LIMS Q&A:What are the key elements of a LIMS to better comply with ISO/IEC 17025?

From LIMSWiki
Revision as of 20:38, 14 January 2023 by Shawndouglas (talk | contribs) (Created as needed.)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to navigationJump to search
Daily Operations in the Core Lab Aboard USNS Comfort (49826052293).jpg

Title: What are the key elements of a LIMS to better comply with ISO/IEC 17025?

Author for citation: Shawn E. Douglas

License for content: Creative Commons Attribution-ShareAlike 4.0 International

Publication date: January 2023

Introduction

While ISO/IEC 17025 provides numerous benefits to a laboratory, it still asks a lot of the laboratory in order to conform with the standard.[1] Today, conforming to ISO/IEC 17025 without the help of an information management system is a daunting task, especially given requirements concerning timely data retrieval and security. Labs have increasingly turned to a laboratory information management system (LIMS), not only for helping to modernize and improve the quality of the laboratory but also aiding with compliance to standards like ISO/IEC 17025.[2][3] However, not all LIMS are built the same, and the laboratory must consider LIMS vendors who provide a solution that best helps them limit the burden of ISO/IEC 17025 compliance.

This article will turn to LIMSpec—a laboratory informatics requirements specification document that has evolved significantly over the years—for input into what the critical requirements of a LIMS are in regards to better complying with ISO/IEC 17025. With the current version of LIMSpec having at its core standards such as ASTM E1578-18 Standard Guide for Laboratory Informatics[4] and ISO/IEC 17025 Testing and calibration laboratories[5], the LIMSpec makes for a durable requirements document that, when used to acquire an informatics solution, can better help a laboratory choose appropriate functionality based upon current standards, regulations, guidance, and more.

In particular, this brief article will look at the touch points of ISO/IEC 17025 with LIMSpec and highlight their importance. But before we get into specific requirements, let's take a brief look at the connection between a laboratory informatics solution like a LIMS and managing quality in the laboratory.


LIMS and quality management

In order to be most successful—while meeting the requirements of standards and regulatory pressures—a laboratory must focus on a culture of quality.[6] A quality management system or QMS is one means for a laboratory to put additional focus on quality, and ISO/IEC 17025:2017—at least in spirit—promotes the adoption of a QMS. At issue is that while Section 8 of ISO/IEC 17025:2017 addresses the laboratory's management system, it never directly calls it a "quality management system" or QMS; in fact, the word "quality" only appears once in this section. However, the implication is that the standard is addressing quality with its requirements for a management system, i.e., a QMS[5]:

The laboratory shall establish, document, implement, and maintain a management system that is capable of supporting and demonstrating the consistent achievement of the requirements of this document and assuring the quality of the laboratory results.

This discussion about the (quality) management system requirements of ISO/IEC 17025:2017 is important in the context of a LIMS, as related discussion of the role of a LIMS in better managing a lab's quality system has been occurring for at least several decades.[7][8] As early as 1999, the "contribution that both system design and functionality" of a LIMS can have on a lab's efforts towards "building quality" was being discussed by researchers.[7] Additionally, as Hull et al. noted in 2011, a LIMS that allows the lab to track and control anything affecting the quality of its operations is critical to successfully developing, implementing, and revising a QMS. "...there is more than just the end product or result that needs to be tracked and controlled," the authors add. "All of the intermediate products and resources play a significant role in producing the final product, and each of these needs to be included in the LIMS."[9]

With that, Hull et al.[9], as with their predecessors[7], highlight the importance of practical and consistent LIMS functionality to the efforts of maintaining quality in the lab. As such, with:

  1. laboratory adoption of ISO/IEC 17025:2017 increasing steadily since 2010, according to the International Laboratory Accreditation Cooperation (ILAC),[10] as a means to demonstrate "that [labs] operate competently and generate valid results"[5] (i.e., focus on quality); and
  2. LIMS vendors needing to improve their efforts with addressing a lab's need for tracking and controlling quality within its workflow[9]

... today's laboratories seeking to improve quality and meet ISO/IEC 17025 requirements with the help of a LIMS must be mindful of not only what ISO/IEC 17025 demands of the lab, but also what LIMS functionality is required to help the lab be more compliant.


