Empower admins - allowed to collect data per the agency?

Dan_Ramlose

I'm hearing that FDA inspectors are having "issues" if your sys admins are also users of the system.

Has anyone else encountered this or thought of a work around or right explanation of how things work to appease the powers that be? Seems an awful waste to have admins. quit collecting data where admin. duties are handled by chromatographers instead of IT people... Please discuss.

Apotex_Robing1

 First of all you need to define what "Admins" mean. The "System Administrator" of an Empower system has all functions including data acquisition and data deletion.  From my experience with many regulatory agencies it is not acceptable to have people responsible for creating content/data be the administrator for that data.  In this case an IT person with no responsibilities for laboratory duties.  However you can administer an Empower system without being the "System Administrator".  I would recommend this approach where you can configure the user type to remove privileges that will cause data integrity issues ( like data deletion, project deletion, archive audit trail etc).  You can create a "Lab Admin" for example to create projects, backup projects, change quota, manage instruments etc but no acquisition functions for someone in the Lab (a chemist), but have it as a separate user type so they have to explicitly select this role for the job they are doing.  You can also do this for a " User Admin" that only manages users on the system and so on.  The ultimate "System Administrator" should be another person removed from the laboratory operations department and probably seldom used.  You have the audit trail to check and defend what practice you employ.

SJP

Our admins are also chromatographers not IT, we have always had dual logins where Admin tasks are performed as at Admin level and chromatography tasks are performed at a lower access level which do not have admin privileges, removing data collection/processing as administrator privileges would force use of the correct level. This has gone through a number of MHRA and a prelim. FDA inspections. 

HeatherLongden

Don't forget that due to the excellent control rules, an Empower user cannot create another user that has more privileges than they themselves have.

So you might have  (two) god level, all privilege high level ADMINS that, due to their experience and role are separate from the Lab staff and have no knowledge or desire to collect data.

But you would also have to have Lab Admin staff that possess the capability to collect data, in order to allow them to CREATE a new user with analyst compatible privileges.

In addition you might have other kinds of Admin for IT kind of Admin tasks..... but these will not be able to create practical lab users.

Dan_Ramlose

Comments appreciated, I'm guessing at least 1 field inspector is not in agreement with them, however. Someone is in need of a way to slam dunk these concerns... particularly in smaller companies where Empower admin/user (dual login) may also be the defacto IT admin. (having console access to servers, backups etc.). When in that situation, audit trail is not enough as r/w access at server level could allow someone to delete stuff outside the CDS environment.

GaryB

Not just FDA, but Europe as well.  Because of data integrity issues, even small companies need to have non-user person as Admin.  Would recommend QA, even if they don't understand Empower.  Automate data backups and hand-hold "admin" when things need to be done.

Dan_Ramlose

Thanks to all for the input - this was the first I've heard of the issue. I guess I'd always figured that the audit trail was the key to data integrity, but evidently, the agencies in charge of any pharma company's fate disagrees. Good to know! 

HeatherLongden

If my long term memory serves me right the historical "story" behind this was as follows: The lab manager / analyst etc wants some data to be changed or "go away". but he or she has not access to do that. The only people with the possibility to do 'admin" things like that are in some other group, and would never have any motive to change data. the outcome is that, in order for a person with a motive to manipulate anything, they have to collude with a second person that has the means.

This then lead to: we need to make sure that any person with a motive to manipulate data should never have the means to. Inverting that... the person with the means should not have the motive... and probably should not be in the lab teams. 

While you could then have a very simple "Can your admins collect data?" the real question should be "Can your lab staff or managers do admin functions?" which are not exactly the same.