EUROLAB Cook Book Doc No. 13 ELECTRONIC RECORDS

Transcription

1 ELECTRONIC RECORDS Introduction The increased use of computers and computer systems in laboratories have lead to an increased number of electronic records. There are a lot of advantages with electronic records, e.g. no need for a physical space for an archive, good posibilities to search for records, etc. Most laboratories have electronic records even though there are still a lot of physical records produced. Example of records are reports from internal and external audits, documents relating to equipment and staff comptence etc. However, a lot of laboratories do not exactly know how to handle electronic records. In the standard ISO/IEC 17025:2005 [1] there are some requirements on how a laboratory should handle records in general and those requirements are of course valid for also for electronic records. The EUROLAB Technical Report Guidance for the Managment of Computer and Software in Laboratories with Reference to ISO/IEC 17025:2005 [2] provides guidance and advice on management of computers and software, including electronic records. In this Cook Book, based upon the requirements, advice and guidance in two documents mentioned above, guidance on how to handle electronic records in a laboratory are provided. Procedures for electronic records In ISO/IEC it is stated in clause that The laboratory shall establish and maintain procedures for identification, collection, indexing, access, filing, storage, maintenance and disposal of quality and. This requirement is of course also valid for electronic records. The requirement is fulfilled by having documented in the quality management system how electronic records are named (preferably with the identification of the assignment/order as a part of the name, if relevant), where the records are filed and stored (what server, networks, electronic folders etc.) and the personnel that have access to the storage places, both physically and electronically. In the QMS a reasonable retention time (normally at least 10 years) shall be decided and if and how the records shall be deleted/disposed of, or else what to do, when the retention time has expired. Requirements concerning retention times of records are also mentioned in clause but these requirements are also fulfilled in the way mentioned above. A laboratory should develop set forms for the electronic records it will produce and the forms should be protected against unintentional changes by the staff. Set forms is minimising the possibility for the staff to make mistakes. Storage of electronic records Clause of ISO states that All records shall be legible and shall be stored and retained in such a way that they are readily retrievable in facilities that provide a suitable environment to prevent damage or deterioration and to prevent loss. The storage of electronic data is normally performed on a server. And if the server used for the storage is placed in a facility to which there is limited physical and electronic access (locked room, fire wall and password) and in which the climate is controlled the requirements concerning prevention of damage or deterioration and to prevent loss are fulfilled. This should of course be described in a QMS document, preferably the one mentioned above. In addition the question about fire protection should be considered. And the need for burglary as well as fire alarms should be considered. In a laboratory with normal activity there is no need to install a burglary alarm solely for the protection of information stored on servers. If the laboratory is using laptops for data recording it is recommended to regularly move the data to servers. Retention time of electronic records Another issue of importance is the format used to store the information. Due to the very fast technical development in the IT sector there is a risk that data stored in a specific format, e.g. a special format connected to a measurement programme, may be impossible to be read even before the retention time has expired. The best way to avoid such problems is to store the records in a format which is likely to survive during a long time, e.g. in text format or for recorded data excel format. Both these formats will survive for a long time and if they disappear it will be well known beforehand and commercial solutions of the retrieving problem will be available. The laboratory must in the QMS describe the chosen solution (what format). April