ISO/IEC 17025 and its connection to various LIMS requirements

It's clear that a laboratory's quality goals can and should be tied to standards like ISO/IEC 17025[11], and compliance to the standard is better accomplished with the help of a laboratory informatics solution like a LIMS. However, the LIMS needs to have a bit more than generic functionality in order to best assist the lab with its goals.

What follows, in Table 1, is a demonstration of how a modern LIMS requirements specification like LIMSpec ties to the requirements of ISO/IEC 17025. In addition to listing the standard's section number and the associated LIMSpec requirement, an attempt has been made to explain in clearer terms the impact of the requirement on the lab towards better complying with ISO/IEC 17025.

Table 1. ISO/IEC 17025:2017's parts that relate to and drive LIMSpec requirements, as well as plain-language explanation of the implications for laboratories.
ISO/IEC 17025:2017 part(s) Associated LIMSpec requirement In plain terms ...
ISO/IEC 17025:2017 7.3.3 1.9 The system shall be able to define the collection and sampling details for registered samples or specimens, including container size and type, number of containers, collection date and time, temperature, name of the collector, lot number, storage location, preservation method, collection methods used (standard and nonstandard), sampling methods used, safety concerns, and retention period. Complete capture of a registered sample's data and metadata: A laboratory can better comply with ISO/IEC 17025 requirements if the lab's LIMS allows the lab to completely capture the details of incoming samples or specimens (herein referred to as simply "sample" or "samples"). There are numerous data and metadata aspects of sample or specimen collection, and the LIMS should be flexible enough to capture any necessary details as part of entry into the system.
ISO/IEC 17025:2017 7.4.2 1.13 The system shall assign each sample registered in the system a unique identifier using methodologies such as an ID with an incrementing integer or a user-defined naming format. Unique sample identifiers: A laboratory can better comply with ISO/IEC 17025 requirements if the lab's LIMS allows a unique and perpetual identifier to be assigned to each sample, including any sub-samples collected from the main sample.
ISO/IEC 17025:2017 7.4.3 1.16 The system should provide a means to document any undesirable or unexpected characteristics of a submitted sample. Free-form reception-based sample data: A laboratory can better comply with ISO/IEC 17025 requirements if the lab's LIMS allows an authorized user to enter free-form data as it relates to a registered sample, including the state of the sample upon arrival and what, if anything, was wrong with the sample when received.
ISO/IEC 17025:2017 7.4.2 2.8 The system should allow for the accurate identification of a physical sample or specimen in the system via barcode or RFID technology. Barcode and RFID support: A laboratory can better comply with ISO/IEC 17025 requirements if the lab's LIMS provides a means of issuing a unique barcode or some other scannable identifier—typically for improving automation or workflows—to a sample or sub-sample, all while linking the complete sample record to that barcode or scannable identifier such that it can be reviewed upon scanning by an authorized individual or acted upon by an automated system.
ISO/IEC 17025:2017 7.7.2 2.11 The system shall allow samples, specimens, and tests to be created and used specifically for capturing data related to unique forms of sampling and testing such as representative sampling, calibration testing, quality control testing, preventative maintenance testing, stability testing, sterility testing, remediated testing, compatibility testing, identity testing, proficiency testing, and service-event-related testing. Preloaded and configurable sample types and analytical test methods: A laboratory can better comply with ISO/IEC 17025 requirements if the lab's LIMS is flexible enough to support, at a bare minimum, a sufficiently wide variety of sample types and test methods, particularly those mandated by standards and regulations. More optimally, the LIMS will come preconfigured to a wide array of sample types and test methods, while allowing authorized users to easily and efficiently add new sample types and test methods to meet regulatory and laboratory business goals.
ISO/IEC 17025:2017 6.2.6
ISO/IEC 17025:2017 7.7.1
ISO/IEC 17025:2017 7.8.1.1
4.4 The system shall provide one or more levels of review, as well as interpretation and documentation of results—whether entered manually or via an automated process—before release. Multi-level review of test results: A laboratory can better comply with ISO/IEC 17025 requirements if the lab's LIMS can programmatically require an analytical test result to be held in the system, unable to move on through the workflow until one or more levels of review and approval have been made, whether it be by authorized human or automated process.
ISO/IEC 17025:2017 7.5.1
ISO/IEC 17025:2017 7.8.1.1
ISO/IEC 17025:2017 7.8.2.1
ISO/IEC 17025:2017 7.8.3.1
