Challenges in Risk Analysis in Pharmaceutical Process Control for Data Security in the Health Sector

Challenges in Risk Analysis in Pharmaceutical Process Control for Data Security in the Health Sector

Maria Tereza Sousa Silva (Bio-Manguinhos, Fiocruz, Brazil), Erica Louro da Fonseca (Bio-Manguinhos, Fiocruz, Brazil), Zulmira Hartz (Institute of Hygiene and Tropical Medicine (IHMT), Global Health and Tropical Medicine (GHMT), University NOVA of Lisbon, Portugal) and Jorge Magalhães (Institute of Hygiene and Tropical Medicine (IHMT), Global Health and Tropical Medicine (GHMT), University NOVA of Lisbon, Portugal)
DOI: 10.4018/978-1-7998-4201-9.ch020
OnDemand PDF Download:
No Current Special Offers


The informational and digital era of big data brings with it the challenge of knowledge management. There is a need for better management, protection, and security of these data, as well as the respective validation. It is imperative to develop new technologies for data security and their respective implementation in any organizations. In this way, this chapter presents a blueprint in a pharmaceutical industry with the aim at proposing a risk analysis of digital data use during quality control. It is worth mentioning the age of knowledge, the intellectual capital plays an important role in economics and business. A key to competitiveness and, therefore, to economic development in technology runs through a robust process that demonstrates perpetual security for its digital transformation and the respective control in a process ensured by quality assurance. Thus, this implies that time and human resources in organizations are not infinite.
Chapter Preview


The 21st century is marked by the exponential era of data available daily on the web. This era of knowledge is characterized by the pressing need for new technologies to manage the brutal amount of data. This huge amount of data on the Web, characterized as Big Data, requires new approaches and perspectives for knowledge management. Big Data drives a new generation of methodologies developed to extract economic and strategic value from a large and varied volume of data (structured and unstructured), allowing high speed of capture and analysis (“Gray, J. and Chambers, L. and Bounegru, L., The Data Journalism Handbook, O’Reilly Media, 2012; O’Reilly, 2007).

Big Data refers to the third generation of the information age (Magalhaes, JL & Quoniam, L, 2015; Raghupathi & Raghupathi, 2014). Initially, this exponential volume of data met the criteria of the 3Vs: Volume, Variety and Velocity (Laney, 2001); subsequently, 2 Vs were added: the attributes of Veracity and Value. Some authors even attribute the last 3 Vs, such as Veracity, Versatility and Viability, where the combination of all “Vs” generates the “V” of Value (ALEIXO & DUARTE, 2015a). According to Minelli et al (2013), Big Data is divided into a perfect data storm, a perfect convergence storm and a perfect computing storm, the latter resulting from 4 phenomena: Moore's law, mobile computing, social networks and computing in cloud computing. This data collection must be treated to present information searched selectively and objectively to increase business intelligence, in addition to allowing an improvement in the decision-making process (Minelli, M., Chambers, M., & Dhiraj, A., 2013).

In the health area it is no different: scientific and technological information needs to be identified, extracted, treated and the essential information available for decision making. In the pursuit of research and development for health, the pharmaceutical industry generates more than US $ 1 trillion annually. Health is considered as a global public good: that it is not exclusive, that is, that no one or any community is excluded from its possession or consumption; and that its benefits are available to everyone. There is also the apparent consensus that health is not competitive, and that there is no rivalry, that is, the health of a person cannot be at the expense of excluding other people (Buse & Waxman, 2001; Haines et al., 2009; Z. M. A. Hartz, 2012; Vance, Howe, & Dellavalle, 2009).

In the health spectrum, it carries challenges and opportunities in the globalization process, which is the catalyst for the evolution of the term “Global Health”. Global health can be understood, at the same time, as a condition, an activity, a profession, a philosophy, a discipline, or a movement. However, it must be considered that there is no consensus on what Global Health is, nor a single definition. Its field of action has imprecise limits (Fortes & Ribeiro, 2014), however it is indisputable that we live health in times of globalization (Koplan et al., 2009).

In the context of health, the pharmaceutical market is highly regulated, and it is subject to national and international inspections periodically. In Brazil, the pharmaceutical industry is regulated by the National Agency for Sanitary Surveillance (ANVISA), which is responsible to establish the minimum requirements to be followed to comply with Good Manufacturing Practices (GMP). The current resolution of Medicinal products for human use is RDC No. 301 published in 2019, republished in April 2020, where new concepts were included in the regulation for medicines in the country, among them, the validation and risk analysis (ANVISA, 2019).

In 2010, ANVISA also made available the Guide to Computer Systems Validation (GVSC - critical qualification) that guides a set of criteria to perform the validation of critical systems. In general, a system can be considered critical for validation if it offers patient risk, product quality and data integrity. In this context of criticality, Enterprise Resource Planning (ERP) systems are widely used in industries (BRASIL. Ministério da Saúde. Agência Nacional de Vigilância Sanitária., 2010).

Project risk management and digital transformation are ways of addressing the risks that pharmaceutical processes are entailed, since actions are defined in Anvisa's RDC 301/2019 and others international guidelines. They were responsibilities established by a company that must “identify, analyze, evaluate, monitor and treat. ” “risks” or the set of risk management activities (ANVISA, 2012).

Complete Chapter List

Search this Book: