In September 2021, a pharmaceutical manufacturing company received a warning letter from the U.S. Food and Drug Administration (FDA) for a number of violations, including the following data integrity infractions:1
The FDA has long emphasized the importance of the data integrity aspect of current good manufacturing practices (CGMP) for companies developing regulated products. To help organizations better understand the regulation and reduce the number of violations across the industry, the agency drafted a question-and-answer-based data integrity guidance titled “Data Integrity and Compliance With CGMP.”2
When the guidance was finalized in 2018, then FDA Commissioner Scott Gottlieb expressed his concerns about the issue. “In all cases, we regard any lapse in data integrity as a risk to patient safety. Patients can’t be assured of the safety and effectiveness of their medication when data has been altered,” he said.3
In a nutshell, data integrity can be summed up by the acronym ALCOA:4
However, the FDA’s expectations for data handling extend beyond this benchmark. This means companies need to implement meaningful and effective strategies to manage their data integrity risks. Ultimately, falling out of compliance with data integrity leads to:
The following questions from the agency’s Q&A guidance provides valuable insight into proper data management.
Metadata is the contextual information required to understand data. It’s essentially data about data. For instance, a value by itself (e.g., 3) is meaningless without additional information about the data (e.g., 3 milligrams). To have relevance, documentation needs to include contextual attributes such as:
Outside of providing clarifying information, metadata makes it easier to manage, retrieve, and use data.
An audit trail is a secure, computer-generated, and time-stamped electronic record. It allows for easy reconstruction of the events (who, what, when, and why) relating to the creation, modification, or deletion of a record. For example, the audit trail for a high-performance liquid chromatography (HPLC) run needs to include the staff member’s name, date, time of the run, and the integration parameters used. It also needs to include documentation justifying any changes.
The guidance says that electronic copies can be used as true copies of paper or electronic records. However, it also stipulates that the copies need to preserve the content and meaning of the original data — this includes associated metadata and the static or dynamic nature of the original records.
Manufacturers are allowed to keep paper printouts or static records. However, some electronic records are dynamic in nature. In this case, the printout or static record does not preserve the dynamic nature of the original electronic record. According to the FDA, the record would fail to meet the CGMP requirements.
The short answer is yes. The FDA’s guidance states that workflows, such as batch records and control records are an intended use of a computer system, which needs to be checked through validation. It goes on to say that if you validate your computer system, but do not validate it for its intended use, you cannot know if your workflow is running correctly.
Any changes to computerized master production and control records (MPCRs) or other records as well as the input of laboratory data into computerized records must be completed only by authorized personnel. The FDA recommends that whenever possible, you should use technology to restrict the ability to alter specifications, process parameters, or manufacturing and testing methods (e.g., limiting permissions for specific tasks and types of data).
All data generated to satisfy a CGMP requirement is a CGMP record. The data integrity guidance states that in order to comply with CGMP requirements with manufacturing processes, you must document or save recorded data at the time a task or process is performed. Also, all data that is recorded and maintained cannot be modified or discarded.
Because of the criticality of data integrity, the FDA’s guidance expands beyond the parameters of the standard CGMP requirements. While the guidance is not binding, the agency tends to rely on guidances during inspections and when making enforcement decisions5.
The FDA is determined to ensure that consumers have confidence in the quality, safety, and effectiveness of health care products. In pursuing that initiative, the agency will continue to ramp up its enforcement of data integrity compliance guidelines. That said, companies are urged to implement digitized technologies, such as an electronic document management system (EDMS), designed to automatically prevent omission, incorrect entry, unauthorized alteration, etc. of data.
A digital quality management system (QMS) will enable you to ensure the integrity of your data, easily comply with all other regulatory requirements, and remain audit-ready at all times. Advantages of a digital QMS specific to data management include:
To learn more about a technology-driven approach to not only ensuring data integrity, but turning data management into a business accelerator, download MasterControl’s “Connecting Quality Data to Overcome Pharma’s 3 Toughest Challenges.”
Enjoying this blog? Learn More.
Eliminating Data Integrity Errors Through DigitizationDownload Now