ISO 17025 definitions: Policies, Procedures, Instructions, Documents and Records

On January 13, 2011, in Standards, by Justin J. McShane

Scan this QR Code with your phone and get bonus info on useful documentation that comes with being an ISO 17025 lab

Scan this QR Code with your phone and get bonus info on use­ful doc­u­men­ta­tion that comes with being an ISO 17025 lab

In a series of posts, I am going to intro­duce the reader to the exis­tence of ISO 17025 and its impor­tance.  I am going to intro­duce it in bite-sized bits for easy diges­tion.  Just like all mat­ters of learn­ing, knowl­edge is incre­men­tal over time and builds upon pre­vi­ous exposure.

In our first post we answered the ques­tion:  What is ISO 17025?

The next post we answered the ques­tion:  Why do we need stan­dards? Why ISO 17025 and pol­icy, pro­ce­dures and instruc­tions matter.

Then we answered the ques­tion:  Why is ISO 17025 so impor­tant to us in foren­sic science?

Just two days ago, we asked and answered:  Why should the crim­i­nal defense com­mu­nity care about ISO 17025?

A lit­tle while ago we exam­ined how ISO 17025 pro­vides a sim­ple method to develop themes to cross-examine experts.

In order to examine the lab, you must understand the terminology and ways of the lab

One of the major ben­e­fits to the crim­i­nal prac­ti­tioner to the imple­men­ta­tion of ISO 17025 is the adop­tion of uni­ver­sal nomen­cla­ture. This will help us out demon­stra­bly with respect to dis­cov­ery. For exam­ple, I am sure in the past that when you have requested cer­tain doc­u­ments that we know must exist there is a tremen­dous amount of “hide the ball” wherein a request for a spec­i­fied item  is made, but because we did not use the par­tic­u­lar sui generis lan­guage of that par­tic­u­lar crime lab­o­ra­tory on that par­tic­u­lar day, the crime lab­o­ra­tory feigns igno­rance and reports that there is no such document.

Some crime labs play "hide the ball"

Some crime labs play “hide the ball”

It is not so much that the con­cept behind the doc­u­ment request or the data behind the doc­u­ment does not exist, but rather through our under­stand­able igno­rance, we do not know the proper nomen­cla­ture for what to request.

The solu­tion for this can be found in ISO 17025 and in par­tic­u­lar sub­part 4.3 (Doc­u­ment Con­trol). Per 4.3, there is a clear delin­eation between con­trolled and uncon­trolled documents.

  • Con­trolled doc­u­ments can be char­ac­ter­ized as those doc­u­ments which once the lab­o­ra­tory dis­sem­i­nates them, it becomes the respon­si­bil­ity of that lab­o­ra­tory to seek out those who have a copy of them, col­lect the old doc­u­ments and replace them with the new, most recent doc­u­ments in order to assure that the most cur­rent doc­u­ments are in use. There­fore, it would be extremely use­ful for a crim­i­nal prac­ti­tioner, for exam­ple, to obtain a con­trolled copy of the Pol­icy, Pro­ce­dure and Instruc­tions for par­tic­u­lar type of test. There­fore, in the fre­quent event that new doc­u­ments are adopted, it becomes incum­bent upon the lab­o­ra­tory, in order for it to keep its accred­i­ta­tion, to seek you out and replace your copy with the most cur­rent one.
  • Uncon­trolled doc­u­ments are copies of the Poli­cies, Pro­ce­dures and Instruc­tions that exist at a finite point in time, but may not be the cur­rent ones in place and in use. A lab has no oblig­a­tion to update uncon­trolled documents.

Sec­tion 4.3 in con­junc­tion with Sec­tions 4.13 and 5.4.7 makes a very fine dis­tinc­tion between doc­u­ments and records. This dis­tinc­tion between doc­u­ments and records is crucial.

  • Doc­u­ments” include such writ­ings specif­i­cally labeled as “Poli­cies”, “Pro­ce­dures”, and “Instructions.”
  • Records”, on the other hand, are those which are gen­er­ated dur­ing the ana­lyt­i­cal process unique to the test on the sam­ple itself such as the chain of cus­tody, the par­tic­u­lar notes of the ana­lyst as well as the ana­lyt­i­cal device out­put in its raw form and finally the con­clu­sory opin­ion let­ter that is gen­er­ated that goes to the “cus­tomer” called the “Test Report”.