6.5 The system shall substantiate the status of verified results by using tools like a certificate of analysis, which shall include details like unique identifiers; analysis procedures used; reference intervals; environmental conditions; who provided the results; additional comments, opinions, and interpretations and who provided them; and applicable times and dates. Support for certificates of analysis or similar verification documents: A laboratory can better comply with ISO/IEC 17025 requirements if the lab's LIMS is pre-configured to build out certificates of analysis (COAs) and other results verification documents. The COA and other verification documents will ideally be populated with data and metadata relevant to meeting specific industry or regulatory needs, in a format that is consistent and legally durable for its recipient.
ISO/IEC 17025:2017 7.8.8 6.9 The system shall clearly identify a changed, amended, or re-issued report as being such, and clearly identify any change of information and reason for change in such a report. Support for changed, amended, or re-issued reports: A laboratory can better comply with ISO/IEC 17025 requirements if the lab's LIMS places a demand on analytical reports changed, amended, or re-issued in the LIMS such that they can't be issued without making readily apparent to the recipient what was changed and why it was changed.
ISO/IEC 17025:2017 5.3
ISO/IEC 17025:2017 5.5
ISO/IEC 17025:2017 8.3.2
7.1 The system shall be capable of creating, managing, and securely holding a variety of document types, while also allowing for the review and approval of those documents using version and release controls. Document management, with versioning and release controls: A laboratory can better comply with ISO/IEC 17025 requirements if the lab's LIMS provides robust support for the creation, upload, management, and retaining of a diverse array of document types in the LIMS. The lab also benefits when the LIMS supports versioning of documents and provides approval and release controls to authorized users.
ISO/IEC 17025:2017 (throughout) 7.2 The system shall have the ability to readily provide authorized access to electronic documents such as standard operating procedures, quality manuals, laboratory management plans, instrument manuals, employee medical records, material safety data sheets, information exchange agreements, confidentiality agreements, and other applicable documents to designated personnel and officials. Controlled document access: A laboratory can better comply with ISO/IEC 17025 requirements if the lab's LIMS not only provides robust document management support, but also is able to provide rapid access to housed documents for authorized users and officials. (This is usually supported by role-based access; see 34.4.)
ISO/IEC 17025:2017 7.5.2
ISO/IEC 17025:2017 8.3.2
7.3 The system shall be able to clearly provide the most current version of a document and archive prior versions. Provision of the most current document version: A laboratory can better comply with ISO/IEC 17025 requirements if the lab's LIMS limits access to only the most currently approved version of a document, unless the user is authorized to specifically view older archived versions of the document. If so, the LIMS shall clearly denote that it's an older, archived version.
ISO/IEC 17025:2017 6.5
ISO/IEC 17025:2017 7.2.1.3
ISO/IEC 17025:2017 7.3.1–2
7.5 The system shall allow the creation, approval, rejection, and management of sampling and test methods performed at the laboratory, capturing details about the test method, method reference, specifications, assigned limits, holding times, etc. as required by a reference method or regulation. Robust sampling and test method development: A laboratory can better comply with ISO/IEC 17025 requirements if the lab's LIMS is flexible enough to allow authorized users to create, approve, reject, and manage changes to sampling and test methods in the system, including the addition of all necessary descriptive data and metadata as required by a reference method or regulation. Some of that descriptive data may be free-form, and the LIMS should support that. (Tangentially related to 2.11.)
ISO/IEC 17025:2017 6.2.6
ISO/IEC 17025:2017 7.2.2.1
ISO/IEC 17025:2017 7.2.2.4
7.6 The system shall provide a means for recording validation information for modified existing or new in-house test methods, either as a method itself or through some other means. Validation information such as procedures used, specifications, performance characteristics, and results obtained shall be allowed as input. Validation of sampling and test methods: A laboratory can better comply with ISO/IEC 17025 requirements if the lab's LIMS requires newly added or modified sampling and test methods to be properly validated before being put into use, while requiring the entry of all necessary specifics of the validation process for verification by authorized individuals.
ISO/IEC 17025:2017 6.2.2
ISO/IEC 17025:2017 6.2.3
ISO/IEC 17025:2017 6.2.5
ISO/IEC 17025:2017 6.2.6
7.7 The system shall maintain training and certification records for personnel and allow the assignment of available training paths and certifications to specific personnel, such that only trained, certified, and experienced personnel are able to perform assigned tasks. Support for training and certification records: A laboratory can better comply with ISO/IEC 17025 requirements if the lab's LIMS has a mechanism for adding training and certification records for personnel and contractors, and associating those records with those individuals. Those records must have internal flags that can be tied to one or more actions in the system, such that only users with those flags (associated with the training and certification records) can perform those system actions or be scheduled for certain laboratory activities.
