life-cycle details such as creation, additions, deletions or alterations of information in a record, either paper or electronic, without obscuring or overwriting the original record. An audit trail facilitates the reconstruction of the history of such events relating to the record regardless of its medium, including the <\/i><\/span><span style=\"font-size: medium;\"><i>\u201c<\/i><\/span><span style=\"color: #009999;\"><span style=\"font-size: medium;\"><i><b>who, what, when and why<\/b><\/i><\/span><\/span><span style=\"font-size: medium;\"><i>\u201d<\/i><\/span><span style=\"font-size: medium;\"><i> of the action<\/i><\/span><span style=\"font-size: medium;\"><i>\u201d<\/i><\/span><sup><span style=\"font-size: medium;\">4<\/span><\/sup><span style=\"font-size: medium;\"><i>.<\/i><\/span><\/p>\n<p align=\"justify\"><span style=\"font-size: medium;\">The decision whether to apply audit trails for electronic records should be based on a combination of GXP regulatory requirements and <\/span><span style=\"color: #009999;\"><span style=\"font-size: medium;\"><b>assessment of risk<\/b><\/span><\/span> <span style=\"font-size: medium;\">to the <\/span><span style=\"color: #009999;\"><span style=\"font-size: medium;\"><b>trustworthiness<\/b><\/span><\/span> <span style=\"font-size: medium;\">and <\/span><span style=\"color: #009999;\"><span style=\"font-size: medium;\"><b>reliability<\/b><\/span><\/span> <span style=\"color: #009999;\"><span style=\"font-size: medium;\"><b>of records<\/b><\/span><\/span><span style=\"font-size: medium;\">, including the risk of unauthorized or undetectable changes to records<\/span><sup><span style=\"font-size: medium;\">5<\/span><\/sup><span style=\"font-size: medium;\">, and the determination <\/span><span style=\"font-size: medium;\">of the potential effect on <\/span><span style=\"color: #009999;\"><span style=\"font-size: medium;\"><b>product quality<\/b><\/span><\/span><span style=\"color: #009999;\"><span style=\"font-size: medium;\">, <\/span><\/span><span style=\"color: #009999;\"><span style=\"font-size: medium;\"><b>safety<\/b><\/span><\/span> <span style=\"font-size: medium;\">and <\/span><span style=\"color: #009999;\"><span style=\"font-size: medium;\"><b>record integrity<\/b><\/span><\/span><span style=\"color: #009999;\"><sup><span style=\"font-size: medium;\"><b>6<\/b><\/span><\/sup><\/span><span style=\"font-size: medium;\">.<\/span><\/p>\n<p style=\"text-align: center;\" align=\"center\"><span style=\"font-size: large;\"><b><br \/>\n&#8220;The need for and the type of audit trails should be based on a documented and justified risk assessment&#8221;<\/b><\/span><sup><span style=\"font-size: large;\"><b>7<br \/>\n<\/b><\/span><\/sup><\/p>\n<p align=\"justify\"><span style=\"font-size: medium;\"><br \/>\n<img loading=\"lazy\" decoding=\"async\" class=\"size-medium wp-image-253 alignleft\" src=\"https:\/\/www.pharmity.com\/wp-content\/uploads\/2018\/08\/spyware-2319403_1280_Lupa-image-Pixabay-free-300x200.jpg\" alt=\"Data Integrity - How To Implement An Effective Audit Trail\" width=\"300\" height=\"200\" srcset=\"https:\/\/www.pharmity.com\/wp-content\/uploads\/2018\/08\/spyware-2319403_1280_Lupa-image-Pixabay-free-300x200.jpg 300w, https:\/\/www.pharmity.com\/wp-content\/uploads\/2018\/08\/spyware-2319403_1280_Lupa-image-Pixabay-free-768x512.jpg 768w, https:\/\/www.pharmity.com\/wp-content\/uploads\/2018\/08\/spyware-2319403_1280_Lupa-image-Pixabay-free-1024x682.jpg 1024w, https:\/\/www.pharmity.com\/wp-content\/uploads\/2018\/08\/spyware-2319403_1280_Lupa-image-Pixabay-free-219x146.jpg 219w, https:\/\/www.pharmity.com\/wp-content\/uploads\/2018\/08\/spyware-2319403_1280_Lupa-image-Pixabay-free-50x33.jpg 50w, https:\/\/www.pharmity.com\/wp-content\/uploads\/2018\/08\/spyware-2319403_1280_Lupa-image-Pixabay-free-113x75.jpg 113w, https:\/\/www.pharmity.com\/wp-content\/uploads\/2018\/08\/spyware-2319403_1280_Lupa-image-Pixabay-free.jpg 1280w\" sizes=\"auto, (max-width: 300px) 100vw, 300px\" \/>While many regulated companies understand the importance of configuring their computer systems to ensure audit trails are adequate and meet regulatory requirements, many others still struggle to maintain electronic records with a complete and compliant audit trail.<\/span><\/p>\n<p align=\"justify\"><span style=\"font-size: medium;\">There are many things that should be taken into consideration when setting up audit trails. Many of the controls will be technical in nature and will form part of the functionality of a purchased system; however, a combination of technical and procedural controls may be needed for an adequate level of protection<\/span><sup><span style=\"font-size: medium;\">7<\/span><\/sup><span style=\"font-size: medium;\">. <\/span><\/p>\n<p align=\"justify\"><span style=\"font-size: medium;\">Whether companies are using a solution that is custom made or they acquire off-the-shelf software from a supplier, they need to consider the following topics:<\/span><\/p>\n<ul>\n<li>\n<p align=\"justify\"><span style=\"font-size: medium;\"><b>Audit only what is necessary<\/b><\/span><span style=\"font-size: medium;\">: the MHRA GXP Data Integrity Guidance and Definitions states that <\/span><span style=\"font-size: medium;\"><i>\u201c<\/i><\/span><span style=\"font-size: medium;\"><i>The relevance of data retained in audit trails should be considered by the organisation to permit robust data review\/verification. It is not necessary for audit trail review to include every system activity (e.g. user log on\/off, keystrokes etc.)<\/i><\/span><span style=\"font-size: medium;\"><i>\u201d<\/i><\/span><sup><span style=\"font-size: medium;\"> 4<\/span><\/sup><span style=\"font-size: medium;\"><i>.<\/i><\/span><span style=\"font-size: medium;\"> Only audit trailed those events\/data that are <\/span><span style=\"color: #009999;\"><span style=\"font-size: medium;\"><b>critical<\/b><\/span><\/span><span style=\"font-size: medium;\">.<\/span><\/p>\n<p align=\"justify\"><span style=\"font-size: medium;\">The Process Owner and Data Owner (they may be the same person) need to be involved when setting up the audit trail functionality to consider what information they need to review based on its criticality, which should have been defined by the regulated company within a <\/span><span style=\"color: #009999;\"><span style=\"font-size: medium;\"><b>Data Governance<\/b><\/span><\/span> <span style=\"font-size: medium;\">framework.<\/span><\/p>\n<\/li>\n<\/ul>\n<ul>\n<li>\n<p align=\"justify\"><span style=\"font-size: medium;\"><b>Audit Trail content.<\/b><\/span><span style=\"font-size: medium;\"> The items included in the audit trail should be those of relevance to permit <\/span><span style=\"color: #009999;\"><span style=\"font-size: medium;\"><b>reconstruction<\/b><\/span><\/span> <span style=\"font-size: medium;\">of the process or activity. They will help to reconstruct significant details about study conduct and source data collection necessary to verify the quality and integrity of data<\/span><sup><span style=\"font-size: medium;\">8<\/span><\/sup><span style=\"font-size: medium;\"> and ensure compliance with the applicable regulation.<br \/>\n<\/span><span style=\"font-size: medium;\">Including unnecessary information should be avoided since it can increase compliance risk<\/span><sup><span style=\"font-size: medium;\">4<\/span><\/sup><span style=\"font-size: medium;\">.<\/span><\/p>\n<p align=\"justify\"><span style=\"font-size: medium;\">Audit Trail information should include the following<\/span><sup><span style=\"font-size: medium;\">4,7<\/span><\/sup><span style=\"font-size: medium;\">:<\/span><\/p>\n<\/li>\n<\/ul>\n<ul>\n<li style=\"list-style-type: none;\">\n<ul>\n<li>\n<p align=\"justify\"><span style=\"font-size: medium;\">Identity of the person performing the action (this identification must be unique).<\/span><\/p>\n<\/li>\n<li>\n<p align=\"justify\"><span style=\"font-size: medium;\">The detail of the change or deletion, and a record of the original entry (original information should not be obscured).<\/span><\/p>\n<\/li>\n<li>\n<p align=\"justify\"><span style=\"font-size: medium;\">The reason for any GXP change or deletion (to explain why the action was necessary).<\/span><\/p>\n<\/li>\n<li>\n<p align=\"justify\"><span style=\"font-size: medium;\">The Date and Time when the action was performed (changes should be <\/span><span style=\"color: #009999;\"><span style=\"font-size: medium;\"><b>dated<\/b><\/span><\/span> <span style=\"font-size: medium;\">and <\/span><span style=\"color: #009999;\"><span style=\"font-size: medium;\"><b>time stamped<\/b><\/span><\/span><span style=\"font-size: medium;\">. They should be implemented with a clear understanding of the time zone referenced and ensuring that the system clocks used for the time stamp are accurate and secure).<\/span><\/p>\n<\/li>\n<\/ul>\n<\/li>\n<\/ul>\n<ul>\n<li>\n<p align=\"justify\"><span style=\"font-size: medium;\"><b>Logical and Procedural Controls. <\/b><\/span><span style=\"font-size: medium;\">Validated computer systems with enabled audit trails are necessary, but not enough, to meet global regulatory good documentation practice requirements for electronic records. Additional logical and procedural controls need to be implemented. For example:<\/span><\/p>\n<ul>\n<li>\n<p align=\"justify\"><span style=\"font-size: medium;\">Audit trails should be switched on. Users should not be able to amend or switch off the audit trail. Where a system administrator amends or switches off the audit trail a record of that action should be retained<\/span><sup><span style=\"font-size: medium;\">4<\/span><\/sup><span style=\"font-size: medium;\">.