TNI Logo The NELAC Institute

TNI Standards Guidance

Disclaimer: This material represents the opinion of its authors. It is intended solely as guidance and does not include any mandatory requirements except where such requirements are referenced. This guidance does not establish expectations of being implemented universally, exclusively, in whole, or in part.

This guidance does not establish or affect legal rights or obligations and is not finally determinative of the issues it addresses. It does not create any rights enforceable by any party in litigation with TNI, its accreditation bodies, or affiliated institutions. Any decisions made by TNI regarding requirements addressed in this guidance will be made by applying the applicable standards, policies or procedures to the relevant facts.

 

Module: Quality Systems


Subject: Data Integrity Vulnerability

Question 1

An employee comes to QA and says they do not believe another analyst is performing all of the required QC. How do you as the QAO respond?

Follow applicable quality systems directions. Notify the Lab Manager, and, if warranted, Legal and HR.

Conduct a discrete investigation.  During the investigation it is important not to make accusations.  This is just to gather information and determine if any ethical violations are occurring.

Investigate using internal audit procedures:  observe the suspect employee, review QC data for this analyst and others.  Determine any personnel issues, when this was found.  Try to identify animosity between employees that might have caused the report.  Review processes and discreetly observe interactions and performance of involved employees.

After the Investigation, determine the root cause, perform corrective action (QA/QC procedure documented training or move needed), and determine impact on data/results.  The laboratory management then decides how to notify impacted client(s), their AB(s) and regulatory body(s).  If at this point an issue is found then Legal and HR may need to be notified, if not already.   Potentially qualify results and re-issue amended reports if warranted.  Review effectiveness of corrective action.

Follow-up with “whistle blower” after investigation is completed.



References:

2009 TNI V1M2 & 2016 TNI V1M2 Rev. 2.1

4.0 Management Requirements, 4.1.5 a, b and d

4.2 Management, 4.2.1

4.2.8 Additional Management System Requirements

4.2.8.1 The laboratory shall establish and maintain a documented data integrity system.
a) Laboratory management shall provide a procedure for confidential reporting of data integrity issues .
b) In instances of ethical concern, the procedure shall include a process whereby laboratory management is to be informed of the need for any further detailed investigation.

4.2.8.4 The quality manual shall contain or reference: procedures for establishing that personnel are adequately experienced;

4.2.8.5 Laboratories shall maintain SOPs that accurately reflect all phases of current laboratory activities.

4.16 Data Integrity Investigations
All investigations resulting from data integrity issues should be conducted in a confidential manner until they are completed. These investigations shall be documented, as well as any notifications made to clients receiving any affected data.

4.11 Corrective Action (ISO/IEC 17025:2005(E), Clause 4.11), 4.11.1 4.11.5

4.11.6 The laboratory shall have documented procedure(s) to address Sections 4.11.1 and 4.11.3 through 4.11.5.

4.9 Control of Nonconforming Environmental Testing Work (ISO/IEC 17025:2005, Clause 4.9), 4.9.1

4.13 Control of Record, 4.13.2.1 NS 4.13.3

5.2 Personnel (ISO/IEC 17025:2005, Clause 5.2)

5.2.1 The laboratory management shall ensure the competence of all.

5.2.7 Data Integrity Training
Data integrity training shall be provided as a formal part of new employee orientation and shall also be provided on an annual basis for all current employees. Employees are required to understand that any infractions of the laboratory data integrity procedures shall result in a detailed investigation that could lead to very serious consequences including immediate termination, debarment or civil/criminal prosecution.
At a minimum, the following topics and activities shall be included:
e) specific examples of breaches of ethical behavior such as improper data manipulations, adjustments of instrument time-clocks, and inappropriate changes in concentrations of standards.

5.10 Reporting the Results, 5.10.9