Data integrity is one of the most serious issues that most pharmaceutical companies are facing. Here, we are going to discuss what is data integrity, the common issue of data integrity, how to minimize the risk of data integrity. Procedure for correction of Data Integrity issues.
1. What is data?
Data is facts, figures, and statistics recorded or generated (collected) during the GXP activity. Data includes all original records, true copies, source data, metadata, reports which are record during the GXP activity. Data should follow the ALCOA+ principle i.e Attributable, Legible, Contemporaneous, Original, Accurate, Available, Enduring, Complete, Consistent.
Refer guideline Data integrity and compliance with cGMP
2. Type of data:
2.1 Raw data
It is the original record which captured the first time either electronically or recorded on paper (manually). In the case of balance, pH meter instrument data do not store electronically they provide printed data output that time printed data consider as raw data.
Refer Guideline GXP data integrity guidance and definitions
Complete record in the form of laboratory worksheet, records, notes, memoranda, microfilms, photographs, computer printouts, magnetic media, dictated observation, recorded data from automated instruments also consider raw data.
Refer guideline Data integrity and compliance with cGMP
2.2 Source data
This terminology is used for clinical investigation purposes. Source data is the same as raw data (laboratory investigation purpose). Source data include original records of clinical observation and investigation. Source data review by both sponsor and FDA for safety, quality, and integrity (ALCOA+).
Refer guideline Guidance for electronic source data in a clinical study
2.3 Metadata
Data which indicates attributes (Specialty) of other data and gives reference and meaning of that other data. Contextual information required to understand data. Metadata described as data about data. The audit trail is considered as metadata. Data that automatically generated by the original data source also consider as metadata.
Refer Guideline GXP data integrity guidance and definitions
Refer guideline Data integrity and compliance with cGMP
2.3.1 Audit trial
Form of metadata having information about creation, alteration, or deletion of GXP record. This secure recording of product details during the manufacturing life cycle. This is the medium includes who, what, when, why chronologically the action performed. The computerized system responsible for the generation of raw data always links with an audit trail to identify the alteration, deletion, or any changes in data by retaining both altered data and original data. An audit trail is secure, computer-generated data The audit trail should always switch on. Only administrators having the right to switch off audit trail and the record retains of that activity. Audit trial should review as relevant data if any abnormality found during reviewing audit trial, an investigation is required.
Refer Guideline GXP data integrity guidance and definitions
Refer guideline Data integrity and compliance with cGMP
 |
| Raw data, Source data, Metadata |
3. List of Data Generated in pharma industry but not be limited
3.1 Batch Manufacturing Record (BMR) / Batch Processing Cleaning Record (BPCR)
3.2 Batch Packing Record
3.3 Training Record
3.4 Laboratory test report (In process/Finished Product)
3.5 Out of Specification (OOS)
3.6 Out of Trend (OOT)
3.7 Deviation
3.8 Change Control
3.9 Market Complaint
3.10 Product Recall
3.11 Validation (Analytical/Process/Equipment /Cleaning)
3.12 Stability record
3.13 Logbooks
3.14 Returned good
3.15 Job description of the employee
3.16 Attendance of employee
3.17 Health checkup
3.18 Work orders
3.19 Preventive maintenance
3.20 Internal / External Audit
3.21 Audit compliance
3.22 Annual Product Quality Review (APQR) / Annual Product Review (APR)
3.23 Approved vendor documents.
4. What is Data Integrity?
Completeness, consistency, and accuracy of data is data integrity. Data must follow the ALCOA+ principle i.e Attributable, Legible, Contemporaneous, Original, Accurate, Available, Enduring, Complete, Consistent.
Refer guideline Data integrity and compliance with cGMP
Data are complete, consistent, accurate, legible, reliable, prompt and data maintained throughout the lifecycle. The ALCOA+ principle i.e Attributable, Legible, Contemporaneous, Original, Accurate, Available, Enduring, Complete, Consistent. Data integrity directly indicates quality. Follow good documentation practices (GDP) for better data quality.
Refer Guideline GXP data integrity guidance and definitions
5. Why ALCOA+ (plus) / ALCOA+ Principle :
ALCOA+ acronym is used for data integrity purposes. ALCOA represents the terms Attributable, Legible, Contemporaneous, Original, Accurate. But now, ALCOA is outdated and ALCOA+ is the updated concept. This “+” represents Available, Enduring, Complete, Consistent.
6. The Common Issues of Data Integrity:
6.1 Share Username and Password:
Employee shares their username and password so difficult to identify who did the activity or alter the record. Not follow the attributable of ALCOA+.
ICH Q7 guideline Good manufacturing practice for Active Pharmaceutical Ingredients Point 5.4
6.2 No Computer system control:
In some organizations, it found that the user has the right to change or modify the method which is not acceptable. Not follow original, accurate of ALCOA+.
ICH Q7 guideline Good manufacturing practice for Active Pharmaceutical Ingredients Point 5.4
6.3 Data Manipulation:
Manipulation of data is a common issue found in most industries. Alter the original data to pass the sample. Not follow the original, accurate of ALCOA+.
6.4 Destruction without recording:
Torn documents are found in dustbin or scrap with the sign of employee without recording and justification. Indicates data falsification.
6.5 Backdated documentation:
Filling document backdated or run the sample by changing the date in the system there is no control over the computer system. Not follow the contemporaneous of ALCOA+.
6.6 Incomplete data:
The record is not completed. Record found unfilled which is a question mark on the quality of the product. Not follow the Good documentation practices (GDP), Complete, accuracy of ALCOA+.
6.7 Audit trail turn off:
The laboratory has turned off the audit-trail functionality within the system without justification.
Refer Guideline GXP data integrity guidance and definitions
Refer guideline Data integrity and compliance with cGMP
6.8 Lack of Knowledge:
People involved in the activity having a lack of knowledge. Just doing the activity but don’t know why, how, when. Due to inadequate training person using the wrong technique. Don’t follow the written procedure.
ICH Q7 guideline Good manufacturing practice for Active Pharmaceutical Ingredients point 3.1
6.9 Cybersecurity:
Inadequate cybersecurity available so, the chance of losing data after a cyber attack.
Refer USFDA 21 CFR 212.110 (b)
ICH Q7 guideline Good manufacturing practice for Active Pharmaceutical Ingredients Point 5.4
6.10 Improper data backup system :
The system fails to take a backup of data and protect records from loss. The auto backup system not available.
Refer USFDA 21 CFR 212.110 (b)
ICH Q7 guideline Good manufacturing practice for Active Pharmaceutical Ingredients Point 5.4
 |
| Common data integrity issues |
7. How to minimize the risk of Data Integrity
7.1 Management promotes Integrity:
Several risks of data, integrity reduces by promoting integrity by management. Each and every employee be honest about work. Management responsible to generate culture, provide awareness programs, quarterly meetings, discussion on warning letters, form 483, etc is helpful for understanding what mistakes are they doing while practicing or working activity. Explain the management strategy for a site with corrective and preventive action (CAPA) plan.
7.2. Trustworthy Audit Trail:
An audit trail is helping to minimize the risk of data integrity risk. Audit trails are capture all data including original data, modified data. Data secure and recorded throughout the different stages of its lifecycle, including where it came from and alteration in data.
7.3. Consultant:
FDA recommends third party consultant having a good experience, known about regulatory expectation, evaluate data integrity, suggest a remediation plan.
ICH Q7 guideline Good manufacturing practice for Active Pharmaceutical Ingredients point 3.3
7.4. Comprehensive evaluation:
In-depth evaluation of the procedure for finding the problem, root cause. FDA expects a detailed and complete description/procedure to find the scope of the problem. FDA evaluates this comprehensive evaluation by interviewing people and system that breaks data integrity.
7.5. Corrective and preventive action (CAPA):
FDA expects proper analysis of finding. The procedure is available for monitoring the plan. This action is helpful to detect and eliminate cause to prevent occurrence. CAPA system procedure should be defined and documented. CAPA procedure is able to identify, analyzed, and correct the data existing source of the problem. Investigate and prevent the potential cause of the problem. Verify this preventive action are appropriate
7.6 Good Documentation Practices (GDP):
This is one of the best method to minimize the risk of data integrity. Good documentation Practice (GDP) applies while recording all quality-related data. This tool is helpful to maintain consistency, legibility, the accuracy of documents. So, the documents are trustworthy.
Overwriting is the most common mistake found during audit/inspection. Overwriting is consider as false data, inaccurate, alteration of data. If any mistake happens while reporting data such entry correct without alteration of original entry. Draw a single horizontal line on the wrong entry rewrite the original entry (true value) with sign and date.
7.7 Ensure all computer systems are regulatory compliant:
Computer hardware and software should demonstrate competency with proper installation and operational qualification. The computer system is reliable, accurate, and consistent. Data for the protection system is available.
ICH Q7 guideline Good manufacturing practice for Active Pharmaceutical Ingredients Point 5.4
7.8. Validate computer systems:
Computer system validation is a high degree of assurance that computer software producing results are consistent with the predetermined rate. Validation is depending on the complexity, the criticality of the computer system application.
ICH Q7 guideline Good manufacturing practice for Active Pharmaceutical Ingredients Point 5.4
7.9. Limited system access:
All systems should require a control login system to prevent unauthorized access so minimize the chances of change or any modification. All data captured that who made the change and when.
Refer USFDA 21 CFR part 11 subpart B sec.11.10 (d)
ICH Q7 guideline Good manufacturing practice for Active Pharmaceutical Ingredients Point 5.4
7.10 Backup and recovery procedures available:
A backup and recovery strategy is necessary for the unexpected event of permanent data loss and errors. This procedure is helpful in the reconstruction of data in any major event.
