Record Management for Regulated Cold Chain: Are PDFs Sufficiently Secure?
For this week's blog, we received a question on the use and security of PDFs in FDA and EMA regulated applications such as pharmaceutical cold chains. Our Senior Regulatory Compliance Expert Paul Daniel answers to the best of his knowledge on what the current situation is for using PDFs, and what may be coming in the future of Electronic Records.
I would like to get your view on the data generated from Vaisala’s CCL100 logger used for transports of drugs where the record is a part of the release documents for the use in the specific country. For example when we ship goods to Canada. First, two points...
- I have tried to manipulate the data in the logger memory itself without succeeding to change it. This is good! This means that the raw data is within the logger memory itself.
- To generate and save the printout* as the raw data (proof), it is possible to change some text, using Adobe Professional, before the document is printed. The same applies if you save the file on a computer.
So, what is your view how this shall be addressed? Must each logger be kept as raw data (during the required time for storing documents) or is it sufficient to keep the print-out?
Thanks for reaching out! Here are my thoughts on your observations and question:
- The data logger's memory is designed to repel any attempt to alter the data.
- You are correct that PDFs are editable with the right software. However, this is a reality with any type if electronic record. A person with the right software and expertise can make changes and falsify a PDF. However, the same danger was always present with paper records; with skill and malicious intent, a paper record could be forged.
I think that the only reasonable standard is that a reasonable level of security is in place to protect against accidental changes, and against opportunistic changes. In the Life Science industry, PDF files, for better or worse, have been adopted as an acceptable medium for electronic records. This leads us to your question…
In my view (and I believe this to be the pervasive view in the pharmaceutical manufacturing industry) is that PDFs, despite their flaws, are the current standard for electronic records. This is true whether you employ a hybrid system that combines printed electronic records and handwritten signatures, or if you plan on importing electronic records into Electronic Content Management systems with E-signature capability.
I suspect that this will eventually change and a new, more secure format will come into play; one day the PDF may be used mostly for its graphics capabilities. But for now, PDF is the standard. With this in mind, we think it is not necessary to retain the logger, because the printed PDF becomes the actual paper record, or the PDF file gets stored as a GMP electronic record, subject to Annex 11 and Part 11 controls. Indeed, this is inherent in the design of the single use logger for a cool chain, so that the party who needs the data (often the shipper) does not need to get the logger from the recipient.
Again, thanks for contacting me with this question. If you have any further questions, on this topic or any other, please don't hesitate to contact me.
*Note NIST certificate included with the CCL100 in November 2013.