The Role of MetaData
Metadata is central to the trustworthiness of records and compliance with Part 11. Without metadata, the traceability of a
record is extremely limited. The complete and uncorrupted package of raw data, metadata, and results represents a trustworthy
and reliable set of information that helps generate knowledge that results, production processes, and product quality are
under control. Without metadata, it is not possible to "replay" the original result using the original input parameters. Even
though "instant replay" is subject to enforcement discretion according to the 2003 Part 11 guidance, it is important for data
migration when replacing legacy systems. Theoretically, firms can get away with not carrying legacy data forward, especially
since this is a tough technical challenge for the regulated industries and their suppliers. Practically, however, it is an
unacceptable waste of resources if there is no electronic data transfer between the original system and its replacement. Can
a pharmaceutical development or quality-control laboratory afford to manually re-enter hundreds or even thousands of analytical
methods? How efficiently can they investigate a complaint if there is only a paper archive that is not keyword searchable?
How do they judge a small unspecified impurity if only a paper printout of the original chromatogram is available with no
possibilities for zooming, reintegrating, or inspecting the spectral data?
Instrument Control Metadata
Electronic records generated by an analytical instrument can be regarded as trustworthy and reliable if there is evidence
that the communication between the instrument and system controller is trustworthy and reliable.
In many cases, firms must rely on electronic raw data to perform regulated activities such as QA/QC testing of finished drug
products for batch release or when investigating a suspected out-of-specification (OOS) result. For example, a regulatory
agency may ask for documentation of instrument conditions to support the laboratory's conclusion that a certain result was
not OOS due to a technical failure of the apparatus. It may be difficult to show evidence that a given measurement was in
fact performed according to the defined procedure, unless there is detailed documentation of the metadata. Examples of such
metadata are instrument setpoints used during the analysis and setpoints used for re-integration (including documentation
of the previous setpoints and previous results). Without hard evidence like this, the regulatory agency may suspect attempts
to test the results into compliance!
Level-4 instrument control employs techniques such as automatic tracking of instrument identification and configuration, early
maintenance feedback (EMF), self diagnostics, real-time data acquisition and synchronization independent of the computer,
and bi-directional handshake protocols between devices and controllers for reliable and traceable instrument communication.
We discuss level-4 instrument control further in the Instrument Control article in this series.
Object Database Management Systems (ODBMS) are specifically designed to manage and store complex objects and their complex
relationships. Applications based on ODBMS are commercially available and suppliers have implemented data management systems
based on ODBMS for several years.7 According to Loomis, one of the main benefits, apart from referential integrity and ease of system administration, is that
"the storage of objects as objects, rather than fields of tables, not only maintains the inherent nature of the object, but
can also eliminate 30-70% of a project's total code, which is typically used to map objects to tables."8
For analytical data management systems, a significant percentage of the entire data volume consists of instrument raw data.
Due to the size of the raw data, it is typically stored in an efficient binary format. Binary objects in a database system
are called binary large objects (BLOBs). Modern systems such as Oracle 9i allow BLOBs to be managed efficiently within the
database. In contrast, older systems implemented their own hybrid data management structure: database schemas used a combination
of relational tables managed in the database and binary objects managed in a flat file system.
Managing tables and objects within the database management system simplifies system maintenance significantly, as standard
IT procedures for disaster recovery (backup) and data archiving can be used instead of specialized, two-fold procedures that
have to synchronize processes on the database with processes on the file system.
- Identify the systems and records that are critical from a product quality and business perspective.
- Analytical data systems used in industries subject to 21 CFR Part 11 need to be evaluated in terms of data security, data
integrity, and audit trails to comply with current regulations and guidelines. Database systems generally help but are not
a guarantee of data integrity and security.
- Assess the risks that affect data security and data integrity.
- When assessing the risks in an existing system or when selecting a new one, consider not only raw data and results, but also
metadata. If your system does not provide referential integrity for interdependent records, you may need a specific, paper-based
operating procedure to collect the required evidence that your process and your data are intact.
- When evaluating a data management system, verify that the system implements a tight link between results, raw data, and metadata
that cannot be
corrupted by ordinary means. Tight revision control of each data object is mandatory to achieve this goal.
- Consider the administration and maintenance of the data management system. If the system manages critical records, you are
responsible for appropriate maintenance and disaster recovery procedures. Ask your suppliers for help if you do not have the
technical expertise in-house.
- Standardization is a good way to manage complexity. Your user requirement specification should list the technical standards
that you consider critical (operating systems, security policies, backup procedures, maintenance procedures).
1. McDowall RD. Operational measures to ensure the continued validation of computerised systems in regulated or accredited
laboratories. Laboratory Automation and Information Management 1995; 31(1):25-34.
2. FDA. Code of Federal Regulations, Title 21, Part 11; electronic records; electronic signatures; final rule. Federal Register 1997; 62(54):13429-13466. (See sections 11.10(b) and 11.30.)
3. FDA. cGMP warning letter, File No.: 04-NWJ-02. Available at URL: www.fda.gov.
4. FDA. cGMP warning letter, File No. 2004-NOL-03. Available at URL: www.fda.gov.
5. FDA. cGMP warning letter, File No. 04-NWJ-01. Available at URL: www.fda.gov.
6. FDA. Human Drug CGMP Notes 1997; 5(4). Available at URL: www.fda.gov/cder/dmpq/cgmpnotes.htm.
7. Loomis TP. The best of LIMS and object and relational DBMS can be combined. Scientific Computing and Automation 1998; Feb:73-76.
8. Guzenda L. 7 signs that you need an object database. Scientific Data Management 1999; Sep/Oct:30-33.