Last May US Food and Drug Administration (FDA) inspectors visited Biochem Laboratories’ contract testing site in New Jersey and found all employees used the same username and password. As a result of this problem and other computer systems failings the FDA has data integrity concerns.
“You did not document the changes made to the software or data stored by the instrument systems. Without proper documentation, you have no assurance of the integrity of the data”, the FDA wrote in a warning letter dated February 17.
In a response sent days after the FDA inspectors left, Biochem said it would give all technicians their own usernames and passwords. This would give greater control and traceability of data collected by infrared spectroscopy, gas chromatography, and other computerised systems used by Biochem.
However, the FDA found the response inadequate as it failed to show the timeframe for change or how it will revise SOP (standard operating practices). The FDA also noted it is unclear how Biochem will backup and save electronic data, another of the computer systems failings found by inspectors.
A year ago a report in the Journal of Medical Internet Research found passwords were a weakness in computerised systems used in clinical trials. “It does not matter how strong a password is; if many individuals know that password then it is not a secure password”, the researchers wrote.
Inspectors also found problems with maintenance at the laboratory. A warning light indicating the need for a new filter was lit. Given the lack of maintenance records, it was unclear to inspectors how long Biochem had ignored the light. Cleaning was also inadequate.
“FDA investigators observed glassware frosted from chemicals, white residue throughout the hood area and on the oven, unlabelled glass containers filled with clear liquid in the fume hood, white powder-like crystals and flakes on the bench, and glassware that was not clean”, the Agency wrote.