Currently the biggest issue facing the pharmaceutical industry is Data Integrity, due to the growing use of computerized systems and rising prevalence of outsourcing manufacturing process. Data integrity is integral to the industry as it ensures that the data generated during drug manufacturing, sample analysis, etc. are accurate, complete, and reliable. This article will set out to tell the reader what data integrity is, why it is important, and how to properly establish data integrity guidelines in your pharmaceutical labs.
What Is Data Integrity?
Data integrity is the key component in building trust between regulatory agencies and the industry. For the pharmaceutical manufacturing industry, data integrity is the state where data is Attributable, Legible, Contemporaneous, Original, Accurate, Complete, Consistent, Enduring, and Available (ALCOA-plus).
What Does The Acronym ALCOA Or ALCOA+ Stand For?
Attributable
The data generate or collected must be traceable to the individual who generated the information.
Legible And Permanant
The data record must be readable and permanent.
Contemporaneous
The results, measurements, etc. must be recorded at the time the work is performed.
Original
Original or source data are the record, report, notebook etc., where the data point was initially recorded.
Accurate
The data recoded must be complete, consistent, truthful, and representative of the facts.
Complete
Information that is critical to recreating and understanding an event. This would include any repat or reanalysis performed on a laboratory test sample.
Consistent
The data are presented, recorded, dated, or time stamped in the expected and defined sequence.
Enduring
The data or information must be maintained, intact, and accessible throughout their defined retention period.
Available
The data or information must be able to accessed at any time during the defined retention period.
With an increase in use of computerized systems in the pharmaceutical industry and with current regulation of physical data being more well-defined than regulation of electronic data, this creates an environment that lacks synergy and cohesion. Furthermore lack of this could lead to many issues ranging from substandard product being released into the market to loss of public confidence
Establishing Data Integrity Guidelines
The following is intended to be used as a guideline only.
Establishing a culture of integrity is required in any company that wants to have an effective regulation policy. To attain this culture management must treat data integrity seriously and employees would then feel obligated to do the same. This can be affirmed by management highlighting or commending employees who display great data integrity practices. Also instituting collaboration within the organization. Too many times QAs, QCs, and scientists are not on the same page as it takes all involved parties to ensure data integrity. All parties should be aware of one another’s roles, tasks and responsibilities.
Any data integrity policy should consider preventing many common reasons for loss data integrity some examples are human error, security issues, and hardware or infrastructure issues. The following should be practiced and implemented to help establish a culture of data integrity.
-
- Data Entry Training – employees should be trained on how to enter data delegate them with the responsibility of preserving the Data Quality.
-
- Validating Input and Data – Data needs to be verified, and the data inputs must be validated to ensure they accurate
-
- Back up Data – the act of backing up data should be done on a regular basis. Data back up plays a crucial role in data integrity as it ensures data will be not lost to any type of unexpected event and it preserves the integrity of the data. Any back up system should take into account cybersecurity and have limited access.
-
- Use Access Controls – Access Controls is the selective restriction of access. A basic example of access controls is the privilege model. The privilege model gives access to only selected users, while the selected users are only able to conduct actions (privileges) that are granted to them. This limits users abilities to break data integrity protocols.
-
- Keeping an Audit Trail – the audit trail should be generated automatically, users should not be able to tamper with the audit trail, every event creation, modification, deletion by users; should be tracked and recorded, every event should be time stamped with date and time, reason for change, and any invalid log in attempts to the system
Perform periodic internal audits on your data integrity system/policy to see effectiveness, perform risk assessments as needed.
- Keeping an Audit Trail – the audit trail should be generated automatically, users should not be able to tamper with the audit trail, every event creation, modification, deletion by users; should be tracked and recorded, every event should be time stamped with date and time, reason for change, and any invalid log in attempts to the system
The Future Of Data Integrity In Pharma
With the continued computerization of the industry, preserving data integrity has come to the forefront of Pharma. We are creating and gathering so much data at a rapid rate that creating it, storing it, and managing it has become a major issue. Even though the task can seem daunting having a strategic plan in place can allow for a great level of execution. To achieve this will it take commitment from management and employees alike, with collaboration from all involved parties instituting a set of rules and guidelines that follows the principles set out in ALCOA-plus.