ISO 17025 in its attempt to employ uni­ver­sal nomen­cla­ture estab­lishes a clear dis­tinc­tion within the “Doc­u­ment” des­ig­na­tion.  The sub­sets of types of “Doc­u­ments” are: “Poli­cies”, “Pro­ce­dures”, and “Instructions”.

  • Poli­cies” answer the orga­ni­za­tional ques­tion of why. Why do we do this? Why is this impor­tant? As one can glean from this descrip­tion of what is con­tained in a well for­mu­lated pol­icy per ISO 17025, if one were to receive the pol­icy, for exam­ple, in pre-consumption (solid) drug dose exam­i­na­tion, this pol­icy could include some very use­ful lan­guage that has to do with the impor­tance of accu­racy, pre­ci­sion, reli­a­bil­ity, robust­ness, and the need to fol­low the pro­ce­dures and instruc­tions in order to obtain a valid result. The “Pol­icy” also answers the large insti­tu­tional ques­tion of who has con­trol over the lab­o­ra­tory. In the “Pol­icy”, who has con­trol of the devel­op­ment of the sci­ence is defined. Who devel­ops, imple­ments and mon­i­tors the under­ly­ing “Pro­ce­dure” and “Instruc­tions” is also defined. This could be most use­ful in order to show bias of the lab­o­ra­tory at an insti­tu­tional level.
  • On the other hand, “Pro­ce­dures” are best clas­si­fied as answer­ing the ques­tions of who, what, where, and when. Who in gen­eral does the test­ing? Who has con­trol over the test­ing? What test­ing is to be per­formed? Where is test­ing to be per­formed? On what instru­ments is the test­ing to be per­formed? When is it to be per­formed? Under what cir­cum­stances are spec­i­mens to be tested?  What pri­or­i­ties are set in terms of scarce resources?
  • Finally there are the “Instruc­tions”. This is where we find the tech­ni­cal aspects answer­ing the ques­tion how do I, as a bench tech­ni­cian, per­form this test specif­i­cally in my lab­o­ra­tory using the resources and equip­ment that are avail­able to me right now.

The addi­tional advan­tage to the crim­i­nal prac­ti­tioner is in the neces­sity to uni­formly doc­u­ment cer­tain parts of the ana­lyt­i­cal process as well as the method­ol­ogy and its val­i­da­tion that hereto­fore may not have been doc­u­mented at all in a crime lab­o­ra­tory. This is par­tic­u­larly true in the event of such test­ing agen­cies as the DEA. If one has “dealt” with a par­tic­u­lar regional lab­o­ra­tory of the DEA and attempted to dis­cover how a par­tic­u­lar ana­lyst ana­lyzes any pre-consumption (solid) drug dose sam­ple by request­ing the Stan­dard Oper­at­ing Pro­ce­dures (SOPs), it is a fre­quent occur­rence that the DEA will respond that there is no such SOP[i].

Under ISO 17025 Sec­tion 4.3, if one knows now the proper ter­mi­nol­ogy used in ISO 17025 , one will know to request not only the par­tic­u­lar instruc­tions of the analy­sis, but also the pro­ce­dures and the pol­icy. As such, the DEA will no longer be able to claim its pre­vi­ous posi­tion that they do not exist truth­fully in court.

As one can see that if one asks for the “Stan­dard Oper­at­ing Pro­ce­dures” for the lab­o­ra­tory expect­ing to get infor­ma­tion that is best answered per ISO 17025 nomen­cla­ture by request­ing the “Instruc­tions” of the test, a prac­ti­tioner will be sor­row­fully dis­ap­pointed in the result and will pos­si­bly not obtain the infor­ma­tion that is included in the “Instruc­tions.” Hence, the uni­form nomen­cla­ture is key and nec­es­sary to understand.

