5 years of measurement data retention — why audits require it
Measurement data retention for audits: why 5 years of raw history, signed PDF reports (SHA-256) and an audit trail matter — and what their absence costs.
Zespół Nextriv4 min read
In this article
- Where the 5-year requirement comes from
- Measurement data retention in audit practice: what the inspector will demand
- Raw data for 1825 days — no aggregation
- What Nextriv stores, and for how long
- Credibility: signed PDFs and the audit trail
- Availability: exports instead of proprietary formats
- Four questions to test your own retention
- What it costs — and what its absence costs
Measurement data retention is the kind of topic an audit brings up at the worst possible moment: the inspector asks for the temperature history of a specific week three years ago, and the system keeps data for a year. In regulated industries — pharmaceuticals, healthcare, food — the record of storage conditions is the proof of product quality. And proof that doesn't exist works against you. We explain where the 5-year requirement comes from, why raw data matters rather than averages, and what retention that holds up under inspection looks like.
Where the 5-year requirement comes from
The hardest source is Good Distribution Practice: GDP requires documentation to be kept for the period defined in national law, no less than 5 years. Temperature and humidity records from medicine storage areas are part of that documentation.
But 5 years is no regulator's whim. Behind that period stands the logic of product liability:
- Batch shelf life. A complaint or adverse event may concern a batch produced and stored years ago — and then you have to demonstrate that conditions were right across the whole chain.
- The inspection cycle. Audits and inspections don't visit every entity annually; they ask about the period since the previous visit, which can span years.
- Disputes and claims. In a dispute with a supplier, insurer or customer, the measurement history is often the only objective witness.
Measurement data retention in audit practice: what the inspector will demand
The auditor doesn't ask "do you have monitoring". They ask about three things, in this order:
- Completeness — history without gaps, covering nights, weekends and network outages. Every gap is a question, and no answer means a deviation in the report.
- Credibility — how do you know the record wasn't altered after the fact? Paper and an editable spreadsheet lose this one outright.
- Availability — the data must be produced on request, in readable form, in reasonable time. "The backup is somewhere on tapes" is not an answer.
Well-designed retention answers all three points at once — and that's exactly how it's built in Nextriv.
Raw data for 1825 days — no aggregation
On the PRO plan, Nextriv stores raw measurements for 1825 days (5 years). The word "raw" makes all the difference here. Many systems replace measurements with hourly or daily averages after a few months — the chart looks similar, but as evidence it's a chasm: a 20-minute excursion outside the 2–8 °C range vanishes into an hourly average without a trace.
Nextriv takes a different path: data older than 7 days is compressed (taking 80–95% less space) but remains full, raw measurements — available for analysis, charts and reports throughout the retention period. Five years of history requires no compromise on detail.
The FREE plan stores 365 days of raw data — an honest starting point, which a multi-year audit will nevertheless not consider sufficient.
What Nextriv stores, and for how long
| Resource | FREE | PRO |
|---|---|---|
| Measurements (raw data) | 365 days | 1825 days (5 years) |
| Reports | 30 days | 365 days |
| Notifications | 30 days | 90 days |
| Audit trail and security log | — | 5 years (1825 days) |
Credibility: signed PDFs and the audit trail
Retention answers "how long", but the audit also asks "how do we know it's true". Two mechanisms work here, described in more detail on the Nextriv security page:
- PDF reports signed with SHA-256. Every report on the PRO plan gets a checksum, a QR code and a verification address. The recipient — a client, auditor or inspector — verifies for themselves that the document wasn't changed after generation. Last year's report is just as verifiable as yesterday's.
- An audit trail kept for 5 years. A chronological register of user actions plus a separate security event log, stored for 1825 days and exportable to CSV/PDF. Who changed an alarm threshold, who acknowledged an event, who generated a report — all with date and author. That's the accountability regulated environments demand (including electronic record requirements in the spirit of 21 CFR Part 11).
The third, less obvious element of credibility is continuity at the source: loggers such as Nextriv Probe Solo buffer 4000 measurements locally and backfill them after a connectivity outage. Five-year retention isn't worth much if the data has week-long holes after every internet failure.
Availability: exports instead of proprietary formats
Data you can't produce formally doesn't exist. That's why everything Nextriv stores can be pulled out in open formats: measurements to XLSX/CSV, reports to PDF, the audit trail to CSV/PDF. Report scheduling (PRO) can send documentation cyclically — every week a ready, signed PDF in the quality officer's inbox before anyone asks for it.
The other side of the same coin is the right to erasure: in line with the GDPR, data can be deleted on request, including self-service deletion of the entire organisation. Retention is a policy, not a trap.
Four questions to test your own retention
Before the auditor does it, answer them yourself:
- How far back does your raw data go? Not charts and not averages — individual measurements from a specific hour of a specific day.
- Can you prove the integrity of the record? If someone challenged a report from two years ago, how would you show it wasn't edited?
- Who changed the configuration, and when? An alarm threshold changed a week before a deviation, with no trace in the register, is a scenario inspections really dislike.
- How long would producing the data take? If the answer is measured in days, in practice you don't meet the availability requirement.
Two or more "no" answers mean the topic is more urgent than it seems.
What it costs — and what its absence costs
The PRO plan with full five-year retention of raw data, an audit trail, signed reports and schedules costs 99 PLN net per 30 days or 990 PLN net per year (excl. VAT) — with no limits on sensors or users. For comparison: a single audit deviation can cost days of corrective work, and a lost batch of refrigerated medicines — a multiple of the annual subscription.
If your current system keeps data for less time than your audit cycle requires, this isn't a "someday" problem — the gap in your history grows every day. Check the plan details in the pricing and start building the history that will be your best argument five years from now.
