Explore Resources
Clock-back + Shared Login + Audit Trail Disabled
Chromatography Data Integrity Issue
Analysts changed HPLC computer date/time, re-ran analyses, and reported only passing repeats. Initial results were overwritten/deleted with no user traceability.
Where This Issue Shows Up
QC labs (API / DP testing), CRO analytical labs, bioanalytical labs using CDS/Chrom systems.
What Had Happened
- 1
Analysts changed the HPLC computer date/time ("clock-back"), re-ran analyses, and reported only passing repeats.
- 2
Initial results were overwritten/deleted and not available for FDA review.
- 3
Shared login was used (no user traceability).
- 4
Multiple instruments had audit trail feature disabled even though the software supported it.
Bad Consequences
Data integrity is questioned across products/batches; regulators often require broad retrospective impact assessments and may block approvals/supply until remediated.
Our Mitigation Strategy
What "audit-ready software" must enable:
1Technical Controls
Lock OS time changes (GPO/MDM), enforce NTP time sync, log any time drift attempts.
Enforce unique user IDs, prohibit shared accounts, implement role-based access and MFA for admins.
Audit trail always-on, tamper-evident, and independent (users cannot edit or disable it).
2Procedural Controls
SOP: repeat testing, invalidations, integration changes require documented justification + e-signature.
Routine audit trail review by QA (risk-based frequency).
3Validation
Validate the CDS configuration (not just the vendor product): audit trail, security, signatures, record retention.
Category
Need Help with Data Integrity?
Our solutions help prevent these issues. Get in touch to learn more.
Request a Demo