Issues with Hybrid Systems in Pharmaceutical Operations

What is a Hybrid System?

In pharmaceutical companies, not all records are fully digitized. Many organizations create records electronically but ultimately print them to paper media for handwritten signatures (or name stamps and seals). These are known as hybrid systems—combinations of electronic records with handwritten signatures or traditional paper-based authentication methods.

In a typical hybrid system workflow, data is initially generated and stored electronically using computerized systems such as Laboratory Information Management Systems (LIMS), Electronic Laboratory Notebooks (ELN), Manufacturing Execution Systems (MES), or common office applications like Microsoft Excel. Once the electronic record is complete, it is printed to paper for review and approval. The authorized personnel then apply their handwritten signature (or in some countries, a name stamp and seal known as “hanko” or “inkan”) to the printed document. This printed and signed paper document is often filed as what practitioners incorrectly believe to be the “official record.”

Common Misconception about Hybrid Systems

A widespread and critical misconception exists regarding hybrid systems. Many people mistakenly believe that once an electronic record is printed and receives a handwritten signature, the record itself becomes a paper record, and the electronic version is no longer relevant or necessary.

This is incorrect and represents a fundamental misunderstanding of regulatory requirements.

Even when a paper printout bears a handwritten signature, the underlying record remains electronic in nature. Regulatory authorities such as the U.S. Food and Drug Administration (FDA), the European Medicines Agency (EMA), and Japan’s Pharmaceuticals and Medical Devices Agency (PMDA) will examine the handwritten signature on the printed document to verify authorization, but they will inspect the actual data in its electronic form.

The reason for this approach is straightforward: paper media lacks audit trails. An audit trail is a secure, computer-generated, time-stamped record of all actions taken on electronic data, including who created, modified, or deleted information and when these actions occurred. Without an audit trail, there is no reliable way to determine whether records have been altered, manipulated, or falsified. Paper documents can be reprinted at any time without leaving evidence of changes made to the underlying electronic data.

Therefore, even though a record may be approved on paper media with a handwritten signature, the original electronic record must never be deleted. Regulatory agencies require access to both the signed paper document and the complete electronic source data, including all metadata and audit trail information, to verify data integrity.

Problems with Hybrid Systems

Hybrid systems represent an incomplete or “halfway” approach to digitalization and create significant vulnerabilities in data integrity and regulatory compliance.

Hybrid systems facilitate potential fraud and data manipulation. For example, it is technically possible for someone to alter electronic data after the fact, reprint the document, and then apply a backdated handwritten signature to the new printout. The signed paper document would appear legitimate, but the underlying data would have been compromised.

Consider the example illustrated in the original column: An Excel file has a timestamp of April 25, 2016, while the handwritten signature date on the printed document reads March 31, 2015. What does this discrepancy indicate?

The timestamp of the electronic file being newer than the signature date strongly suggests that the data was modified on April 25, 2016, but the printed document was backdated and signed with a March 31, 2015 date. This represents a potential case of data falsification and backdating—serious violations of Good Documentation Practices (GDP) and data integrity principles.

It should be noted that file timestamp changes can occasionally occur accidentally due to inadvertent actions, such as opening and resaving a file, copying files, or system clock adjustments. However, when discrepancies between electronic timestamps and paper signature dates are discovered, they raise legitimate concerns about data integrity and must be thoroughly investigated.

To maintain data integrity and regulatory compliance in hybrid system environments, organizations must establish and document clear procedures in their Standard Operating Procedures (SOPs). These procedures should include the following requirements at minimum:

Required Controls for Hybrid Systems:

1. Immediate printing and contemporaneous signature: Electronic records must be printed promptly after their creation or final review, and signed on the same day with the current date. Alternatively, records may be converted to PDF format and authenticated with a validated electronic signature that complies with applicable regulations.

2. Prohibition of electronic record deletion: The original electronic records must never be deleted. They must be retained throughout the required retention period as specified by applicable regulations (typically 5 years or longer depending on the jurisdiction and record type).

3. Protection of file timestamps: Electronic records must be managed in a way that prevents alteration of file timestamps (file creation and modification dates). Any systems or processes that could inadvertently change timestamps must be identified and controlled. Organizations should implement technical controls to lock file attributes when possible.

4. Secure storage environment: Electronic records must be stored in a secure, access-controlled environment. Best practice is to transfer electronic records to write-once, read-many (WORM) media such as CD-R, DVD-R, or modern WORM-compliant cloud storage systems. These storage methods prevent subsequent modification while maintaining data accessibility for the required retention period. Regular backup procedures and disaster recovery plans must also be established.