<\/span><\/p>\n<\/li>\n<li>\n<p align=\"justify\"><span style=\"font-size: medium;\">Periodic checks to verify that audit trails remain enable and effective.<\/span><\/p>\n<\/li>\n<li>\n<p align=\"justify\"><span style=\"font-size: medium;\">Establishment of effective procedures for system use, administration and change management<\/span><sup><span style=\"font-size: medium;\">7<\/span><\/sup><span style=\"font-size: medium;\">.<\/span><\/p>\n<\/li>\n<\/ul>\n<\/li>\n<\/ul>\n<ul>\n<li><span style=\"font-size: medium;\"><b>Audit Trails should be part of the system validation<\/b>. The accuracy and reliability of the audit trail should be verified during <span style=\"color: #009999;\"><b>validation<\/b><\/span> testing<sup>5<\/sup>. Validation documentation should demonstrate that audit trails are functional, and that all activities, changes and other transactions within the systems are recorded, together with all metadata in a useable form<sup>2<\/sup>.<\/span><\/li>\n<\/ul>\n<ul>\n<li>\n<p align=\"justify\"><span style=\"font-size: medium;\"><b>Report and Review<\/b><\/span><span style=\"font-size: medium;\">. What is the value of an audit trail solution if the regulated company never review it? By following the steps in the paragraphs above, companies will know they are getting the information they are looking for, but they need to ensure to <\/span><span style=\"color: #009999;\"><span style=\"font-size: medium;\"><b>continually review<\/b><\/span><\/span><span style=\"font-size: medium;\">, follow up, and document the audit trail review process regularly. For this purpose, every GXP organization should implement procedures that outline their policy and processes for review of audit trails in accordance with risk management principles<\/span><sup><span style=\"font-size: medium;\">2,9<\/span><\/sup><span style=\"font-size: medium;\">.<\/span><\/p>\n<p align=\"justify\"><span style=\"font-size: medium;\">Reviews should be performed of audit trail content that has direct impact on reported values that will be used for product or patient decisions<\/span><sup><span style=\"font-size: medium;\">7<\/span><\/sup><span style=\"font-size: medium;\">.<\/span><\/p>\n<p align=\"justify\"><span style=\"font-size: medium;\">ICH E6(R2), Section 5.18.1(b) specifies that one of the purposes of trial monitoring is to verify that <\/span><span style=\"font-size: medium;\"><i>\u201cthe reported trial data are accurate, complete, and verifiable from source documents<\/i><\/span><span style=\"font-size: medium;\">\u201d. In-process audit trail review is a way of doing this and should be established as part of the monitoring activities of the clinical trial.<\/span><\/p>\n<p align=\"justify\"><span style=\"font-size: medium;\">ICH E6(R2), Section 5.18.3 also reinforces the relevance of centralized monitoring as a useful process conducted <\/span><span style=\"font-size: medium;\">by appropriately qualified and trained persons (e.g., data managers, biostatisticians) <\/span><span style=\"font-size: medium;\">to help <\/span><span style=\"font-size: medium;\">distinguish between reliable data and potentially unreliable data. Audit trail reviews conducted by these trained staff can help to identify potential issues that may result in loss of data integrity. Issues may include: erroneous data entry, modifications by unauthorized persons data not entered contemporaneously, falsification of data<\/span><sup><span style=\"font-size: medium;\">1,7<\/span><\/sup><span style=\"font-size: medium;\">.<\/span><\/p>\n<p align=\"justify\"><span style=\"font-size: medium;\">To comply with the above requirements, it is necessary that audit trails are designed so that the audit trail information relevant to data being reviewed or used is visible on screen or <\/span><span style=\"color: #009999;\"><span style=\"font-size: medium;\"><b>easily obtainable<\/b><\/span><\/span><sup><span style=\"font-size: medium;\">10<\/span><\/sup><span style=\"font-size: medium;\">.<\/span><\/p>\n<p align=\"justify\"><span style=\"font-size: medium;\">Audit trails need to be <\/span><span style=\"color: #009999;\"><span style=\"font-size: medium;\"><b>available<\/b><\/span><\/span> <span style=\"font-size: medium;\">and convertible to a generally <\/span><span style=\"color: #009999;\"><span style=\"font-size: medium;\"><b>intelligible form<\/b><\/span><\/span><sup><span style=\"font-size: medium;\">9<\/span><\/sup><span style=\"font-size: medium;\"> and they also need to be viewable\/accessible to end-users.