profile

The Daily HaiQu

How do you audit a regulated data processing spreadsheet? Part 1: Before I even open it.

Published 11 months ago • 1 min read

When you're confronted with a spreadsheet full of data, how do you audit it? where do you start? What kind of things should you be looking for?

Let's say I'm seeing a data processing spreadsheet template for the first time. Before I even open up the spreadsheet, I want to ask a few questions:

  • What exactly am I looking at? Is it the spreadsheet file itself, or a printouts / PDF images of the spreadsheet? If it's an image, is it the complete record?
  • What's the use case for this spreadsheet? What kind of data are we processing? Does it directly affect the safety of a patient, quality of a product, or study data?
  • Does it come from an approved template, or is it a one-off designed around this particular data set?
  • How is the file controlled? Which version am I looking at? Can I tell if it's from the latest approved release?
  • Where did the data come from? Is any of it direct entry of original inputs?
  • Is it transcribed, imported, cut/pasted, or is that part uncontrolled?
  • Were the users trained on filling this spreadsheet with data?
  • Do I have access to the input data?
  • Is there an SOP or instructions governing the use of the spreadsheet?

Until next time, thanks for reading!

– Brendan

p.s. Enjoy this message? Read more at the Hyland Quality Systems website.

The Daily HaiQu

I'm Brendan Hyland. I help regulated facilities transform their software, spreadsheets, workflows and documents from time-consuming, deviation-invoking, regulatory burdens, to the competitive advantage they were meant to be. Join me every week as we take a few minutes to explore, design, test and improve the critical systems we use in our facilities.

Read more from The Daily HaiQu

Last time we left off with a cliff-hanger of a question: How do you prove you're you when signing a document? There are several ways I've seen that the 3rd party providers prove that it's you who's signed the document: You clicked a link from an email. You paid for the service with a credit card. You provided some government issued photo ID. Someone, such as a notorized public or your HR department, has verified it's you in person. Obviously these are very different levels of assurance. Then...

10 months ago • 1 min read

There are several levels of 'signatures' that you can apply to an electronic document. The first and most basic is just an image of your written signature. One common option for this is to print the document, sign and scan it back in again. A more convenient version is to have an image of your signature saved that you can paste into documents. This is what many free versions of pdf software and word processors offer as a basic document signing option - a 'stamp' of your saved signature image....

10 months ago • 2 min read

Ever since COVID, document and signing workflows have been incorporated into everything. Dropbox has it. Microsoft Teams has it. Google Workspaces has it. If you need e-signatures, you probably have access to Docusign, Adobe, Hellosign, and so on. But what exactly are we talking about when we say "document and signing workflow"? Let's step back. Most document workflows are about moving some work through review, commentary, revision and approval. The old way to do this was to send a document...

10 months ago • 1 min read