Products Services Information About Contact
Products
Ofni Systems provides your FDA-regulated business with software and products to assist with 21 CFR 11, Annex 11, HIPAA, and other regulatory requirements for electronic data and signatures.
ExcelSafe
Part 11 Compliance For
MS Excel® Spreadsheets Simple To Use
Get spreadsheet control in a matter of hours Full Part 11 Compliance
Audit trails, electronic signatures and user security Spreadsheet Validation
We are FDA experts on spreadsheet validation Free Trial
Get a copy of Excelsafe to test today
FastVal
A Complete Validation Management Solution Create Documents
Fastval creates all your validation documents Electronic Execution
Execute validation protocols electronically Deviation Tracking
Deviation generation, tracking and management Project Management
Tools and reports to help manage people & projects
Ofni Clinical
eCRF Data Collection Database For Clinical Trials Case Report Forms
Converts your paper CRF's into eCRF's Edit Checks
Ensure data integrity with validation rules MedWatch Reporting
Automatically generates MedWatch FDA Form 3500A Rapid Implementation
Ready to use in days, not weeks or months
Part 11 Toolkit
Makes Any MS Access® Database Part 11 Compliant Audit Trails
Track all changes made in a database Electronic Signatures
Secure data with electronic signatures Database Validation
Let us validate your database for you Free Trial
Try the Part 11 Toolkit in your own database
Part 11 Advisor
Part 11 Auditing, Remediation and Training Tool Starting Gap Analysis
Facilitates the process of starting gap analysis Assessments
Collect and review data to identify Part 11 gaps Long-Term Tracking
Track the completion of your corrective action plan On-site Implementation
Hands on training on 21 CFR Part 11
Services
Ofni Systems provides your business with the highest quality consulting services to meet all of your compliance and quality needs.
Validation Services Software Validation
 Method Validation
 Process Validation
 Equipment Validation
21 CFR Part 11 Part 11 Training
 Part 11 Auditing
 Compliance Testing
 Software Assesments
Clinical Trials Custom Databases
 Database Testing
 Statistical Analysis
 Statistical Reporting
Other Services Data Migration
 SOP Writing
 Process Automation
 Mock Audits
Information
Ofni Systems is committed to assisting organizations with electronic records compliance, such as 21 CFR Part 11 and Annex 11. Let Ofni Systems make knowledge management simple for you.
21 CFR Part 11
A complete set of resources for 21 CFR Part 11 21 CFR 11.10(a)
Validation of computer systems 21 CFR 11.10(b)
Accurate Generation of Records 21 CFR 11.10(c)
Protection of Records 21 CFR 11.10(d)
Limited System Access 21 CFR 11.10(e)
Audit Trails 21 CFR 11.10(f)
Operational System Checks 21 CFR 11.10(g)
Authority Checks 21 CFR 11.10(h)
Input Checks 21 CFR 11.10(i)
Education, Training and Experience 21 CFR 11.10(j)
Policies for Electronic Signatures 21 CFR 11.10(k)
Document Control Part 11 FAQ
Validation of computer systems
Validation Resources
On selected validation documents Validation Planning
Define the scope and goals of a validation project. Requirement Gathering
Operations and activities that a system must be able to perform. Design Specification
Design Specifications describe how a system performs the requirements Installation Qualification
Verifies the proper installation and configuration of a System. Summary Report
Provides an overview of the entire validation project.
Other Resources
More information on FDA compliance FDA Warning Letters
Sample FDA 483 and Warning Letters Part 11 Publications
Useful 21 CFR 11 resources. Clinical Data Management
Best practices in handling data from clinical trials. Ofni Compliance Blog
Resources and information straight from the Ofni team.
About Ofni Systems
Ofni Systems is dedicated to helping companies address the requirements of 21 CFR Part 11, Electronic Records and Electronic Signatures.
Clients
Alliances
Employment
Customer Support

Data Integrity


Page 3 of 71234567

Warning Letter: Failure to prevent unauthorized access or prevent omission of data (ucm501282)

Tags: | |

Failure to prevent unauthorized access or changes to data, and to provide adequate controls to prevent manipulation and omission of data.

During the inspection, an FDA investigator discovered a lack of basic laboratory controls to prevent changes to your firm’s electronically stored data and paper records. Your firm relied on incomplete records to evaluate the quality of your drugs and to determine whether your drugs conformed with established specifications and standards.

…..Specifically, your Quality Control (QC) analysts used administrator privileges and passwords to manipulate your high performance liquid chromatography (HPLC) computer clock to alter the recorded chronology of laboratory testing events.

 

View the original warning letter.


Warning Letter: Failure to validate computer software for its intended use (ucm515403)

Tags: |

Your firm has not performed software validation [redacted]. These programs are used in the Starlight laser product family.

b. The software validation for [redacted] is inadequate, in that the [redacted]. This message occurs when either the maximum voltage (6V) is exceeded, or the actual voltage is higher than the reference voltage associated with the intensity selected by the operator.

Failure to validate computer software for its intended use according to an established protocol, when computers or automated data processing systems are used as part of production or the quality system, as required by 21 CFR 820.70(i). For example, your firm has not validated the following software used in its quality system:

View the original warning letter.


Warning Letter: Data Integrity Issues (ucm495778)

Tags:

Notification to Pharmaceutical Companies: Clinical and Bioanalytical Studies Conducted by Semler Research Are Unacceptable

“FDA is notifying sponsors of New Drug Applications (NDAs) and Abbreviated New Drug Applications (ANDAs) that clinical and bioanalytical studies conducted by Semler Research Private Limited (Semler) located in Bangalore, India, are not acceptable as a result of data integrity concerns, and need to be repeated… The inspection found significant instances of misconduct and violations of federal regulations, including the substitution and manipulation of study subject samples.