As men­tioned pre­vi­ously the impor­tant dis­tinc­tion of what con­sti­tutes a “Record” can be found in sec­tion 4.13 (Con­trol of Records) and is dif­fer­ent from Sec­tion 4.3, which deals exclu­sively with doc­u­ments. Again, “Records” are out­put from the ana­lyt­i­cal process as defined supra. Sec­tion 4.13.1.1 very specif­i­cally out­lines that, not only “Records” of the par­tic­u­lar ana­lyt­i­cal tests are to be kept, but also the entirety of the “Records” from the qual­ity con­trol mea­sures as well as the qual­ity assur­ance aspects of the process lead­ing up to the pro­duc­tion of the “Records” of the par­tic­u­lar ana­lyt­i­cal test­ing being pre­formed. This is impor­tant in that some lab­o­ra­to­ries in the past have dis­carded cal­i­bra­tion curves or the raw data that gen­er­ates cal­i­bra­tion curves. Now this will not be a pos­si­bil­ity under ISO 17025 pro­ce­dures. In addi­tion, per Sec­tion 4.13.1.2, not only are these items to be pre­served but also they are to be stored and retained in such a way that they are “read­ily retriev­able.” This should end the games­man­ship that the requested items are but a “nee­dle in a haystack” as has been undoubt­edly asserted in the past by lab­o­ra­to­ries as an excuse to not com­ply with dis­cov­ery demands or orders.

Addi­tion­ally, per 4.13.2.1, we will now be able to insist upon receiv­ing the raw data that is gen­er­ated as a result of any test­ing and to try to defin­i­tively estab­lish com­plete com­pli­ance with Melendez-Diaz and to make sure that “dry lab­bing[ii]” did not occur as the pro­vi­sion reads:

The lab­o­ra­tory shall retain records of orig­i­nal obser­va­tions, derived data and suf­fi­cient infor­ma­tion to estab­lish an audit trail, cal­i­bra­tion records, staff records and a copy of each test report or cal­i­bra­tion cer­tifi­cate issued, for a defined period. The records for each test or cal­i­bra­tion shall con­tain suf­fi­cient infor­ma­tion to facil­i­tate, if pos­si­ble, iden­ti­fi­ca­tion of fac­tors affect­ing the uncer­tainty and to enable the test or cal­i­bra­tion to be repeated under con­di­tions as close as pos­si­ble to the orig­i­nal. The records shall include the iden­tity of per­son­nel respon­si­ble for the sam­pling, per­for­mance of each test and/or cal­i­bra­tion and check­ing of results.

Fur­ther Note 2[iii] of this sub­sec­tion includes a pre­ferred def­i­n­i­tion of “Tech­ni­cal records” as the accu­mu­la­tions of data that may include such items as “forms, con­tracts, work sheets, work books, check sheets, work notes, con­trol graphs, exter­nal and inter­nal test reports and cal­i­bra­tion cer­tifi­cates, cus­tomers’ notes, papers and feedback”.

Finally, sec­tion 4.13.2.2 requires that obser­va­tions, data and cal­cu­la­tions shall be recorded at the time they are made, not later.

Turn­ing towards the specifics of a par­tic­u­lar test and a technician’s spe­cific per­for­mance, inter­nal audit­ing is addressed in Sec­tion 4.14.1 and in 4.14.2 requires that when error or devi­a­tions are dis­cov­ered that the lab­o­ra­tory shall notify its cus­tomers in writ­ing.  This could be very use­ful for obvi­ous reasons.

[i] This for­mer clumsy request can now be eas­ily iden­ti­fied as “Pro­ce­dure” and “Instructions”.

[ii] Dry Lab­bing is the act of gen­er­at­ing a con­clu­sory report or “Test Report” when no actual analy­sis occurs.

[iii] It is impor­tant to under­stand that per Sec­tion 1.3 “Notes” that appear after the require­ments are not require­ments, but they do pro­vide impor­tant clar­i­fi­ca­tion of the text and guid­ance for best practices.

 
About the author

Justin J. McShane

Harrisburg DUI attorney Justin J. McShane is the President/CEO of The McShane Firm, LLC - Pennsylvania's top criminal law and DUI law firm. He is the highest rated DUI attorney in PA as rated by Avvo.com. Justin McShane is a double Board certified attorney. He is the first and so far the only Pennsylvania attorney to achieve American Bar Association recognized board certification in DUI defense from the National College for DUI Defense, Inc. He is also a Board Certified Criminal Trial Advocate by the National Board of Trial Advocacy, a Pennsylvania Supreme Court Approved Agency. Justin McShane is the first and so far the only Pennsylvania attorney to achieve American Bar Association recognized board certification in DUI defense from the National College for DUI Defense, Inc.

Visit Authors Website

Share |

Leave a Reply



Go To Top »