ISO/IEC 17025:2017 8.3.2 7.10 The system shall be capable of uniquely identifying documents created in and added to the system. Support for unique document identifiers: A laboratory can better comply with ISO/IEC 17025 requirements if the lab's LIMS automatically attaches a unique identifier to documents created in and uploaded to the system, including new versions of existing documents.
ISO/IEC 17025:2017 7.9 8.2 The system shall allow authorized personnel to document complaints and problems reported to the laboratory or production facility. Complaint and problem management: A laboratory can better comply with ISO/IEC 17025 requirements if the lab's LIMS has a mechanism that allows authorized users to enter, in a consistent fashion, formal complaints and problems originating from within or related to the laboratory. Ideally, the LIMS will also allow the appropriate and authorized management of existing complaints and problems entered into the system such that proof can be made of not only who filed the complaint but also who marked the complaint as resolved.
ISO/IEC 17025:2017 6.2.2
ISO/IEC 17025:2017 6.2.3
ISO/IEC 17025:2017 6.2.5
ISO/IEC 17025:2017 6.2.6
8.8 The system shall map available system tasks (such as approved test methods) or sample types (such as select agents and toxins) to available training paths and certifications, such that only trained, certified, and experienced personnel are able to perform assigned tasks. Support for mapping professional requirements to existing system tasks, sample types, and methods: A laboratory can better comply with ISO/IEC 17025 requirements if the lab's LIMS has a means to generically link a training or certification type to a performable system action, a sample type, or a method (as well as other things). As such, a user with that training and certification would be permitted to perform activities related to the action, sample, or method. (Tangentially related to 7.7.)
ISO/IEC 17025:2017 6.4.7
ISO/IEC 17025:2017 6.4.8
10.7 The system shall allow for the configuration of calibration and maintenance frequency and time frames for—as well as the manual and automatic scheduling of calibration or maintenance of—equipment, instruments, and systems. Available intervals should include days, weeks, months, and years. Support for scheduled, frequency-based calibration and maintenance: A laboratory can better comply with ISO/IEC 17025 requirements if the lab's LIMS supports manual and automated scheduling of calibration and maintenance activities at a designated and relatively granular frequency, preferably notifying assigned individuals in advance of such activities.
ISO/IEC 17025:2017 6.4.4
ISO/IEC 17025:2017 6.4.9
10.9 The system shall clearly identify any instrument that is out-of-calibration, beyond its preventative maintenance due date, or under investigation and prevent it from being selected for use. Instrument lock-out: A laboratory can better comply with ISO/IEC 17025 requirements if the lab's LIMS is capable of locking out a linked instrument and preventing its use in any system activities when certain criteria have been met. Common criteria includes not having been calibrated by a due date, not having been maintained by a due date, or an authorized user designating the instrument as unusable or under investigation, though the LIMS will preferably be flexible enough to allow for the addition of other criteria.
ISO/IEC 17025:2017 6.4.8 10.10 The system shall be able to show all instances of scheduled calibration, preventative maintenance, and service dates for an instrument. Consistent, retrievable calibration and maintenance records: A laboratory can better comply with ISO/IEC 17025 requirements if the lab's LIMS consistently and securely maintains a complete record of calibration, maintenance, and service for an instrument—including dates, times, entities involved, and the results of the activities—and makes them retrievable to authorized users.
ISO/IEC 17025:2017 6.4.13
ISO/IEC 17025:2017 6.5
10.11 The system shall be able to link a calibration activity to certified reference material or designated measurement processes. Calibration activity linkages: A laboratory can better comply with ISO/IEC 17025 requirements if the lab's LIMS can require, when appropriate, the addition of or linking to a certified reference material or appropriate measurement process when an authorized user or automated component records a new calibration action in the LIMS, such that the calibration activity can be further verified as appropriate.
ISO/IEC 17025:2017 6.4.8
ISO/IEC 17025:2017 6.4.13
10.13 The system shall be able to uniquely identify each instrument and any associated components and maintain that and other information—such as manufacturer, model number, serial number, and calibration and maintenance history—within the system. Unique identification of instruments: A laboratory can better comply with ISO/IEC 17025 requirements if the lab's LIMS provides a means to uniquely and clearly identify a connected (or even disconnected) instrument, such that it can't be confused with another similar instrument. Along with the unique identifier, the addition of further information about the instrument and its origins needs to be allowed so that it can easily be referenced by authorized users.
ISO/IEC 17025:2017 6.4.4–5
ISO/IEC 17025:2017 6.4.13