5. Access controls and permissions: Implement role-based access controls (RBAC) to ensure that only authorized personnel can access, modify, or delete electronic records. Maintain current documentation of user access rights and review permissions regularly.

6. Regular review of audit trails: Where electronic systems generate audit trails, these must be reviewed periodically (at least during batch release and during routine internal audits) to detect any anomalies, unauthorized changes, or attempts to manipulate data.

The Necessity of Electronic Signatures

Electronic records should be authenticated with electronic signatures rather than hybrid paper-based signatures whenever possible.

The primary advantage of electronic signatures over hybrid approaches is that electronic signatures cannot be backdated. When properly implemented, electronic signature systems automatically capture and securely link the signature event to a specific date and time using system-generated timestamps synchronized to authoritative time sources (such as Network Time Protocol servers). These timestamps are cryptographically protected and cannot be altered by users, including system administrators.

Organizations that implement electronic signatures must comply with applicable regulations such as:

• 21 CFR Part 11 (FDA regulation for electronic records and electronic signatures in the United States)
• ER/ES Guideline (Japan’s MHLW guideline for electromagnetic records and electronic signatures)
• EU Annex 11 (European Union’s computerized systems requirements)
• ALCOA+ and ALCOA++ principles (data integrity frameworks emphasizing Attributable, Legible, Contemporaneous, Original, Accurate, plus Complete, Consistent, Enduring, and Available)

Important Considerations Regarding Electronic Stamps and Seals

In recent years, various “electronic stamp” and “electronic seal” solutions (often digital versions of traditional Japanese “hanko” or “inkan”) have become popular in business environments. However, organizations must exercise caution when considering these tools for GxP-regulated activities.

Many commercially available electronic stamp and electronic seal products do not satisfy the stringent requirements of 21 CFR Part 11, the ER/ES Guideline, or other pharmaceutical regulatory standards. Common deficiencies include:

• Lack of unique user identification and authentication (stamps may be shared among users)
• Absence of secure, tamper-evident audit trails
• Insufficient controls to prevent signature repudiation
• Inability to demonstrate system validation and ongoing performance
• Missing requirements for signature manifestation (clear display of signer name, date/time, and meaning of signature)
• Lack of secure signature-to-record linking that prevents fraudulent copying or transfer

Organizations should conduct thorough assessments of any electronic signature solution before deploying it for GxP-regulated activities. The assessment should verify that the solution meets all applicable regulatory requirements, can be validated according to computerized system validation principles, maintains appropriate security controls, and generates complete and reviewable audit trails.

For critical GxP processes, organizations should prioritize purpose-built electronic signature solutions that are specifically designed and validated for pharmaceutical regulatory compliance, rather than general-purpose business tools that may lack the necessary controls and documentation.

Regulatory Expectations and Industry Trends

As of 2025, regulatory authorities worldwide continue to emphasize data integrity as a top priority during inspections and audits. Recent FDA warning letters, EMA findings, and MHLW/PMDA inspection observations frequently cite data integrity deficiencies related to:

• Inadequate or absent audit trails on critical systems
• Shared user credentials and lack of unique user identification
• Ability to modify or delete data without detection
• Insufficient review of audit trails and metadata
• Hybrid systems with poorly controlled electronic records

The October 2024 FDA guidance “Electronic Systems, Electronic Records, and Electronic Signatures in Clinical Investigations: Questions and Answers” reinforces the agency’s risk-based approach to Part 11 compliance while maintaining expectations for system validation, complete audit trails, and data integrity controls.

Organizations operating in 2025 and beyond should prioritize the transition from hybrid systems to fully validated electronic systems with compliant electronic signature capabilities. This transition not only reduces compliance risks but also improves operational efficiency, data accessibility, and overall data quality.

When hybrid systems must continue to be used due to business or technical constraints, organizations must implement robust compensating controls, comprehensive procedures, regular internal audits, and ongoing training programs to minimize data integrity risks and ensure regulatory compliance.

Key Takeaways:

1. Hybrid systems (electronic records + paper signatures) present significant data integrity risks
2. Electronic records remain electronic even when printed and signed on paper
3. Both electronic records and signed paper documents must be retained
4. Electronic file timestamps must be protected from alteration
5. Electronic signatures compliant with Part 11/ER/ES guidelines provide superior controls
6. Many commercial “electronic stamp” products do not meet pharmaceutical regulatory requirements
7. Organizations should transition toward fully electronic, validated systems when possible
8. Where hybrid systems persist, comprehensive controls and procedures are essential