Who should have access to QC audit trails?

• A. External auditors
• B. Anyone in the lab
• C. Authorized personnel only
• D. Vendors and suppliers

Answer: (C)

Access to QC audit trails should be limited to authorized personnel to preserve data integrity and accountability. Audit trails record who did what, when, and to which data, so broad or uncontrolled access can lead to tampering, misinterpretation, or loss of traceability. Regulated environments require that only individuals with defined roles—such as QC staff, QA, and appropriately authorized IT/security personnel—can view or modify these records. External auditors may access trails during audits, but only through a controlled, formal process that preserves security and traceability. Vendors or other nonessential personnel typically do not need ongoing access. This aligns with least-privilege practices and regulatory expectations for protecting electronic records and ensuring auditability.