“Specifically, the WHO examined company computer servers and found a spreadsheet file containing detailed instructions for manipulating drug samples that were used in clinical trials for its clients.”

View the original warning letter.


Warning Letter: Unauthorized Access (ucm496623)

Tags: |

Failure of computerized systems to have sufficient controls to prevent unauthorized access or changes to data.

Your firm’s computer system for entering test results and storing certificates of analysis (CoA), which document whether a drug meets specifications, does not have sufficient controls to prevent unauthorized changes to a CoA after quality unit approval.

During the inspection, our investigator reviewed [redacted] CoA stored on computer #16, all of which were approved by the quality unit. A manager demonstrated for our investigator how results on an already finalized CoA could be manipulated after the formal quality unit approval. Also, the quality unit’s electronic signatures on these CoA were uncontrolled images of signatures rather than certificate-based electronic signatures.

View the original warning letter.


Warning Letter: Data falsification and manipulation (ucm489735)

Tags:

Your firm failed to ensure that laboratory records included complete data derived from all tests necessary to assure compliance with established specifications and standards (21 CFR 211.194(a)).

During our inspection, we observed multiple examples of incomplete, inaccurate, or falsified laboratory records.

View the original warning letter.


Warning Letter: Failure to establish and maintain adequate procedures (ucm515974)

Tags: |

Failure to establish and maintain adequate procedures for implementing corrective and preventive action (CAPA), as required by 21 CFR 820.100(a). For example:

a. Your firm’s CAPA procedure, [redacted], only requires that nonconformances will be reviewed every [redacted]. However, the procedure does not require analysis of quality data, including quality records, complaints and returned products, for potential CAPA.

View the original warning letter.


Warning Letter: Firm has not validated or documented software changes (ucm516079)

Tags: |

Failure to establish and maintain adequate procedures for the identification, documentation, validation, or where appropriate verification, review, and approval of design changes before their implementation, as required by 21 CFR 820.30(i). For example: your firm has not validated or documented software changes for the Omega XP Laser System; Omega XP-Clinic Laser System; and Omega Excel Laser System.

View the original warning letter.


Warning Letter: Failure to validate computer software for its intended use according to an established protocol (ucm515647)

Tags:

Failure to ensure that when computers or automated data processing systems are used as part of production or the quality system, the manufacturer shall validate computer software for its intended use according to an established protocol, as required by 21 CFR 820.70(i). For example, your firm has not validated the software, [redacted], used to manage various activities such as complaints, CAPAs, repairs, servicing, internal and external audits, and warranty service. Your firm has been utilizing this software since January 2011

 

View the original warning letter.


Warning Letter: Lack of Audit Trails and other deficient computerized system controls (ucm478393)

Tags: | |

“Your firm failed to establish appropriate controls over computers and related systems to assure that changes in master production and control records or other records are instituted only by authorized personnel (21 CFR 211. 68(b)).

You lacked audit trails or other sufficient controls to facilitate traceability of the individuals who access each of the programmable logic controller (PLC) levels or Man-Machine Interface (MMI) equipment. You had no way to verify that individuals have not changed, adjusted, or modified equipment operation parameters.”

View the original warning letter.


Warning Letter: Failure to maintain complete data (ucm465626)

Tags: | |

“2. Failure to prevent unauthorized access or changes to data and to provide adequate controls to prevent omission of data.

Your laboratory systems lacked access controls to prevent raw data from being deleted or altered. For example:

a. During the inspection, we noted that you had no unique usernames, passwords, or user access levelsfor analysts on multiple laboratory systems. All laboratory employees were granted full privileges to the computer systems. They could delete or alter chromatograms, methods, integration parameters, and data acquisition date and time stamps. You used data generated by these unprotected and uncontrolled systems to evaluate API quality.

b. Multiple instruments had no audit trail functions to record data changes.

3. Failure to maintain complete data derived from all testing, and to ensure compliance with established specifications and standards.

Because you discarded necessary chromatographic information such as integration parameters and injection sequences from test records, you relied on incomplete records to evaluate the quality of your APIs and to determine whether your APIs conformed with established specifications and standards. For example:

a. During the inspection, the investigator found no procedures for manual integration or review of electronic and printed analytical data for [redacted] stability samples. Electronic integration parameters were not saved or recorded manually. When the next samples were analyzed, the previous parameters were overwritten during the subsequent analyses.

i. Your HPLC 14 computer files included raw data for undocumented [redacted] stability samples analyzed on December 30, 2013, but no indication of where these samples came from and why they were tested.

ii. In a data file folder created on May 22, 2013, 23 chromatograms were identified as stability samples for [redacted] lots [redacted], and [redacted]. Results were not documented. More importantly, the acquisition date was July 7, 2013, more than six weeks after the samples were run.

iii. (b)(4) lots (b)(4) and (b)(4) were not in your stability study records at the time of inspection. Additionally, there were no log notes of any samples from the three lots removed from the stability chamber.

In response to this letter, provide your revised procedures and describe steps you have taken to retrain employees to ensure retention of complete electronic raw data for all laboratory instrumentation and equipment. Also, provide a detailed description of the responsibilities of your quality control laboratory management, and quality assurance unit for performing analytical data review and assuring integrity (including reconcilability) of all data generated by your laboratory.”

View the original warning letter.




Page 3 of 71234567
Ofni Systems Logo
Products Services Information About Contact Privacy Terms Of Use |   (919) 844-2494 Google+