Data Integrity and Electronic Records compliance with DoseControl software

1.0   PURPOSE

To provide detailed descriptions of the functional specifications for the GEX DoseControl Dosimetry System, related to data integrity and electronic records compliance.

2.0   BACKGROUND

The DoseControl System was designed to meet the need for accurate electronic record-keeping and data management of dosimetry measurements and metadata to be used in various quality management and operational aspects of commercial irradiation applications. Users can rely on DoseControl system data for validating processes, assessing product and process conformance, and providing data feedback for process control analysis.

The DoseControl System was designed to comply with U.S. FDA 21 CFR part 11, EudraLex Vol. 4 Annex 11, and FDA CGMP standards for data integrity and electronic records. The DoseControl design team researched, identified, and interpreted the requirements of these standards, and incorporated these elements into the system design and development.

GEX maintains a Quality Management System certified to ISO 9001 and ISO 17025 standards (current version).

3.0   INTEGRITY OF USER ASSOCIATION WITH RECORDS

Access Control

DoseControl utilizes access controls to ensure that the system can accurately record the user that is working on the system, including authentication by corporate Windows® Active Directory (LDAP). All records of user associations are maintained, even after users are deleted from the Active Directory.

The application lock-out feature locks the application to the Login Screen after an administrator-designated set number of idle minutes.

User Roles and Permissions

• System Administrator Role – IT configuration and user management only.

• Application Administrator Role – Settings for all operational aspects, except the System Administrator items.

• Technician Role – Ability to create reports and measure dosimeters, performance verification, and generate system outputs.

• Re-read Permission – Users authorized to re-read dosimeters.

• Sample Editing Permission – Users that are authorized to edit the ID of a sample, or to execute soft-deletion of a sample ID and related measurement data from a report.

• Edit Dosimeter Thickness Permission – Users that are authorized to edit the thickness of a dosimeter sample.

4.0   INTEGRITY OF DATA - GENERAL

Date and Time Records

The database records the Date and Time according to UTC, to provide a consistent record, and to eliminate confusion due to user time zone differences.

Auto and Manual Saving

Configuration data and manually entered metadata are saved by user action (“save” button). The GxP data acquisition from instruments, including associated metadata and data resulting from calculations (including associated metadata), is auto saved by the software.

Deletion of Records

Measurement records (data) and/or any related record metadata (and configuration data associated with the creation of such records) can never be deleted.

An administrator can delete configuration data without restriction only if the data is not used by DoseControl as part of a Dosimetry Report (i.e. in case of an error during initial entry of data or faulty configuration entry). An example is an unused dosimeter calibration; it can be deleted unless it is used in one or more reports.

System Data Archiving & Backup

System data is maintained in a single, relational, SQL database instance. DoseControl does not backup or archive automatically and does not feature any in-application options to manually do so. The DC software requires the user to utilize the features of Microsoft SQL for backup and archiving activities.

5.0   INTEGRITY OF EVERY MEASUREMENT

Sample Identification

One of the key features of DoseControl is the unique identification of every measurement taken by the system. Measurements require a unique Sample ID (called “Dosimeter ID”) so that all measurements can be individually identified in the database using application logic. The system does not allow duplicate ID’s, and this feature is an element of the DoseControl system.

The DoseControl System has an optional integrated barcode scanner internal to the spectrophotometer which is used to verify and record the Dosimeter ID with every measurement. This feature is currently only available for B3 DoseStix dosimeter type and the Thermo Evolution spectrophotometer. Refer to section 12 for important information on forthcoming advancements in this area.

Note: Future plans are to incorporate a barcode scanner with the GENESYS 30 Spectrophotometer, and to introduce a barcode on a new version of the B3 WINdose dosimeter, which will give all B3 dosimeters the ability to be under the same level of control as the B3 DoseStix using this barcode scanning feature of the DoseControl System (see Future Development Plans section for more information).

Irradiation Pathway Identification

For users with more than one irradiator or irradiation “pathway”, every measurement is associated with one specific pathway for traceability. Dosimeters from multiple pathways are not allowed within the same report.

Dosimeter Batch Identification

Each measurement record associates with only one specific dosimeter batch. Dosimeters from multiple batches are not allowed within a single report. For B3 dosimeters, the software will associate the Batch ID from a dosimeter barcode with the Batch ID of the calibration being used. If the dosimeter is of a different batch, it is not allowed to be measured in the report.

