Chain of Custody for Spirometry Data: Maintaining Provenance and Traceability From Device Capture to Final Clinical Report
Spirometry data provenance refers to the complete, verifiable record of how respiratory test data originates, moves, transforms, and arrives at a final clinical report. In practice, this means tracking every step from the moment a patient exhales into a spirometer to the point a clinician signs off on an interpreted result. Without a robust chain of custody, labs risk undetected data errors, failed audits, and compromised patient outcomes. A well-structured provenance framework is not optional in modern respiratory labs; it is a clinical and regulatory necessity.
TL;DR
Data provenance is the documented trail of where data comes from and every transformation it undergoes, and it is critical for clinical accuracy and audit readiness.
Spirometry data passes through multiple handoff points, each representing a potential source of error or data loss.
Manual data re-entry is one of the highest-risk steps in the chain of custody.
Automated, vendor-neutral import tools and cloud-based reporting systems significantly reduce chain-of-custody failures.
Standards such as ATS guidelines and ISO 15189 require labs to demonstrate traceability across the full data lifecycle.
What Exactly Is Data Provenance and Why Does It Matter for Spirometry?
Data provenance is defined as the record that describes the people, institutions, entities, and activities involved in producing, influencing, or delivering a piece of data. According to the Infectious Diseases Toolkit, provenance captures not just the origin of data but the full context of its journey, including who touched it, when, and why.
In spirometry, this translates directly to clinical accountability:
Device origin: Which spirometer captured the data, its calibration status, and the date of the test.
Operator involvement: Which scientist performed and accepted the manoeuvres.
Data transfer: How raw values moved from the device into a reporting system.
Transformation steps: How raw FEV1, FVC, and flow-volume loop data were interpreted against normal values.
Reporting and sign-off: Which clinician reviewed and authorised the final report.
Each of these steps is a link in the chain. A break at any point creates a traceability gap that can invalidate results, trigger audit findings, or, in the worst case, lead to a misdiagnosis.
Where Does the Chain of Custody Most Commonly Break Down?
The most vulnerable point in spirometry data custody is the transfer step between the device and the reporting system. This is where manual re-entry has historically been the norm, and where errors compound silently.
Common failure points include:
Handoff Stage | Common Risk |
|---|---|
Device to paper/PDF | Data locked in unstructured format, no discrete values extractable |
Paper/PDF to reporting system | Transcription errors during manual entry |
Reporting system to EMR | Data loss or field mismatches during integration |
Interpretation stage | Normal values applied inconsistently or from outdated references |
Sign-off and distribution | Version control failures, unsigned or outdated reports circulated |
As Particle Health's documentation on data provenance notes, data provenance functions as an audit trail for data transformations, ensuring and demonstrating data quality at every stage. In spirometry, this means every transformation, including unit conversions, percentage predicted calculations, and classification logic, should be logged and traceable.
Why Is Provenance Particularly Critical in Respiratory Clinical Evidence?
Spirometry data does not exist in isolation. It informs diagnoses, guides treatment decisions, and increasingly feeds into real-world evidence studies. According to MMS Holdings, data provenance in real-world evidence supports reliability, audit readiness, and regulatory compliance in ways that are directly transferable to clinical physiology labs.
When spirometry data lacks traceability:
Regulatory audits under standards like ISO 15189 and TSANZ/NATA cannot be passed with confidence.
Research derived from lab data is difficult to validate or publish.
Clinicians cannot verify whether the normal values applied were appropriate for the patient's age, sex, height, and ethnicity.
Discrepancies between device output and reported values have no documented explanation.
What Are the Best Practices for Documenting Spirometry Data Provenance?
Secoda's guidance on data provenance best practices recommends using metadata schemas to consistently record provenance details and maintaining comprehensive logs of all data alterations to preserve transparency. Applied to spirometry, this means:
Automate data capture at the source. Avoid manual re-entry wherever possible. Automated import of device data, including discrete numerical values and flow-volume loops, eliminates the most error-prone step.
Version control every report. Any amendment to an interpreted result should be logged with a timestamp and the identity of the person making the change.
Standardise normal value application. Document which reference equations were applied, when the library was last updated, and whether the selection was manual or rule-based.
Maintain an operator log. Record who performed the test, who reviewed the quality of manoeuvres, and who authorised the final interpretation.
Integrate with hospital systems using verified pathways. Data flowing into EMRs or PAS systems should pass through validated interfaces, not copy-paste workflows.
How Does a Cloud-Based Reporting System Support Chain of Custody?
A cloud-based reporting system provides a centralised, time-stamped, access-controlled environment where every data event is logged automatically. This architecture is inherently better suited to provenance requirements than local server or paper-based systems for several reasons:
Centralised audit trails are maintained without relying on individual users to document changes.
Role-based access ensures only authorised personnel can modify or approve data at each stage.
Automatic backups and version history mean no data is permanently lost or overwritten without a record.
Vendor-neutral import allows data from any spirometer manufacturer to enter the system through a consistent, documented pathway.
Rezibase was built specifically around these principles. Its Magic Import function captures device reports and automatically extracts discrete data, including flow-volume loops, removing the manual transcription step entirely. The platform's accreditation module supports ISO 15189 requirements directly, covering quality control, non-conformance management, and audit documentation in a single system. For labs working toward or maintaining TSANZ/NATA accreditation, this kind of built-in provenance infrastructure is a significant operational advantage.
Frequently Asked Questions
What is the difference between data provenance and data lineage?
Provenance focuses on the origin and context of data, including who created it and under what conditions. Lineage tracks the movement and transformation of data through systems. In spirometry, both are needed: provenance establishes the credibility of the source, while lineage documents every step to the final report.
Does ISO 15189 require spirometry data provenance documentation?
ISO 15189 requires laboratories to demonstrate traceability of results and document processes that affect result quality. This directly encompasses the chain of custody for spirometry data from device capture to clinical report.
How does eliminating manual re-entry reduce clinical risk?
Manual re-entry introduces transcription errors that are difficult to detect after the fact. Automated import creates a direct, documented link between device output and the reporting system, reducing error risk and providing a clear audit trail.
Can provenance requirements be met with a paper-based or PDF workflow?
Technically possible but practically very difficult. Paper and PDF workflows lack automatic versioning, access logs, and metadata capture, making it labour-intensive to reconstruct a full chain of custody during an audit.
What happens to provenance when switching reporting systems?
Data migration should be treated as a provenance event in itself. Migrating historical records, including original device data and previous reports, into a new system preserves continuity. Platforms like Rezibase are designed to make this transition straightforward, bringing existing data into a structured, traceable environment without requiring labs to start from scratch.
About Rezibase
Rezibase is Australia's most advanced cloud-based respiratory and sleep reporting platform, designed by respiratory scientists for respiratory labs. Trusted by over 35 sites including NHS and NSW Health, Rezibase offers vendor-neutral data import, built-in accreditation tools, and seamless hospital system integrations. Learn more at rezibase.com.
Ready to strengthen the chain of custody in your respiratory lab? Explore how Rezibase supports full data traceability from device to report at rezibase.com.
References
Infectious Diseases Toolkit. Provenance: General Guidelines. https://www.infectious-diseases-toolkit.org/provenance/general-guidelines
Secoda. What Are the Best Practices for Documenting Data Provenance?. https://www.secoda.co/blog/best-practices-for-documenting-data-provenance
MMS Holdings. Data Provenance in Real World Evidence: Mastering Reliability. https://mmsholdings.com/perspectives/data-provenance-real-world-evidence/
Particle Health. Data Provenance. https://docs.particlehealth.com/docs/data-provenance