10.15 The system shall be capable of chronologically logging details for scheduled and unscheduled calibration and maintenance activities for each instrument, including calibration status, calibration standard, date and time of calibration or maintenance, work performed, who conducted it, and signatures of those verifying the completed activities. Calibration and maintenance audit trail: A laboratory can better comply with ISO/IEC 17025 requirements if the lab's LIMS maintains a secure, chronological audit trail of both scheduled and unscheduled calibration, maintenance, and service activities for each uniquely registered instrument. Like other audit trails, vital data such time, date, entities involved, results, and signatures will need to be included to best ensure the quality of instrument-related analytical results. (Tangentially related to 10.10.)
ISO/IEC 17025:2017 7.2.1.7
ISO/IEC 17025:2017 7.2.2.1
ISO/IEC 17025:2017 7.10.2
ISO/IEC 17025:2017 8.7
16.3 The system shall be able to record instances of identified nonconformance and method deviation, as well as the actions required to restore the process to conformity. In the case of a planned deviation, the system shall require documentation, justification, proof of validation, adjusted reference intervals, and authorization for the deviated process. Nonconformance and deviation tracking: A laboratory can better comply with ISO/IEC 17025 requirements if the lab's LIMS is sufficiently robust to automatically and manually allow for the recording of instances of nonconformance and deviation from methods. That nonconformance and deviation may be either intentional or unintentional, yet the LIMS should be flexible enough to manage both, requiring additional details for the logged nonconformance and deviation, including whether or not the action was restored to conformity, as well as—if intentional—the full details of the planned deviation. Typical details involve the who, what, why, and how of it, but the LIMS must be flexible enough to allow for additional details to be captured, when necessary, for laboratory inspection or audit purposes.
ISO/IEC 17025:2017 7.7.1 18.1 The system should allow authorized users to configure the generation of statistical trending and control charts. Statistical trending and control charts: A laboratory can better comply with ISO/IEC 17025 requirements if the lab's LIMS allows users to easily configure settings for and generate statistical trending and control charts, which help the lab more rapidly detect and correct systematic analytical bias and optimize laboratory procedures.[12]
ISO/IEC 17025:2017 8.8.2 19.7 The system shall allow for the documentation and management of internal and external audit activities, while allowing samples, methods, tests, results, reports, documents, and more to be clearly associated with that corresponding audit activity. Internal and external audit management: A laboratory can better comply with ISO/IEC 17025 requirements if the lab's LIMS provides a means for setting up, documenting, and managing the lab's internal and external audit activities within the LIMS. By extension, the lab would also benefit if the LIMS is able to link a wide variety of other entries in the LIMS to specific audit activities, including samples, methods, tests, and more.
ISO/IEC 17025:2017 8.4.2 27.3 The system shall provide a means to choose—based on date and type of data—electronic data and metadata to archive. Support for data and metadata archiving: A laboratory can better comply with ISO/IEC 17025 requirements if the lab's LIMS has robust methods of allowing internal data and metadata to be archived, having both an automated method based upon creation data or data type and a manually performed method usable by authorized users.
ISO/IEC 17025:2017 8.4.2 27.4 The system shall provide a guaranteed means to retrieve and restore archived data and metadata that is readable and accurate. Support for rapid and accurate retrieval of archived data and metadata: A laboratory can better comply with ISO/IEC 17025 requirements if the lab's LIMS allows authorized users to rapidly and accurately retrieve and restore data and metadata in a readable fashion, such that the lab can effectively act upon that data or metadata, especially in the case of an audit.
ISO/IEC 17025:2017 8.4.2 27.11 The system’s data storage tools shall provide data backup and retrieval functions that meet or exceed industry best practices, including producing exact and complete backups that are secure and encrypted from manipulation and loss. Secure backup and retrieval: A laboratory can better comply with ISO/IEC 17025 requirements if the lab's LIMS provides manual and automated means of backing up exact copies of data and metadata—including complete databases—while ensuring that backed up data is secure (through encryption, access control, etc.), retrievable, and readable by authorized users, especially for circumstances where data loss has occurred.
ISO/IEC 17025:2017 6.3.3
ISO/IEC 17025:2017 6.3.4
30.9 The system should allow for other types of facility monitoring (such as alarm, light, lock, and door statuses) and send notifications when necessary with recommendations for immediate and corrective action. The system should also maintain a log of all such monitored systems and their status changes. Facility monitoring: A laboratory can better comply with ISO/IEC 17025 requirements if the lab's LIMS can connect to, monitor, and send alerts concerning sensors attached to facility infrastructure like alarms, lights, locks, and doors. Additionally, the system should be able to keep an accurate log of the status changes of such facility infrastructure.