Instrument Identification

With every measurement, DoseControl verifies that the serial number of the attached instrument does in fact match the serial number of the instrument from the Reader Configuration used in the dosimeter batch calibration currently loaded in the software. The integrity of the measurement process is maintained by eliminating the possibility of an instrument mix-up, either intentionally or inadvertently, before or during a measurement session.

Spectrophotometer Wavelength Verification

Before acquiring the instrument response during a measurement, DoseControl verifies that the wavelength setting of the instrument matches the required setting from the dosimeter batch calibration. The user cannot change the instrument settings using the instrument buttons while connected to DoseControl when using the GENESYS 30 or Evolution Spectrophotometers. Even though it is not possible for the user to change the setting using the soft keys on the instrument, DoseControl would verify that there was not a match.

If the wavelength is found to not match, the software will guide the user through a workflow of re-setting to the proper wavelength and re-zeroing the instrument before that measurement can be acquired.

Modification of a Dosimeter

Dosimeter ID (sample ID) and related measurements can be removed from a report, or the ID can be modified only by users with the assigned permission to make these modifications. In each such instance, DoseControl requires the user to provide an explanation from the user, which is recorded in the Audit Trail.

DoseControl has the option to make such data locked from user modification.

6.0   INTEGRITY OF ALL RE-MEASUREMENTS

Sample Identification

The application uses a Revision Control System for recording any re-measurement of the same Sample ID (Dosimeter ID). Each measurement of the same Sample ID constitutes a new row in the SQL database with the respective version ID.

For re-measurement, the optional barcode for B3 DoseStix will verify the Sample ID before measurement acquisition.

Admin-Configurable Reread Policy

The Application Administrator can set policy to control re-measurement of samples to enforce any variation of the following policy aspects:

• Restrict the total number of re-measurements allowed of the same Sample ID.

• Require the use of a statistical evaluation of multiple measurements of the same sample.

• Use the mean value accepted when measurement variation is less than the administrator-defined limit, with or without including the original measurement. Otherwise, the re-read is rejected if the variation of measurement is higher than the limit and the original measurement is retained as the measurement of record.

• Require a comment on every re-measurement.

• Require a different user to re-measure.

• Require only specific personnel to re-measure based on user role assignment.

7.0   INTEGRITY OF THE MEASUREMENT SETS AND METADATA (DOSIMETRY REPORTS)

A set of measurements and associated metadata is referred to as a “Report” or “Dosimetry Report” in the DoseControl system. Each Report can be thought of as a “measurement session” or similar concept of a group of dosimeters measured for a specific purpose. DoseControl assigns a unique Report ID that is traceable to all related measurements and metadata within a given Report. All modification of metadata is allowed without comment (assumption of incorrect data – faulty entry), and this modification is recorded (gives the value before and after modification) in the Audit Trail.

Reports are also revision controlled. The user explicitly confirms the completion of a specific revision of a Report by “Processing” the report. If changes are necessary, the user then must explicitly “Version” that report. Data from any version can be assembled into a “Report Output” at any time; the user can produce an output of each version independently at the time of creation or anytime in the future.

8.0   IT CONFIGURATION DATA

IT configuration data is not considered to be GxP data and is not subject to the electronic data rules described herein. Changes to file pathways for saving, SQL connection strings, or peripheral connection information (such as COM port or Baud Rate information for a device) are modifiable without creating an Audit Trail event; this is because any modification is restricted to administrators and there is no direct data integrity risk with their modification; incorrect modification will only result in operational failures, such as inability to connect to the spectrophotometer.

9.0   AUDIT TRAIL

DoseControl’s Audit Trail is compliant with FDA 21 CFR part 11 and Annex 11.

The user can query the system based on the following parameters or combinations of parameters to review the audit trail. The audit trail is limited to 20,000 records in a single query and if the system cannot return fewer than 20,000 records, it will ask the user to adjust the parameters (most importantly the Date range) until it can comply with the request.

10.0   INTEGRITY OF SYSTEM OUTPUTS

Outputs of the system are in three formats that can be official records: Electronic data, PDF, and MS Excel.

Electronic Data

An optional output is the electronic data directly from SQL tables. DoseControl features a standardized integration method which allows users to collect GxP Data (measurements and metadata) from a series of SQL tables, designed precisely for integration with other electronic systems. The DoseControl Licensing Agreement forbids users to integrate with SQL tables used by the application logic. Instead, DoseControl has “Export Tables” that can be accessed by the user to retrieve the output data electronically. When electronic integration is utilized, the customer (owner of the data) is responsible for the integrity of the transfer and destination of the electronic data.

Secure PDF Report Format

Both standard and customized layouts of PDF’s can be output for any dosimetry report output. Backup of any PDF dosimetry report outputs are the responsibility of the end-user. The files are created and stored by the application in an admin-configurable local or network file location and are the responsibility of the end-user at that point. The outputs can also be saved by the end-user to any local or network location using the Save feature of Adobe PDF applications or equivalent.

The PDF output was designed to manage batch conformance records. All other system report outputs (e.g. Instrument Performance Verification Report) are available strictly in this secure PDF format. Secure PDF documents cannot be altered.

All PDF’s are secured by password maintained only by GEX to prevent and discourage editing with PDF editing software, to the extent possible.

MS Excel Report Format

The MS Excel output option is intended for research, testing, and validation efforts in which the data is to be further analyzed by the user either in MS Excel or some other application.

A standard layout MS Excel Worksheet can be used to output any dosimetry report. MS Excel records may be exported in a format that is locked with a password. Locked or unlocked MS Excel templates are uploaded into DoseControl and maintained in the SQL database. When this output is used, the user saves the MS Excel file to any local or network location. Data security and backup of these records are the responsibility of the end-user.

11.0    SYSTEM DEVELOPMENT, VALIDATION, AND TESTING

DoseControl Software Code Verification

GEX utilizes a software development team, which requires a code review of each functional addition or change to the code by a different senior team member.

Unit and Integration Tests

The software development team employs a vast network of unit and integration tests to automatically check the logical and functional operations of the software each time a software ‘build’ is performed. This is an automated process and all tests must pass to successfully push a new build to the verification testing phase.

System Verification Testing

A process is employed to verify that each specific bit of development results in outputs that meet the functional requirements specification (FRS). First, the software development team uses its own devoted QA resources to test the software and hardware integration against the specifications. Then, a separate verification is performed using GEX QA resources. At this stage, major system interaction points are also tested if there are any expected influences of a change or additions to the existing system on a related function or aspect.

System Validation Testing

The total system of hardware and software, along with operating instructions, are validated for each public release to document that the system meets the User Requirements Specification and intended uses. System validation testing is managed by GEX Quality Assurance.

12.0      NEW & FUTURE DEVELOPMENTS

Improved Data Integrity: Integrated Barcode Scanner for both Thermo Evolution and GENESYS 30 Spectrophotometers

As of June 25, 2020, DoseControl software is integrated new imaging scanner with 1D and 2D barcode scanning capabilities, to be employed for future sample identification purposes in both the Evolution and GENESYS 30 spectrophotometers. Release of this DoseControl software version was Fall 2020.

GEX B3 Dosimeters

The “GEX B3” style of B3 dosimeter is a re-design of the B3 WINdose dosimeters will include a small paper handle with a 2D barcode, to allow handling without tools and gloves, and to allow dosimeter ID traceability. This improvement would allow this type of dosimeter to have the sample integrity available with B3 DoseStix. For complete details see the GEX website - B3 dosimeters.

DoseControl Software

The following items that pertain to the topic are under consideration or in a stage of design:

• Dosimeter batch count/tracking

• Technician metrics report – number of measurements, re-reads, instrument zeroing, P.V. checks, etc.

• Built-in Daily P.V. Routine for the GENESYS 30 Spectrophotometer

• Electronic Signature capabilities

Disclaimer -The information contained in this document is provided “as is” and is not a substitute for the user’s professional judgement.  It is provided as a convenience to those using products provided by GEX Corporation who have sufficient technical skills to evaluate and properly apply the information in this document.  It is the responsibility of the user of this document to ensure that the information in this document, and the use of such information, is accurate, complete, applicable to the product, suitable for the user’s purposes, and in compliance with all laws and regulations.  GEX Corporation believes the information provided in this document is accurate and reliable as of the time of writing, but it undertakes no obligation to update or correct this document.  GEX Corporation may, but is not required to, make changes to this document at any time without notice.  By using the information in this document, the user represents and warrants that he or she has the skills necessary to properly understand and apply this information and that he or she will comply with all applicable laws and regulations including, without limitation, those relating to medical devices, pharmaceutical products, or other applicable industries.  The user assumes all risks associated with using this information and any results or output resulting from the application of this information to GEX Corporation’s products.  The user agrees not to hold GEX Corporation liable for any errors or omissions contained within.