Data Integrity :
The increasingly complex regulatory environments have forced laboratories to adopt a new mindset to compliance and auditing… moving away from traditional instrument validation approaches and consolidating both the instrument data as well as the instrument support across the full spectrum of their lab assets.
What is Data Integrity?
Data Integrity Principles
Basic Data Integrity Expectations
Data Integrity examples and WL
Definition -MHRA Data: Information derived or obtained from raw data, for example a reported analytical result (MHRA, 2015) Data Integrity: The extent to which all data are complete, consistent and accurate throughout the data lifecycle.
Note: 1. Data can be ‘electronic’ or ‘paper based’ or ‘Hybrid’
2. Data lifecycle :From initial data generation and recording through processing (including transformation or migration), use, retention, archiving, retrieval and destruction
Why Data Integrity
• Assures the quality, safety and efficacy of the drugs
• The documented data is the only record of the activity presenting the quality of the product
• Reliability of the data presented
• Questioning Data Integrity = Loss of Trust
• FDA Hot Topic – “Guilty until Proven Innocent”
• Submitting false data to the FDA is a criminal violation under FD&C Act (CGMP /adulteration provisions)
Consequence of DI
• Warning letter
• Import alert
• Consent degree
• No further approvals
• Debarment / imprisonment –individual
What are lead to Data integrity Examples
Discarding source documents after accurate transcription
Deleting e-files after Printing
Inaction, inattention to detail & lack of supervision
Withholding critical information and etc..
Data Integrity – Regulatory requirement
– FDA September 1991: Application Integrity Policy
– Fraud, Untrue Statements of Material Facts, Bribery, and Illegal Gratuities
– MHRA Guidance March 2015: GMP Data Integrity Definitions and Guidance for Industry
– WHO Guidance September 2015: Good Data and Record Management Practices
– FDA Guidance for Industry April 2016: Data Integrity and Compliance With CGMP
– PICS August 2016: Good Practices for Data Management and Integrity in Regulated GMP/GDP Environments – EMA Questions & Answers August 2016
EDQM : Critical / Major Deficiencies India Manufacturers 2013 – 2016
Sterility & Contamination
QA & QC Equip. Qual.& Process validation
Facility & Production Operation
Supplier & material
MHRA -Data Integrity Definitions and Guidance
Data Integrity is the extent to which all data are complete, consistent and accurate throughout the data lifecycle. 4.7 Handwritten entries should be made in a clear, legible, indelible way.
4.8 Records should be made or completed at the time each action is taken and in such a way that all significant activities concerning the manufacture of medicinal products are traceable.
4.9 Any alteration made to the entry on a document should be signed and dated; the alteration should permit the reading of the original information. Where appropriate, the reason for the alteration should be recorded.
“The effort and resource assigned to data governance should be commensurate with the risk to product quality, Also be balanced with other quality assurance resource demands.
Manufacturers and analytical laboratories are not expected to implement a forensic approach to data checking on a routine basis, but instead design and operate a system which provides an acceptable state of control based on the data integrity risk, and which is fully documented with supporting rationale.”
How to Design a system to ensure data Integrity Systems should be designed to assure data integrity.
Examples not limited to ;
• Access to clocks for recording timed events
• Accessibility of batch records at locations where activities take place so that adhoc data recording and later transcription to official records is not necessary
• Control over blank paper/ templates for data recording
• User access rights which prevent (or audit trail) data amendments
• Automated data capture or printers attached to equipment such as balances
• Proximity of printers to relevant activities
• Access to sampling points / displays/ measuring devices
• Access to raw data for staff for review
Data Integrity as per USFDA Data integrity is critical to regulatory compliance, and the fundamental reason for 21 CFR Part 11.
A – Attributable
L – Legible
C – Contemporaneous
O – Original
A – Accurate
ALCOA principle ALCOA is an acronym representing the following data integrity elements:
Attributable – Who performed and when?
Legible – Can it be read? Permanent Record
Contemporaneous – Recorded at the time the activity was performed
Original – Original record or certified true copy
Accurate – Error free
A Attributable Who performed an action and when?
If a record is amended / changed, who did it and why?
Why- reason & explain in detail Traceable to the source data.
L Legible Data shall be recorded permanently Record shall be durable & readable.
C Contempora neous The data shall be recorded at the time the work is performed. Signature / initial with date O Original Is the information the original record or a certified true copy?
A Accurate No errors or if editing shall be amended properly
Complete – All data including repeat or reanalysis performed on the sample.
Consistent – Consistent application of data time stamps in the expected sequence
Enduring & Recorded on controlled worksheets, laboratory notebooks, or electronic media.
Available Available/accessible for review/audit for the lifetime of the record.
Data integrity issues
• Fabricating/faking data
• Copying existing data as new data
• Releasing failing product
• Hiding/obscuring SOP or protocol deviations
• Not saving electronic or hard copy data
• Inadequate reporting of failure and deviation
• Use of non-validated software
• Mismatch between reported data and actual data
• No links/traceability to source documents or original data
Data integrity issues
• Re-running samples / Test until release/ No /Inappropriate Audit Trail
• Inadequate Access Authorization/ Privileges
• Discarding Deleting of data/ omitting negative data (like OOS or eliminating outliers)
• Not reporting failing results /stability failures
• Conducting unofficial analysis
• Disabling audit trails in electronic data capture systems
• Fabricating training data
• Having unofficial batch sheets and analytical reports
Understand the difference between falsification and Bad/Poor Document Practice
Human errors data entered by mistake
Ignorance (not aware of regulatory requirements )
Wilfully (falsification or fraud with the intent to deceive)
Reporting only passing results by excluding failing results ?
Unauthorised changes to data post acquisition ?
Errors during transmission from one computer to another
Changes due to software bugs or malware of which the user is unaware
Typical content in WL
Firm did not identify, report, or investigate the out-of- specification (OOS) results.
Firm did not retain any raw data related to sample weights and sample solution preparations for the HPLC assays…. Repeated the analysis next day using a new set of sample solutions, and reported the retest results in COA
Firm deleted /disregarded OOS data without investigations, and selectively reported only passing results.
During inspection, QC Chemist admitted that, under the direction of a senior colleague, he had recorded false data in the logbooks for reserve samples
Failing to investigate consumer complaints.
Failing to extend their investigations of problems into all lots of product that were affected
The FDA found an operator performing in process weight checks memorizing two ” weights” , going to the next room where the batch records are kept and documenting
The documentation is first done on loose sheets of paper and recorded in batch record.
QC analyst label sample “trial” injections as standard rather than by the actual sample batch numbers”
Creating passing test results without performing the test
Access control is not implemented in GC, FTIR and HPLC to prevent unauthorized access and control
Lack of records demonstrating who performed analysis
Raw data not recorded contemporaneously nor by the performing analyst
Failed injections of QC standards (SS) deleted, repeated and inserted into the analytical sequence without explanation.
Chromatographic software was not validated to ensure re-writing, deletion of data prohibited
Falsification of batch records (re-writing clean records) Non-contemporaneous recording of lab data Recording of sample weights on scraps of paper Missing raw data
Typical content in WL FDA WL to Manufacturer Firm repeatedly delayed, denied, limited an inspection or refused to permit the FDA inspection:
1. Torn raw data records in the waste area ,asked to QA Officer to show these for inspector’s review. QA Officer removed 20 paper records
2. Inspector asked three times if there were any more records and the QA Officer responded to each question, “no, this is all of the records”.
3. Inspector then re-visited the waste area and found that the raw data records had been removed and placed in a different holding bag.
4. These records included raw data testing worksheets, MB report BPR calibration records, and stability protocol records.
5. Because Co. provided some, but not all, of the records requested by the investigator that FDA had the authority to inspect, Co.
All area will be accessed or copying of records for the FDA inspection.
Data Integrity – Implementation
Establish a “Data Integrity policy” to show that you are serious about falsification of data and that it is a cause for termination. Train on this policy.
Establish a general standard for GDP so that even the most innocent recording issues cannot be perceived as fraudulent.
Data Integrity – Implementation Prevention – better than cure!!!
Computer System Validation
Data review policy
Quality Risk Management Processes
Control of documents/ records
Strengthen internal Audit
Identifying risk factors
Promoting and supporting Quality Culture
Effective CAPAs –Systemic Assessment all the area
Quality Management Performance Review Meetings etc
Data Integrity – Implementation
Record all the data in a contemporaneous manner and sign
Enter the date & time as per procedure
Any error shall be corrected as per GDP
Any changes should be noted, with reason and non repudiated
Data shall accurately reflect who performed or witnessed the activity or who entered results or verified the accuracy of entries. Never record the signature or initials of another person
Never pre-date or back date entries on any record
Computer system shall be trustworthy, validated, ensure access control & audit trail
Let us Question ourselves
Are we compliant with the ALCOA Principles in our daily work?
Do we meet the requirements of regulatory Guidelines?
Where do we have problems or deviations regarding data integrity?
Which employees have difficulties with implementation?
Do we live by the principles of a comprehensive quality culture?
Is quality a critical factor for the company’s decision processes?