ISO/IEC 17025:2017 6.3.3
ISO/IEC 17025:2017 6.3.4
ISO/IEC 17025:2017 7.4.4
30.11 The system should allow for environmental control and monitoring of equipment (such as incubators and freezers) and send notifications when necessary with recommendations for immediate and corrective action. The system should also maintain a log of all such monitored equipment and their associated status changes. Environmental monitoring: A laboratory can better comply with ISO/IEC 17025 requirements if the lab's LIMS can connect to, monitor, and send alerts concerning equipment such as incubators, lab refrigerators, and lab freezers. Additionally, the system should be able to keep an accurate log of the status changes of such equipment.
ISO/IEC 17025:2017 8.4.2 31.4 The system shall have a mechanism to securely retain data in the system for a specific time period and enable protections that ensure the accurate and ready retrieval of that data throughout the records retention period. Data retention: A laboratory can better comply with ISO/IEC 17025 requirements if the lab's LIMS has a complete data retention system, allowing automated and manual retention of data and metadata. The lab will benefit if authorized users can configure retention periods for specific data and item types, as well as promptly and accurately retrieve archived data and metadata for review as needed.
ISO/IEC 17025:2017 4.2.1
ISO/IEC 17025:2017 7.11.3
32.22 The system shall provide a security interface usable across all modules of the system that secures data and operations and prevents unauthorized access to data and functions. Robust system security: A laboratory can better comply with ISO/IEC 17025 requirements if the lab's LIMS has robust and configurable security mechanisms appropriately in place across system functions and modules as a means of preventing unauthorized access to data, metadata, and functions. This can be achieved in a number of ways, through role-based access control, password control, and more. (Tangentially related are 7.2, 8.8, 34.4, and 34.7.)
ISO/IEC 17025:2017 7.11.5 33.4 The system should be well documented by the vendor in comprehensive training material for all aspects of system use, including administration, operation, and troubleshooting. User manuals and training documentation: A laboratory can better comply with ISO/IEC 17025 requirements if the lab's LIMS comes with comprehensive instructions and training material regarding the effective use of the LIMS, how to maintain/administrate it, and how to solve problems should they arise. This is the responsibility of the LIMS vendor and should be a consideration of the lab acquiring a LIMS.
ISO/IEC 17025:2017 7.11.2 33.5 The system shall be validated initially and periodically, with those validation activities being documented, to ensure the accuracy, consistency, and reliability of system performance and its electronic records. LIMS validation: A laboratory can better comply with ISO/IEC 17025 requirements if the lab's LIMS is properly validated by the LIMS vendor, initially, and revalidated periodically, especially after significant updates and customization to the LIMS. This is true for any lab, but it remains especially true in regulated industries, where the accuracy, consistency, and reliability of system performance is mission-critical.[13]
ISO/IEC 17025:2017 7.8.7.1
ISO/IEC 17025:2017 7.11.3
ISO/IEC 17025:2017 8.3.2
34.4 The system shall support the ability to define, record, and change the level of access for individual users to system groups, roles, machines, processes, and objects based on their responsibilities, including when those responsibilities change. The system should be able to provide a list of individuals assigned to a given system group, role, machine, process, or object. Secure granular access: A laboratory can better comply with ISO/IEC 17025 requirements if the lab's LIMS is able to control access to LIMS data and functions at a granular level, providing the flexibility to define, record, and change individual access levels at the group, role, machine, method, sample, or object level. This granular level of access control better ensures those individuals qualified to perform specific tasks in the system are able, while others are not. The lab also benefits when the LIMS is able to readily provide a listing of users assigned to each of those granular levels.
ISO/IEC 17025:2017 7.11.3 34.7 The vendor shall restrict logical access to database storage components to authorized individuals. If providing a hosted service, the vendor should also restrict physical access to database storage components to authorized individuals. (In the case of an on-site solution, the buyer is responsible for limiting physical access to database storage components to meet 21 CFR Part 11, HIPAA, and CJIS guidelines.) Logical and physical access control: A laboratory can better comply with ISO/IEC 17025 requirements if the lab's LIMS restricts logical access (i.e., access via remotely/virtually interacting with hardware and software tools and databases) to critical components to only authorized users. Though physical access for a local install is the responsibility of the lab, the lab running a cloud-hosted LIMS from a vendor will still want to thoroughly vet the LIMS vendor concerning their own policies and practices related to physical access to hardware and software systems as part of complying with ISO/IEC 17025.

We can simplify Table 1 down to the following functionality as being important to a lab attempting to conform to ISO/IEC 17025, organized by workflow descriptors:

Test, sample and result management

  • Complete capture of a registered sample's data and metadata
  • Unique sample identifiers
  • Free-form reception-based sample data
  • Barcode and RFID support
  • Preloaded and configurable sample types and analytical test methods
  • Robust sampling and test method development


Quality, security, and compliance

  • Multi-level review of test results
  • Validation of sampling and test methods
  • Support for mapping professional requirements to existing system tasks, sample types, and methods
  • Instrument lock-out
  • Consistent, retrievable calibration and maintenance records
  • Calibration activity linkages
  • Calibration and maintenance audit trail
  • Nonconformance and deviation tracking
  • Statistical trending and control charts
  • Internal and external audit management
  • Secure backup and retrieval
  • Facility monitoring
  • Environmental monitoring
  • Data retention
  • Robust system security
  • LIMS validation
  • Secure granular access
  • Logical and physical access control


Operations management and reporting

  • Document management, with versioning and release controls
  • Controlled document access
  • Provision of the most current document version
  • User manuals and training documentation
  • Support for unique document identifiers
  • Support for training and certification records
  • Complaint and problem management
  • Unique identification of instruments
  • Support for scheduled, frequency-based calibration and maintenance
  • Support for data and metadata archiving
  • Support for rapid and accurate retrieval of archived data and metadata
  • Support for certificates of analysis or similar verification documents
  • Support for changed, amended, or re-issued reports


Conclusion

This brief topical article sought to answer "what are the key elements of a LIMS to better comply with ISO/IEC 17025?" In particular, it examined the requirements scope of ISO/IEC 17025 within the context of a robust LIMS requirements specification like LIMSpec. As labs have increasingly turned to the LIMS as a tool for not only helping to modernize and improve the quality of the laboratory but also aid with compliance to standards like ISO/IEC 17025, LIMS vendors have had to incorporate functionality helpful to those labs' goals. We learned that the topics of quality, LIMS, and ISO/IEC 17025 intersect in different ways, emphasizing the importance of a LIMS to monitoring and acting upon any lab activities impacted by quality and the standard. But not any LIMS will do; labs can narrow down specific functionality that helps them better comply to ISO/IEC 17025. Table 1 of this article explicitly linked the requirements of ISO/IEC 17025 to specific requirements in the LIMSpec specification document, and it gave a more digestible take on how that LIMS requirement better helps the lab comply with the standard. At the end, the information from Table 1 was distilled down to a simple workflow-driven list of LIMS requirements a lab should strongly consider when examining various LIMS systems for acquisition.

