Page 1 of 4
Effective Date: 8/16/00
Revision Date: 3/26/07
Approval signatures: Laboratory Director ________________________________ Approval Date: _____________
Medical Director ___________________________________ Approval Date: _____________
? Policy ? Procedure
XX:XXX.XX: CONTROL OF DOCUMENTS AND RECORDS
PURPOSE: To describe how documents and records are controlled, reviewed, and retained to ensure security, confidentiality, and loss prevention.
PRINCIPLE: A document is defined as written or electronically generated information, such as an SOP or form. A record is defined as information captured in writing or electronically that provides objective evidence of activities that have been performed or results that have been achieved, such as testing results or completed processing data sheets. Records do not exist until the activity has been performed. XX Laboratory documents and records demonstrate that the products and services provided conform to the procedural and quality standards specified in the SOP manuals.
A. Document Control:
1. XX Laboratory documents include standard operating procedures (SOPs) and all associated
2. All XX documents are approved by the XX Director and Medical Director prior to
implementation. SOP XX, “Document Preparation, Implementation, and Review” details how
documents are created, approved, implemented, and revised.
3. The approved, signed copies of all active SOPs are kept in the “SOP Manual” binders in the XX
where they are available to staff at all times. Completed examples of associated forms are
included in the SOP as attachments.
4. Blank copies of all current forms are kept in the Forms binder in the XX where they are
available to staff at all times.
5. Current SOPs and forms are also maintained electronically on the XX shared drive on the XX
network in the “Current Procedures” and “Current Forms” files.
a. The XX shared drive is mapped to the “K” drive of most XX computers [e.g.,
b. These electronic files are protected from inappropriate alteration by storage as “read-only”
and/or “delete-inhibited” files or as portable document format (pdf) files.
c. Passwords are required for document editing. They are set by the XX Director and made
available to the XX Supervisor.
d. Other authors must edit existing SOPs by using the “Save As..” command to save the file
under a different name.
6. A master list of all current SOPs is maintained in the table of contents of each SOP Manual. A
master list of all current forms, listing the SOPs associated with each form, is maintained in the
Forms binder. These lists are updated regularly.
Control of Documents and Records SOP #:
Page 2 of 4
7. When an SOP is removed from service, it is archived for indefinite retention by transferring it
files. from the SOP Manual to the “Procedures Removed from Service” file located in the XX
The electronic SOP is also transferred from the “Current Procedures” file to the “Archived
Procedures” file on the NETWORK.
8. When a form is removed from service, it is archived for indefinite retention by transferring it
from the Forms binder to the “Out of Service Forms” folder in the “Procedures Removed from
Service” file, located in the XX files. Any completed examples of the form attached to SOPs are
removed and destroyed. The electronic form is also transferred from the “Current Forms” file to
the “Archived Forms” file on the NETWORK.
9. SOPs and forms that have been removed from service are retained indefinitely in the XX. B. Record Control:
1. Paper hard copies are the primary source document for all XX records, excluding Isensix
a. Electronic backup data for paper records exists on NETWORK servers for most of the
patient record (processing data and Lab-generated reports in the XX Cell Product database
and test results in the hospital laboratories system) and some quality assurance activities
(assessments, validation protocols).
b. Isensix ARMS documentation is electronically stored on a secured, backed-up OSUMC
server and is also backed-up by Isensix ARMS. See SOP XX, “Critical Equipment Alarms,”
for Isensix ARMS details.
2. Various actions taken to protect paper and electronic records from loss or unauthorized use are
described in Table 1, “Actions to Protect Cell Therapy Laboratory Records.”