<\/span><\/p>\n<p align=\"justify\"><span style=\"font-size: medium;\">For enhanced usability, if available, systems should be <\/span><span style=\"color: #009999;\"><span style=\"font-size: medium;\"><b>configured<\/b><\/span><\/span><span style=\"font-size: medium;\"> to allow the search, sorting, and filtering of audit trail data<\/span><sup><span style=\"font-size: medium;\">7<\/span><\/sup><span style=\"font-size: medium;\">.<\/span><\/p>\n<\/li>\n<\/ul>\n<ul>\n<li>\n<p align=\"justify\"><span style=\"font-size: medium;\"><b>Readily available for inspection:<\/b><\/span><span style=\"font-size: medium;\"> All GXP records held by the GXP organization are subject to inspection by the responsible Competent Authorities. This includes original electronic data and metadata, such as audit trails maintained in computerized systems.<\/span><\/p>\n<p align=\"justify\"><span style=\"font-size: medium;\">Management of both contract givers and contract acceptors should ensure that adequate resources are available and that procedures for computerized systems are available for inspection. System administrator personnel should be available to readily retrieve requested records and facilitate inspections<\/span><sup><span style=\"font-size: medium;\">11<\/span><\/sup><span style=\"font-size: medium;\">.<\/span><\/p>\n<p align=\"justify\"><span style=\"font-size: medium;\">It is a good practice to discuss the above topic before acquiring a computer system that will be used in a clinical trial setting.<\/span><\/p>\n<p align=\"justify\"><span style=\"font-size: medium;\">Inspectors tend to request copies of full audit trail reports for the critical systems used in the selected clinical trial(s) e.g. eTMF, eCRF, ePRO.<\/span><\/p>\n<p align=\"justify\"><span style=\"font-size: medium;\">There is no regulatory requirement dictating the format of those reports; however, the typical format requested is an excel file (with any headers explained). The content and format of these reports should be discussed with the suppliers of such systems and be formally validated to comply with the inspectors\u00b4 expectations. Companies should not wait until the very moment they receive the inspection request to handle this topic but before deploying the software.<\/span><\/p>\n<\/li>\n<\/ul>\n<ul>\n<li>\n<p align=\"justify\"><span style=\"font-size: medium;\"><b>Data Retention. <\/b><\/span><span style=\"font-size: medium;\">Audit trails should be considered part of records and they need to be stored and maintained. <\/span><span style=\"font-size: medium;\">All audit trails must be kept as long as their corresponding electronic records are required to be stored as mandated by applicable regulations.<\/span><\/p>\n<p align=\"justify\"><span style=\"font-size: medium;\">Regulated companies should develop retention policies that include audit trail data.<\/span><\/p>\n<p align=\"justify\"><span style=\"font-size: medium;\">Data migration activities should also retain audit trail information. A record of the changes to an electronic record prior to conversion of its format should be preserved, if possible<\/span><sup><span style=\"font-size: medium;\">7<\/span><\/sup><span style=\"font-size: medium;\">.<\/span><\/p>\n<\/li>\n<\/ul>\n<h3 align=\"justify\"><strong><br \/>\nConclusion<\/strong><\/h3>\n<p align=\"justify\"><span style=\"font-size: medium;\">The computer systems used in a clinical trial setting may technically provide the minimum audit trail components, but it may be difficult to support in-process or periodic review of audit trail information. <\/span><\/p>\n<p align=\"justify\"><span style=\"font-size: medium;\">Regulated companies should deal with suppliers to develop useful audit trail functionality and provide effective data analysis tools<\/span><sup><span style=\"font-size: medium;\">7<\/span><\/sup><span style=\"font-size: medium;\">.<\/span><\/p>\n<p align=\"justify\"><span style=\"font-size: medium;\">The topics explained throughout this article should be considered when establishing and defining data integrity requirements (URS) for GXP systems and implementing the related logical and technical procedures. <\/span><\/p>\n<p align=\"justify\"><span style=\"font-size: medium;\">The reliability of data is at risk if its integrity is compromised at any stage during the clinical research process. Regulated companies and investigator sites should assess their processes to ensure they comply with data integrity expectations.