知识分享|欧盟法令(EU)2016/161安全特性的GMP符合性检查备忘录

风清飞扬
风清飞扬 这家伙很懒,还没有设置简介

2 人点赞了该文章 · 5076 浏览

近日,欧盟委员会发布了一份《欧盟法令(EU)2016/161安全特性的GMP符合性检查备忘录》,列出了GMP检查过程中特别关注的9类问题:

与OBP的连接

数据流

序列码(SN)的生成

数据上传

防篡改装置(ATD)的应用

包装线

唯一标识符的状态更改

二维条码打印的质量

报警管理


例如,关于序列码生成、数据上传和包装线方面,在GMP检查过程中将确认以下方面:


Generation of Serial Numbers (SNs)

序列码的生成


Where/by whom are the SNs generated? Is there a Contract in place?

在哪里/谁生成了序列码?是否有合同?


Is it generated by a deterministic or a non- deterministic randomisation algorithm, in a way that the probability that the serial number can be guessed shall be negligible and in any case lower than one in ten thousand?

它是由确定性或非确定性随机化算法生成的,可猜到序列号的概率可以忽略不计,并且在任何情况下都低于万分之一? 


Is the combination of the PC+SN unique until EXP+1Y or REL+5Y, whichever is the longer period?

PC+SN 的组合在有效期后一年( EXP+1Y) 或五年( REL=5Y)(以较长的周期为准) 之前是否唯一?


Is serialisation data received from other parties, e.g. CMO’s? If yes, how (e.g. connection with the CMO’s system)? 

是否从其他方(例如 CMO)接收序列化数据?如果是,如何接收?(例如:如何与 CMO 的系统连接)?


Has the security of the connection been evaluated?

连接的安全性是否已评估?


Who manages/controls the Product Master Data in the hub (e.g. creation of a new product, changes to an existing product)?

谁管理/控制中心中的主数据(例如,创建新产品、对现有产品的更改)?


How is it ensured that only Product Master Data from legitimate marketed packs is uploaded?

如何确保仅上传合法销售包中的产品主数据?


(i.e. once a company passes EMVO’s legitimacy check and gets access, how is that company prevented from creating non-existing products in the system and upload of SN’s for t his fake product, to enable distribution of falsified product)

(例如,一旦公司通过 EMVO 的合法性检查并获得访问权限,该公司如何阻止在系统中创建不存在的产品并上传假冒产品SN


Uploading of information in the repositories system

在存储库系统中上传信息


At what point in the batch release process is the data uploaded?

在批放行过程中的什么节点上传数据?


Is the data sent to the serialisation partner’s server first and held for a period or stored temporarily in the manufacturer’s/MAH’s cloud, prior to upload to the hub?

在上传到数据中心之前,数据是否首先发送到序列化合作伙伴的服务器,并暂存一段时间或暂存在生产企业/MAH的云服务器中?


How is the upload to the hub actually triggered?

如何触发上传到数据中心?


How is it ensured that only the data for ‘good’ packs (suitable for release) is uploaded to the hub?

如何确保只有"好的"包装(可放行)的数据上传到数据中心?


Is the system designed in a way that no upload of data goes undetected/that any upload of data requires approval (of the QP?) before actually sending it to the hub?

系统的设计方式是否是:数据不会未经检测即上传/即任何数据上传都需要(经过QP)批准?


What happens to the UIs which were generated but not used and UIs on packs ejected from the line at the eject stations during packaging?

如何处理已生成但未使用的 UIs 和在包装过程被从生产线剔除的包装上的UIs?


Is a verification of successful upload and distribution required to be obtained?

是否需要验证成功上传和分发?


Is it verified whether the quantity of serial numbers successfully received by the NMVS, corresponds to the quantity of serial numbers that was initially intended to be uploaded (reconciliation of the number of SN’s)?

是否验证 NMVS 成功接收的序列码的数量是否与最初上传的序列码数量一致(SN 编码的物料平衡)?


Who receives this and what action is required in the event of a failed upload?

谁收到此内容,上传失败时需要执行采取什么措施?


Does the (successful) upload occur before or after batch certification by the QP?

(成功)上传是在 QP 的批放行之前还是之后?


Does the (successful) upload happen before or after release to the market or for export?

(成功)上传是在放行上市/放行出口之前还是之后?


Are there procedures which describe these processes? 

是否有描述这些流程的文件?


(Note: The information laid down in Article 33(2) of Commission Delegated Regulation (EU) 2016/161 needs to be present in the system at the time the batch is released for sale and distribution)

(注:2016/161年《委员会委托条例》(EU)第33(2)条中规定,在放行销售和分销时,信息需要存在于系统中) 


Packaging Lines

包装线


Was serialisation for EU implementedat the site under change control?

欧盟序列化在变更控制下实施吗?

 

Did this change controlprocess include identification of QMS documentation which required update toincorporate safety features?

(e.g. procedures for recall,quality defects, batch disposition, shipment, distribution etc.; batch records,job descriptions for key personnel/QP, technical/quality agreements)

此变更控制流程是否包括需要更新以纳入安全功能的 QMS 文件的标识?(例如召回程序、质量缺陷、批次处置、装运、分销等;批记录、关键人员/QP的岗位说明、技术/质量协议)

 

Are both the 2D barcode andthe ATD applied?

二维码和防篡改装置都应用了吗?

 

In the case of the ATD, getthe company to demonstrate that if removed or broken, this is evident visuallyfrom the pack.

防篡改装置让公司可以从包装上明显的看出开封或损坏。

 

Is stability data available?

(Tamper evident nature shouldbe proven throughout the shelf life of the pack)

稳定性数据是否可用?(在包装的效期内应开盒可留痕)

 

Which packaging lines havecapability for serialisation?

哪些包装生产线具有序列化功能?

 

Was new equipment installedand was it qualified? (e.g. printers, cameras, reject stations etc.).

新设备安装后是否经设备验证?(例如打印机、摄像头、剔除等)。

 

Review change control,qualification documentation etc.

审核变更控制、设备确认文件等

 

Is the UI printed on the packsonline or are labels/stickers applied to packs separately?

UI 是在线打印在包装上,还是将标签/标签分开贴在包装上?

 

Is there 100% verification ofthe readability of the 2D barcode? How is this done (e.g. on-line camera)?

二维条码的可读性是否100%确认?这是如何做到的(例如在线摄像机)?

 

Is there an on-line sensor todetect the presence of ATDs and is it challenged?

是否有在线探头来检测是否存在 ATD,是否有挑战?

 

Is aggregation implemented?

Explain how (e.g. UI’s in 1data-file. What happens with the data-file. How is this protected/transferredin a secure way)?

是否实现打包整合?

说明如何打包(例如 UI 位于 1 个数据文件中)。数据文件会发生什么情况。如何以安全的方式保护/传输?

【本文来源:GMP办公室  】

发布于 2019-07-02 16:09

免责声明:

本文由 风清飞扬 发布于 质量人 ,著作权归作者所有。

登录一下,更多精彩内容等你发现,贡献精彩回答,参与评论互动

登录! 还没有账号?去注册

暂无评论