Table 1: Actions to Protect XX Laboratory Records
Purpose Paper Electronic
; Only indelible black ink permitted To prevent accidental or ; White-out? prohibited ; Controlled access to server/database unauthorized modifications ; Controlled access to lab
; Metal filing cabinets on-site To prevent accidental or ; NETWORK & database backed up ; Older records to fireproof storage intentional damage, regularly ; For some, electronic backup deterioration or loss ; Controlled access to server/database ; Controlled access to lab
; Obliterate (black-out) identifying
information To protect patient
confidentiality for patient/QA ; Shred unofficial copies after use ; Controlled access to server/database
records ; Controlled access to lab
; Secured file cabinets
3. Names, signatures, initials, and inclusive employment dates of individuals authorized to perform
processing or testing and generate or review records are documented on the XX Laboratory
Signature Documentation Sheet (Form 171), which is retained in the XX files.
4. Classifications of XX records are described below. The examples listed are not inclusive;
additional records in each classification may exist.
a. Patient records: Document actions taken regarding patient products. Patient records
include physician’s orders, processing checklists, collection reports, test results, infusion
reports, and equipment and supplies used. All patient records are confidential and privileged,
thus are only available to XX staff.
b. Personnel records: Document qualifications and performance of XX staff. Personnel
records include the XX Laboratory Signature Documentation Sheet, signed job descriptions,
resumes/ qualifications, safety training, individual proficiency testing results, continuing
education, retraining or counseling documentation, annual evaluations, and competency
Control of Documents and Records SOP #:
Page 3 of 4
checklists. Individual staff members’ records are not available to other staff, and are stored
in the Supervisor’s secured files and released to staff members as needed.
c. Equipment records: Document equipment performance. Equipment records include
documentation of preventative maintenance, calibration, validation, service and repairs.
d. Quality control records: Document activities intended to ensure and verify environmental
and process control. Quality control records include Isensix ARMS documentation,
equipment and reagent performance verifications, supply log sheets, facility environmental
monitoring, and external proficiency testing results.
e. Quality assurance records: Document activities intended to ensure continued and
improved quality through detailed examination, reports, and corrective / preventative action.
Quality assurance records include Nonconforming Product and Events Log and reports,
Adverse Reaction Logs, Validation Protocols, quality assessments, and product log sheets.
5. All XX records are stored in secured file cabinets in an orderly, readily retrievable manner. 6. Records may be transferred to XX Record Center for continued storage or scanned into the
computer and stored electronically.
a. Store the records in folders clearly labeled with their contents.
b. If transferred off-site, an inventory of each storage box must be maintained in the XX
secured file cabinets, including the XX name and the name of the person preparing the
inventory. Place a copy of this inventory in the front of each box.
7. All XX records must be retained indefinitely, as required by applicable standards and
C. Control of Electronic Records and Documents:
1. Only XX staff and the XX Quality Manager have “read-write” access to create or modify
documents and records in the “LAB” folder of the XX shared drive. All other XX staff can access
the “LAB” folder as “read-only”. Other hospital staff may be granted “read-only” access on an
2. A patient database of all patient and donor information, unique alphanumeric identifiers, and
processing data is located on the XX shared drive in the “LAB” folder. Separate passwords are
required for routine use (i.e., data entry) and for administrative use (i.e., editing and design).
These passwords are changed quarterly.
3. The XX shared drive is backed-up nightly by Information Systems staff according to their SOPs.
In addition, the patient database and current SOPs and forms are backed up monthly onto a
USB storage device that is kept in the XX Supervisor’s office.
D. Completion of Blanks:
1. All blanks must be completed by one of the following methods:
a. entering “NA” or “N/A” for “Not Applicable”
b. entering a dash or a line through multiple spaces
2. For spaces representing dates, a line indicates that the laboratory was closed. E. Error Correction of Records:
1. If errors are detected, records may be modified using appropriate error correction technique.
a. If the error is detected on a handwritten record, a single horizontal line is drawn (in indelible
black ink) through the incorrect portion of the record without obscuring the original entry.
The correct word or result is written as close to the error as possible. The person correcting
the error must initial and date next to the error. Erasing, overwriting, or the use of white-
out? are unacceptable.
b. If the error is detected on a computer-generated record that has already been released,
reprint the record, clearly indicating both the originally reported result and the changed