Refer USFDA 21 CFR 212.110 (b)
ICH Q7 guideline Good manufacturing practice for Active Pharmaceutical Ingredients Point 5.4
7.11 Design a Quality Management System with SOPs and logical controls:
All pharma manufacturers should establish and implement an effective system for quality management. Management actively involved in this quality management system. Quality Assurance (QA), Quality Control (QC), Production, QA, QC is part of the quality management system. QA and QC are independent of the production department.
ICH Q7 guideline Good manufacturing practice for Active Pharmaceutical Ingredients Point 2
7.12 Vendor qualification:
The vendor defines as a supplier of the product, service to another business. The manufacturer also acts as a vendor or supplier if the manufacturer directly supplies service or product to another business. Vendor supply raw material (RM), packing material (PM), personal protective equipment (PPE) like gloves, masks, etc. to the pharmaceutical industry. The vendor should fulfill all quality-related issues. The pharmaceutical industry qualifies the vendor depends on their quality, cGMP compliance. Quality agreement plays a very important role to solve the quality-related conflict between the pharmaceutical industry to vendor.
7.13 Employee training and maintain training records:
An adequate number of persons should be qualified, train-related to employee function. GMP related training is mandatory for all persons. Documented training records provide this proof.
Guideline ICH Q7 Good manufacturing practice for Active Pharmaceutical Ingredients Point 3.1
7.14 Conduct Internal Audits to evaluate controls and procedures:
Prevention is always better than cure this phrase is applicable in case of internal audit / self-inspection. Prevent our self before any serious issue. Internal audits / Self-inspection ensures that all procedures, the system is in accordance with cGMP. Internal audits / Self-inspection is best to identify the gaps between the system and the regulatory requirements.
ICH Q7 guideline Good manufacturing practice for Active Pharmaceutical Ingredients Point 2.4
7.15 Annual product review (APR) / Annual Product Quality Review (APQR):
This is a bunch of data that we produced in one year. It includes all data of each product manufactured in one year. Its lifecycle history of the product till starting material to the finished product. The statistical trend of annual product quality review (APQR) is helpful to identify the process capability of our product. Product process improvement based on the conclusion of APQR/APR/PQR/PPR.
ICH Q7 guideline Good manufacturing practice for Active Pharmaceutical Ingredients Point 2.4
 |
| How to minimize the risk of Data Integrity |
8. Why necessary to minimize data integrity / FDA basic requirement:
8.1 Reconstruct the manufacturing process
Regulator and industry to be able to reconstruct the manufacturing process to record.
8.2 To avoid falsification
There is no false, omission, hiding, and substitution of data. Regulatory bodies take serious action on such an issue.
8.3 To avoid regulatory action
Regulatory bodies like USFDA, MHRA, TGA, etc. take serious action if they are not satisfied with your data handling procedure, product mix-up, cross-contamination, cleaning procedure, manufacturing procedure, etc. They consider it a serious cGMP violation.
FAQ:
1. What is data integrity?
Completeness, consistency, and accuracy of data is data integrity. Data must follow the ALCOA+ principle i.e Attributable, Legible, Contemporaneous, Original, Accurate, Available, Enduring, Complete, Consistent.
2. What is data integrity and why it is important?
Completeness, consistency, and accuracy of data is data integrity.
Importance of data integrity:
1. Reconstruct the manufacturing process –
Regulator and industry to be able to reconstruct the manufacturing process to record.
2. To avoid falsification/manipulation of data.
There is no false, omission, hiding, or substitution of data. Regulatory bodies take serious action on such an issue.
3. To avoid regulatory action –
Regulatory bodies like USFDA, MHRA, TGA, etc. take serious action if they are not satisfied with your data handling procedure, product mix-up, cross-contamination, cleaning the procedure, manufacturing procedure, etc. They consider it a serious cGMP violation.
3. What are data integrity issues?
Data Completeness, consistency, and accuracy is data integrity. Common data integrity issues are lack of knowledge about documentation, Improper data backup system, Audit trial turned off, Data manipulation, No computer system control, Backdated documentation, cybersecurity, incomplete data, destruction of data without recording, etc.
4. How do I preserve data integrity?
Data integrity is preserved by the following the ALCOA+ principle and Good Documentation Practices (GDP). Data must follow the ALCOA+ principle i.e Attributable, Legible, Contemporaneous, Original, Accurate, Available, Enduring, Complete, Consistent. This ALCOA+ principle and Good Documentation Practices (GDP) are helpful for minimizing the risk of data integrity.
5. What is an example of data integrity risk?
An example of data integrity risk is:
1. Incomplete data.
2. Sharing your username/password with the unauthorized person.
3. Data manipulation by the person
4. No control on a computer system
5. No data backup system available.
6. lack of knowledge to the person
7. backdated/predated documentation of data