profile

The Daily HaiQu

How do you audit a regulated data processing spreadsheet? Part 1: Before I even open it.

Published over 1 year ago • 1 min read

When you're confronted with a spreadsheet full of data, how do you audit it? where do you start? What kind of things should you be looking for?

Let's say I'm seeing a data processing spreadsheet template for the first time. Before I even open up the spreadsheet, I want to ask a few questions:

  • What exactly am I looking at? Is it the spreadsheet file itself, or a printouts / PDF images of the spreadsheet? If it's an image, is it the complete record?
  • What's the use case for this spreadsheet? What kind of data are we processing? Does it directly affect the safety of a patient, quality of a product, or study data?
  • Does it come from an approved template, or is it a one-off designed around this particular data set?
  • How is the file controlled? Which version am I looking at? Can I tell if it's from the latest approved release?
  • Where did the data come from? Is any of it direct entry of original inputs?
  • Is it transcribed, imported, cut/pasted, or is that part uncontrolled?
  • Were the users trained on filling this spreadsheet with data?
  • Do I have access to the input data?
  • Is there an SOP or instructions governing the use of the spreadsheet?

Until next time, thanks for reading!

– Brendan

p.s. Enjoy this message? Read more at the Hyland Quality Systems website.

The Daily HaiQu

I'm Brendan Hyland. I help regulated facilities transform their software, spreadsheets, workflows and documents from time-consuming, deviation-invoking, regulatory burdens, to the competitive advantage they were meant to be. Join me every week as we take a few minutes to explore, design, test and improve the critical systems we use in our facilities.

Read more from The Daily HaiQu

It’s the first step of the problem solving framework that I was taught back in Engineering school. Not ‘Plan’. Not “Define”. “I want to and I can”. That particular framework - the McMaster Six Step - never gained the popularity of the ones now used today, but in the end they all contain the same basic elements - research, planning & design, implementation, evaluation and iteration - just stated in different ways. However I’ve never really seen this particular element called out explicitly...

12 days ago • 3 min read
Black music production equipment with headphones on desk

My eight year old son figured out a hack to make the music service work better for him. The kids have a Google smart speaker that is attached to a Spotify account so they can just ask for any of their favourite music. Anyone who has pre-teens in the house probably knows how much such a setup is used - all day every day. Coming from someone who had to run to the double-cassette boom box to press the record button any time a new favourite song came on the radio just so I could listen to it...

24 days ago • 3 min read
A reporter interviews a smiling man holding a book.

I’ve seen several quality leaders complain this week about their disappointment with generative AI - they’re not getting the results they expected. And I understand why - context is king! If you just ask AI to write a procedure or generate a quality document, you’ll get generic, mediocre output. Without enough context, AI can only produce something generic based on its training data. But how do you give it that context? By the time you’ve gone back and forth trying to “engineer the prompt” to...

5 months ago • 3 min read