References

  1. Douglas, S.E. (January 2023). "LIMS FAQ:How does ISO/IEC 17025 impact laboratories?". LIMSwiki. https://www.limswiki.org/index.php/LIMS_FAQ:How_does_ISO/IEC_17025_impact_laboratories?. Retrieved 14 January 2023. 
  2. Boyar, Kyle; Pham, Andrew; Swantek, Shannon; Ward, Gary; Herman, Gary (2021), Opie, Shaun R., ed., "Laboratory Information Management Systems (LIMS)" (in en), Cannabis Laboratory Fundamentals (Cham: Springer International Publishing): 131–151, doi:10.1007/978-3-030-62716-4_7, ISBN 978-3-030-62715-7, http://link.springer.com/10.1007/978-3-030-62716-4_7. Retrieved 2023-01-14 
  3. Apte, A. (20 October 2020). "Is Your Food Testing Lab Prepping for an ISO/IEC 17025 Audit?". Food Safety Tech. https://foodsafetytech.com/column/is-your-food-testing-lab-prepping-for-an-iso-iec-17025-audit/. Retrieved 14 January 2023. 
  4. "ASTM E1578-18 Standard Guide for Laboratory Informatics". ASTM International. 23 August 2019. https://www.astm.org/e1578-18.html. Retrieved 14 January 2023. 
  5. 5.0 5.1 5.2 "ISO/IEC 17025:2017 General requirements for the competence of testing and calibration laboratories". International Organization for Standardization. November 2017. https://www.iso.org/standard/66912.html. Retrieved 14 January 2023. 
  6. Kennedy, T.M.; Kennedy, J.L.; Donaldson, R.M. et al. (2022). "A Call for Action to Maintain a Culture of Quality in the Clinical Laboratory" (PDF). Genetics & Molecular Medicine 4 (1): 1–2. doi:10.33425/2689-1077.1013. https://www.scivisionpub.com/pdfs/a-call-for-action-to-maintain-a-culture-of-quality-in-the-clinical-laboratory-2116.pdf. 
  7. 7.0 7.1 7.2 Steele, T. W.; Laugier, Alain; Falco, François (3 March 1999). "The impact of LIMS design and functionality on laboratory quality achievements". Accreditation and Quality Assurance 4 (3): 102–106. doi:10.1007/s007690050324. ISSN 0949-1775. http://link.springer.com/10.1007/s007690050324. 
  8. Çağındı, Özlem; Ötleş, Semih (1 December 2004). "Importance of laboratory information management systems (LIMS) software for food processing factories" (in en). Journal of Food Engineering 65 (4): 565–568. doi:10.1016/j.jfoodeng.2004.02.021. https://linkinghub.elsevier.com/retrieve/pii/S0260877404000846. 
  9. 9.0 9.1 9.2 Hull, Carl; Wray, Bruce; Winslow, Ford; Vilicich, Mark (1 November 2011). "Tracking and Controlling Everything that Affects Quality is the Key to a Quality Management System" (in en). Combinatorial Chemistry & High Throughput Screening 14 (9): 772–780. doi:10.2174/138620711796957125. http://www.eurekaselect.com/openurl/content.php?genre=article&issn=1386-2073&volume=14&issue=9&spage=772. 
  10. "About ILAC > Facts & Figures". ILAC. 2021. https://ilac.org/about-ilac/facts-and-figures/. Retrieved 14 January 2023. 
  11. Douglas, S.E. (January 2023). "LIMS FAQ:What is the importance of ISO/IEC 17025 to society?". LIMSwiki. https://www.limswiki.org/index.php/LIMS_FAQ:What_is_the_importance_of_ISO/IEC_17025_to_society?. Retrieved 14 January 2023. 
  12. Sanchez, Juan M. (11 May 2021). "Use of Control Charts and Scientific Critical Thinking in Experimental Laboratory Courses: How They Help Students to Detect and Solve Systematic Errors" (in en). Journal of Chemical Education 98 (5): 1822–1828. doi:10.1021/acs.jchemed.0c00885. ISSN 0021-9584. https://pubs.acs.org/doi/10.1021/acs.jchemed.0c00885. 
  13. Maxwell, G. (1 November 2003). "Using Workflows in LIMS to Reduce Customization". Scientific Computing. Archived from the original on 07 August 2009. https://web.archive.org/web/20090807034051/http://www.scientificcomputing.com/using-workflows-in-lims-to-reduce.aspx. Retrieved 14 January 2023.