<\/span><\/p>\n<p align=\"justify\"><span style=\"font-size: medium;\">For the Health Authorities to accept the data from clinical trials and grant positive opinion on whether a medicine should be authorized, data quality and data integrity need to be maintained. <\/span><\/p>\n<p align=\"justify\"><span style=\"font-size: medium;\">Regulated companies and clinical investigators must protect the subjects\u00b4 rights, safety and welfare. These three fundamental pillars are not only jeopardized when <\/span><span style=\"font-size: medium;\">subjects in clinical investigations are exposed to unnecessary risks and hardships<\/span> <span style=\"font-size: medium;\">but also when a new medicine that may have been effective does not obtain a marketing authorization due to problems with the quality and integrity of the data. <\/span><\/p>\n<h3 align=\"justify\"><strong><br \/>\nReferences<\/strong><\/h3>\n<ol>\n<li><span style=\"font-size: small;\">International Council for Harmonization (ICH): ICH Harmonized Guideline, Integrated Addendum to ICH E6(R1): <\/span><span style=\"font-size: small;\"><i>Guideline for Good Clinical Practice<\/i><\/span><span style=\"font-size: small;\"> E6(R2). Step 4, version 9 November 2016. <\/span><\/li>\n<\/ol>\n<ol start=\"2\">\n<li>\n<p align=\"justify\"><span style=\"font-size: small;\">PIC\/S Guidance: PI 011-3, <\/span><span style=\"font-size: small;\"><i>Good Practices for Computerised Systems in regulated \u201cGXP\u201d Environments<\/i><\/span><span style=\"font-size: small;\">, 25 September 2007, Pharmaceutical Inspection Co-operation Scheme (PIC\/S).<\/span><\/p>\n<\/li>\n<\/ol>\n<ol start=\"3\">\n<li>\n<p align=\"justify\"><span style=\"font-size: small;\">21 CFR Part 11 <\/span><span style=\"font-size: small;\"><i>Electronic Records; Electronic Signatures<\/i><\/span><span style=\"font-size: small;\">, Code of Federal Regulations, 1997, US Food and Drug Administration (FDA). <\/span><\/p>\n<\/li>\n<\/ol>\n<ol start=\"4\">\n<li>\n<p align=\"justify\"><span style=\"font-size: small;\">MHRA: <\/span><span style=\"font-size: small;\"><i>GXP Data Integrity Guidance and Definitions<\/i><\/span><span style=\"font-size: small;\">, Revision 1, March 2018, <\/span><span style=\"font-size: small;\">Medicines and Healthcare products Regulatory Agency (MHRA).<\/span><\/p>\n<\/li>\n<\/ol>\n<ol start=\"5\">\n<li><span style=\"font-size: small;\">ISPE GAMP\u00ae Good Practice Guide: <i>A Risk-Based Approach to Compliant Electronic Records and Signatures<\/i>, 2005, International Society for Pharmaceutical Engineering (ISPE). <\/span><\/li>\n<\/ol>\n<ol start=\"6\">\n<li><span style=\"font-size: small;\">FDA guidance for Industry: <i>Part 11, Electronic Records; Electronic Signatures &#8211; Scope and Application<\/i>, August 2003, US Food and Drug Administration (FDA). <\/span><\/li>\n<\/ol>\n<ol start=\"7\">\n<li><span style=\"font-size: small;\">ISPE GAMP\u00ae Guide: <i>Records and Data Integrity<\/i>, 2017, International Society for Pharmaceutical Engineering (ISPE).<\/span><\/li>\n<\/ol>\n<ol start=\"8\">\n<li>\n<p align=\"justify\"><span style=\"font-size: small;\">FDA Guidance for Industry: <\/span><span style=\"font-size: small;\"><i>Computerized Systems Used in Clinical Investigations<\/i><\/span><span style=\"font-size: small;\">, May 2007, US Food and Drug Administration (FDA). <\/span><\/p>\n<\/li>\n<\/ol>\n<ol start=\"9\">\n<li>\n<p align=\"justify\"><span style=\"font-size: small;\">EudraLex Volume 4: Guidelines for Good Manufacturing Practice for Medicinal Products for Human and Veterinary Use, Annex 11, <\/span><span style=\"font-size: small;\"><i>Computerised Systems<\/i><\/span><span style=\"font-size: small;\">, 2011.<\/span><\/p>\n<\/li>\n<\/ol>\n<ol start=\"10\">\n<li><span style=\"font-size: small;\">ISPE GAMP\u00ae Good Practice Guide: <i>Validation and Compliance of Computerized GCP Systems and Data<\/i>, 2017, International Society for Pharmaceutical Engineering (ISPE).<\/span><\/li>\n<\/ol>\n<ol start=\"11\">\n<li>\n<p align=\"justify\"><span style=\"font-size: small;\">WHO Expert Committee on Specifications for Pharmaceutical Preparations: <\/span><span style=\"font-size: small;\"><i>Guidance on Good Data and Record Management Practices<\/i><\/span><span style=\"font-size: small;\">, June 2016, Technical Report Series, No 996, Annex 5, World Health Organization (WHO).<\/span><\/p>\n<\/li>\n<\/ol>\n<p align=\"justify\"><span style=\"color: #009999;\"><span style=\"font-size: medium;\">Author: Dr Leire Z\u00fa\u00f1iga, Director and Principal GCP Consultant<\/span><\/span><\/p>\n<p align=\"justify\"><span style=\"color: #009999;\"><span style=\"font-size: medium;\"><b>PHARMITY<\/b><\/span><\/span><span style=\"color: #009999;\"><span style=\"font-size: medium;\">, 27th of August 2018<\/span><\/span><\/p>\n<p align=\"justify\"><a href=\"http:\/\/www.pharmity.com\/\"><span style=\"font-size: medium;\">www.pharmity.com<\/span><\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Maintaining an audit trail is a regulatory compliance requirement, but what makes a good audit trail that is effective and complies with regulations? This article will explain what and audit trail is, what the applicable regulations are and the main aspects to consider when implementing an audit trail to contribute to safeguard clinical data integrity.