2 The laboratory must also be aware of the risk that the solution (both hardware and storing media) needed to read the stored records become too old and therefore, if such risk appears, the stored records must be transferred to a more modern media. The solution to save the old technology may lead to problems if it breakes down and is therefore not recommended. Security Clause in ISO/IEC 17025:2005 requires that All records shall be held secure and in confidence. By placing the servers in a facility to which there is restricted physical access (locked room) and by restricting with passwords the electronic access to servers to appointed personnel, the requirements above are fulfilled. The servers should also be protected (e.g. by a fire wall) from intrusion via networks etc. By protecting back-up files in a similar way the requirements in The laboratory shall have procedures to protect and back-up records stored electronically and to prevent unauthorized access to or amendment of these records are fulfilled. The rest of the requirements concerning backups are fulfilled by having normal backup procedures (how often, which files, media used, etc.) and reasonable safe storage (locked in, in another place than the computers, and at least the question of fire protection considered) of the backups (tapes or whatever media used). If there is a risk that the recorded files may be changed by mistake it is recommended to write-protect the records. Technical records, including raw data Clause states that The laboratory shall retain records of original observations, derived data and sufficient information to establish an audit trail, calibration records, staff records and a copy of each test report or calibration certificate issued, for a defined period. For the laboratory using electronic records this requirement is fulfilled by storing original observations and derived data in text format or excel format. A good way to store records connected to one assignment is to place them in an electronic folder or on a webpage dedicated to that single assignment. If calculations have been performed as a part of the assignment it is not necessary to keep old computing systems for the whole retention period but to be able to show the validation report for the computing system, which must be stored long enough to cover the retention period for assignments where the computing system was used. The calibration certificates for the equipment used and the staff records are usually not stored in the same electronic folder or webpage as the rest of the information concerning the assignment and it is therefore important to give reference to the equipment used and the staff that performed the assignment, preferably in the test report. The time the records shall be retained depends. There may be requirements from authorities to retain records for 30 years or for eternity. But in the normal case the retention time should be decided by the laboratory itself. The retention time is normally at least 5 years and in most cases 10 years. Repeat test/calibration Clause continues The records for each test or calibration shall contain sufficient information to facilitate, if possible, identification of factors affecting the uncertainty and to enable the test or calibration to be repeated under conditions as close as possible to the original. This requirement may be problematic to handle since there is so much information (e.g. work sheets, work notes, contracts etc.) needed to repeat a test/calibration, many in physical format. If the laboratory wants to have all records in electronic form all information in paper format must be scanned and stored in the assignment s electronic folder or webpage. To make the storing easier the laboratory can produce a checklist of what an electronic folder/webpage should contain. It is important to point to a note in ISO/IEC 17025:2005 stating In certain fields it may be impossible or impractical to retain records of all original observations which means that in some cases it is allowed to reduce the amount of records of original observations. One possibility is to reduce the number of measurements saved. E.g. data points are collected every 10 seconds during a month-long test it should be enough to store only every sixth data point (every minute) if the data is not fluctuating too much. 2 April 2011

3 The final requirement of clause states The records shall include the identity of personnel responsible for the sampling, performance of each test and/or calibration and checking of results. When electronic records are used there are different ways to include the identity the personnel. It is important to label and identify all records in a similar way, e.g. with the number of the assignment and a heading describing what the record contains e.g. Sampling record. By then mentioning the personnel in the test/calibration report the circle is closed. But to have a more robust traceability the name of the responsible persons should be mentioned in all records of original observations, derived data, work sheets, work books etc. even if they are kept in electronic form. Identification of data The paragraph requires that Observations, data and calculations shall be recorded at the time they are made and shall be identifiable to the specific task. As said before by using the assignment s/order s identification, fulfils this requirement. Erasing mistakes Handling of mistakes in records is mentioned in When mistakes occur in records, each mistake shall be crossed out, not erased, made illegible or deleted, and the correct value entered alongside. All such alterations to records shall be signed or initialled by the person making the correction. In the case of records stored electronically, equivalent measures shall be taken to avoid loss or change of original data. This may be difficult to handle for some sorts of electronic records. One way is to use audit trail in records saved as text files. In [2] the concept of a computer session, during which errors may be changed without audit trail, is introduced. Laboratories can identify a computer session and changes of data outside the session require audit trails (i.e. data is not deleted but expired). A computer session is a period during which the operator is working at the computer without long breaks, e.g. a lunch break is considered as a long break while a visit to the rest room is not considered as a long break. In normal cases the longest computer session is four to five hours. During a computer session the operator may change e.g. typed-in data without making any special arrangements. When data are changed outside a computer session the change requires an audit trail (name of the person that changed the data, the time for the change and the original typed data). April

4 References [1] ISO/IEC 17025:2005 General requirements for the competence of testing and calibration laboratories [2] Guidance for the Management of Computer and Software in laboratories with Reference to ISO/IEC 17025:2005, EUROLAB Technical Report No. 2/2006, October Checklist Appendix 1 In this checklist all the ISO requirements concerning electronic records are listed. The way the requirements are fulfilled should be described under solution and in the column References the reference to the QMS should be made. There are extra lines at the end of the checklist and they may be used for additional points to be checked. Requirements in ISO/IEC Solution Reference Procedures for identification of quality and Procedures for collection of quality and Procedures for indexing (identification) of quality and Procedures for filing of quality and technical records Procedures for storage of quality and (e.g. electronic folders, web pages etc.) Procedures for maintenance of quality and Procedures for disposal of quality and Records shall be legible Records shall be stored and retained in such a way that they are readily retrievable (format decided ) Records shall be stored and retained in facilities that provide a suitable environment to prevent damage or deterioration and to prevent loss Retention time decided Way of disposal of records All records shall be held secure and in confidence, (where are the servers placed?) How are the servers, the records and backups protected from electronic intrusions? How are the servers, the records and backups protected from physical intrusions? What are the backup procedures (how often, which files, media used, etc.) Access rights to the servers both physical and electronic Way of identifying personnel Way of naming records Computer session defined Audit trail solution (trailing changes in a record) 4 April 2011

5 April