<\/p>\n","protected":false},"author":3,"featured_media":235,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[5],"tags":[4,7,6],"class_list":["post-234","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-data-integrity","tag-audit","tag-audit-trails","tag-data-integrity"],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v23.7 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>Data Integrity - How To Implement An Effective Audit Trail | Pharmity<\/title>\n<meta name=\"description\" content=\"Data Integrity - How To Implement An Effective Audit Trail | What makes a good audit trail that is effective and complies with regulations? This article will explain what and audit trail is, what the applicable regulations are and the main aspects to consider when implementing an audit trail to contribute to safeguard clinical data integrity.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.pharmity.com\/data-integrity-how-to-implement-an-effective-audit-trail\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Data Integrity - How To Implement An Effective Audit Trail | Pharmity\" \/>\n<meta property=\"og:description\" content=\"Data Integrity - How To Implement An Effective Audit Trail | What makes a good audit trail that is effective and complies with regulations? This article will explain what and audit trail is, what the applicable regulations are and the main aspects to consider when implementing an audit trail to contribute to safeguard clinical data integrity.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.pharmity.com\/data-integrity-how-to-implement-an-effective-audit-trail\/\" \/>\n<meta property=\"og:site_name\" content=\"Pharmity\" \/>\n<meta property=\"article:published_time\" content=\"2018-08-27T14:14:54+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2019-11-12T15:34:52+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.pharmity.com\/wp-content\/uploads\/2018\/08\/analytics-3088958_1920_Audit-Trail_image.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"1920\" \/>\n\t<meta property=\"og:image:height\" content=\"1280\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Leire Zu\u00f1iga\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Leire Zu\u00f1iga\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"10 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/www.pharmity.com\/data-integrity-how-to-implement-an-effective-audit-trail\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/www.pharmity.com\/data-integrity-how-to-implement-an-effective-audit-trail\/\"},\"author\":{\"name\":\"Leire Zu\u00f1iga\",\"@id\":\"https:\/\/www.pharmity.com\/#\/schema\/person\/a44b1c604f6554577cde3888acbaedb4\"},\"headline\":\"Data Integrity &#8211; How To Implement An Effective Audit Trail\",\"datePublished\":\"2018-08-27T14:14:54+00:00\",\"dateModified\":\"2019-11-12T15:34:52+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/www.pharmity.com\/data-integrity-how-to-implement-an-effective-audit-trail\/\"},\"wordCount\":1920,\"publisher\":{\"@id\":\"https:\/\/www.pharmity.com\/#organization\"},\"image\":{\"@id\":\"https:\/\/www.pharmity.com\/data-integrity-how-to-implement-an-effective-audit-trail\/#primaryimage\"},\"thumbnailUrl\":\"http:\/\/www.pharmity.com\/wp-content\/uploads\/2018\/08\/analytics-3088958_1920_Audit-Trail_image.jpg\",\"keywords\":[\"audit\",\"audit trails\",\"data integrity\"],\"articleSection\":[\"Data Integrity\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.pharmity.com\/data-integrity-how-to-implement-an-effective-audit-trail\/\",\"url\":\"https:\/\/www.pharmity.com\/data-integrity-how-to-implement-an-effective-audit-trail\/\",\"name\":\"Data Integrity - How To Implement An Effective Audit Trail | Pharmity\",\"isPartOf\":{\"@id\":\"https:\/\/www.pharmity.com\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/www.pharmity.com\/data-integrity-how-to-implement-an-effective-audit-trail\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/www.pharmity.com\/data-integrity-how-to-implement-an-effective-audit-trail\/#primaryimage\"},\"thumbnailUrl\":\"http:\/\/www.pharmity.com\/wp-content\/uploads\/2018\/08\/analytics-3088958_1920_Audit-Trail_image.jpg\",\"datePublished\":\"2018-08-27T14:14:54+00:00\",\"dateModified\":\"2019-11-12T15:34:52+00:00\",\"description\":\"Data Integrity - How To Implement An Effective Audit Trail | What makes a good audit trail that is effective and complies with regulations? This article will explain what and audit trail is, what the applicable regulations are and the main aspects to consider when implementing an audit trail to contribute to safeguard clinical data integrity.\",\"breadcrumb\":{\"@id\":\"https:\/\/www.pharmity.com\/data-integrity-how-to-implement-an-effective-audit-trail\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.pharmity.com\/data-integrity-how-to-implement-an-effective-audit-trail\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.pharmity.com\/data-integrity-how-to-implement-an-effective-audit-trail\/#primaryimage\",\"url\":\"http:\/\/www.pharmity.com\/wp-content\/uploads\/2018\/08\/analytics-3088958_1920_Audit-Trail_image.jpg\",\"contentUrl\":\"http:\/\/www.pharmity.com\/wp-content\/uploads\/2018\/08\/analytics-3088958_1920_Audit-Trail_image.jpg\",\"width\":1920,\"height\":1280},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.pharmity.com\/data-integrity-how-to-implement-an-effective-audit-trail\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/www.pharmity.com\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Data Integrity &#8211; How To Implement An Effective Audit Trail\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.pharmity.com\/#website\",\"url\":\"https:\/\/www.pharmity.com\/\",\"name\":\"Pharmity\",\"description\":\"Pharmacy + Quality\",\"publisher\":{\"@id\":\"https:\/\/www.pharmity.com\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.pharmity.com\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/www.pharmity.com\/#organization\",\"name\":\"Pharmity\",\"url\":\"https:\/\/www.pharmity.com\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.pharmity.com\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/i0.wp.com\/www.pharmity.com\/wp-content\/uploads\/2018\/05\/P-on-top-1.png?fit=548%2C348&ssl=1\",\"contentUrl\":\"https:\/\/i0.wp.com\/www.pharmity.com\/wp-content\/uploads\/2018\/05\/P-on-top-1.png?fit=548%2C348&ssl=1\",\"width\":548,\"height\":348,\"caption\":\"Pharmity\"},\"image\":{\"@id\":\"https:\/\/www.pharmity.com\/#\/schema\/logo\/image\/\"},\"sameAs\":[\"https:\/\/www.linkedin.com\/company\/pharmity\/\",\"https:\/\/www.pinterest.es\/pharmity\/\"]},{\"@type\":\"Person\",\"@id\":\"https:\/\/www.pharmity.com\/#\/schema\/person\/a44b1c604f6554577cde3888acbaedb4\",\"name\":\"Leire Zu\u00f1iga\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.pharmity.com\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/388f413783e9c9d3a6773d6ed98aeceb?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/388f413783e9c9d3a6773d6ed98aeceb?s=96&d=mm&r=g\",\"caption\":\"Leire Zu\u00f1iga\"}}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Data Integrity - How To Implement An Effective Audit Trail | Pharmity","description":"Data Integrity - How To Implement An Effective Audit Trail | What makes a good audit trail that is effective and complies with regulations? This article will explain what and audit trail is, what the applicable regulations are and the main aspects to consider when implementing an audit trail to contribute to safeguard clinical data integrity.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.pharmity.com\/data-integrity-how-to-implement-an-effective-audit-trail\/","og_locale":"en_US","og_type":"article","og_title":"Data Integrity - How To Implement An Effective Audit Trail | Pharmity","og_description":"Data Integrity - How To Implement An Effective Audit Trail | What makes a good audit trail that is effective and complies with regulations? This article will explain what and audit trail is, what the applicable regulations are and the main aspects to consider when implementing an audit trail to contribute to safeguard clinical data integrity.","og_url":"https:\/\/www.pharmity.com\/data-integrity-how-to-implement-an-effective-audit-trail\/","og_site_name":"Pharmity","article_published_time":"2018-08-27T14:14:54+00:00","article_modified_time":"2019-11-12T15:34:52+00:00","og_image":[{"width":1920,"height":1280,"url":"https:\/\/www.pharmity.com\/wp-content\/uploads\/2018\/08\/analytics-3088958_1920_Audit-Trail_image.jpg","type":"image\/jpeg"}],"author":"Leire Zu\u00f1iga","twitter_card":"summary_large_image","twitter_misc":{"Written by":"Leire Zu\u00f1iga","Est. reading time":"10 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.pharmity.com\/data-integrity-how-to-implement-an-effective-audit-trail\/#article","isPartOf":{"@id":"https:\/\/www.pharmity.com\/data-integrity-how-to-implement-an-effective-audit-trail\/"},"author":{"name":"Leire Zu\u00f1iga","@id":"https:\/\/www.pharmity.com\/#\/schema\/person\/a44b1c604f6554577cde3888acbaedb4"},"headline":"Data Integrity &#8211; How To Implement An Effective Audit Trail","datePublished":"2018-08-27T14:14:54+00:00","dateModified":"2019-11-12T15:34:52+00:00","mainEntityOfPage":{"@id":"https:\/\/www.pharmity.com\/data-integrity-how-to-implement-an-effective-audit-trail\/"},"wordCount":1920,"publisher":{"@id":"https:\/\/www.pharmity.com\/#organization"},"image":{"@id":"https:\/\/www.pharmity.com\/data-integrity-how-to-implement-an-effective-audit-trail\/#primaryimage"},"thumbnailUrl":"http:\/\/www.pharmity.com\/wp-content\/uploads\/2018\/08\/analytics-3088958_1920_Audit-Trail_image.jpg","keywords":["audit","audit trails","data integrity"],"articleSection":["Data Integrity"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.pharmity.com\/data-integrity-how-to-implement-an-effective-audit-trail\/","url":"https:\/\/www.pharmity.com\/data-integrity-how-to-implement-an-effective-audit-trail\/","name":"Data Integrity - How To Implement An Effective Audit Trail | Pharmity","isPartOf":{"@id":"https:\/\/www.pharmity.com\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.pharmity.com\/data-integrity-how-to-implement-an-effective-audit-trail\/#primaryimage"},"image":{"@id":"https:\/\/www.pharmity.com\/data-integrity-how-to-implement-an-effective-audit-trail\/#primaryimage"},"thumbnailUrl":"http:\/\/www.pharmity.com\/wp-content\/uploads\/2018\/08\/analytics-3088958_1920_Audit-Trail_image.jpg","datePublished":"2018-08-27T14:14:54+00:00","dateModified":"2019-11-12T15:34:52+00:00","description":"Data Integrity - How To Implement An Effective Audit Trail | What makes a good audit trail that is effective and complies with regulations? This article will explain what and audit trail is, what the applicable regulations are and the main aspects to consider when implementing an audit trail to contribute to safeguard clinical data integrity.","breadcrumb":{"@id":"https:\/\/www.pharmity.com\/data-integrity-how-to-implement-an-effective-audit-trail\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.pharmity.com\/data-integrity-how-to-implement-an-effective-audit-trail\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.pharmity.com\/data-integrity-how-to-implement-an-effective-audit-trail\/#primaryimage","url":"http:\/\/www.pharmity.com\/wp-content\/uploads\/2018\/08\/analytics-3088958_1920_Audit-Trail_image.jpg","contentUrl":"http:\/\/www.pharmity.com\/wp-content\/uploads\/2018\/08\/analytics-3088958_1920_Audit-Trail_image.jpg","width":1920,"height":1280},{"@type":"BreadcrumbList","@id":"https:\/\/www.pharmity.com\/data-integrity-how-to-implement-an-effective-audit-trail\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.pharmity.com\/"},{"@type":"ListItem","position":2,"name":"Data Integrity &#8211; How To Implement An Effective Audit Trail"}]},{"@type":"WebSite","@id":"https:\/\/www.pharmity.com\/#website","url":"https:\/\/www.pharmity.com\/","name":"Pharmity","description":"Pharmacy + Quality","publisher":{"@id":"https:\/\/www.pharmity.com\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.pharmity.com\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.pharmity.com\/#organization","name":"Pharmity","url":"https:\/\/www.pharmity.com\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.pharmity.com\/#\/schema\/logo\/image\/","url":"https:\/\/i0.wp.com\/www.pharmity.com\/wp-content\/uploads\/2018\/05\/P-on-top-1.png?fit=548%2C348&ssl=1","contentUrl":"https:\/\/i0.wp.com\/www.pharmity.com\/wp-content\/uploads\/2018\/05\/P-on-top-1.png?fit=548%2C348&ssl=1","width":548,"height":348,"caption":"Pharmity"},"image":{"@id":"https:\/\/www.pharmity.com\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/www.linkedin.com\/company\/pharmity\/","https:\/\/www.pinterest.es\/pharmity\/"]},{"@type":"Person","@id":"https:\/\/www.pharmity.com\/#\/schema\/person\/a44b1c604f6554577cde3888acbaedb4","name":"Leire Zu\u00f1iga","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.pharmity.com\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/388f413783e9c9d3a6773d6ed98aeceb?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/388f413783e9c9d3a6773d6ed98aeceb?s=96&d=mm&r=g","caption":"Leire Zu\u00f1iga"}}]}},"_links":{"self":[{"href":"https:\/\/www.pharmity.com\/wp-json\/wp\/v2\/posts\/234","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.pharmity.com\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.pharmity.com\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.pharmity.com\/wp-json\/wp\/v2\/users\/3"}],"replies":[{"embeddable":true,"href":"https:\/\/www.pharmity.com\/wp-json\/wp\/v2\/comments?post=234"}],"version-history":[{"count":27,"href":"https:\/\/www.pharmity.com\/wp-json\/wp\/v2\/posts\/234\/revisions"}],"predecessor-version":[{"id":455,"href":"https:\/\/www.pharmity.com\/wp-json\/wp\/v2\/posts\/234\/revisions\/455"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.pharmity.com\/wp-json\/wp\/v2\/media\/235"}],"wp:attachment":[{"href":"https:\/\/www.pharmity.com\/wp-json\/wp\/v2\/media?parent=234"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.pharmity.com\/wp-json\/wp\/v2\/categories?post=234"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.pharmity.com\/wp-json\/wp\/v2\/tags?post=234"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}