Data integrity and ALCOA principles have always concerned regulatory authorities, especially when it is related to medicinal products and GxP-related activities. The ALCOA acronym has been used since the 1990s. It is important to understand that the industry has changed dramatically over the years, considering the continuous development and introduction of new technology and tools. Even if continuously adapting to the current technologies and trends, the overall concept of assuring the integrity and reliability of data with GxP impact remains of the same importance.
ALCOA Data Integrity In The Pharmaceutical Industry
Data integrity is part of the quality culture. The idea behind data integrity is to guarantee the traceability and security of data throughout all pharmaceutical processes and systems. This guarantees the reliability of your information, the identification and traceability of all changes, and helps you avoid losses and protects historical records and inventories.
That’s why as part of the GxP requirements, the FDA has defined essential principles to be implemented and followed, in order to assure the integrity of both paper-based and electronic data.
Data Integrity: Principles Of ALCOA+
The ALCOA principle or ALCOA data integrity describes the most important data integrity requirements, the term was used first in the 90s as part of the Good Documentation Practices. So what does ALCOA stand for? It’s an acronym that outlines the following properties / integrity principles that data must have.
- A = attributable to the person generating the data
- L = legible and permanent
- C = contemporaneous
- O = original record (or certified true copy)
- A = accurate
Data Integrity Following ALCOA Principles
Since data integrity, in particular, pharmaceutical data integrity, has become a fundamental topic in GxP environments, understanding the ALCOA acronym is crucial in fully grasping the importance of data integrity and ALCOA standards.
To make the data “ATTRIBUTABLE”, all the information must be generated, recorded and stored in such a way that it can be attributed to the responsible person, e.g. through the use of a validated computerized system. This means that all paper and electronic data must be attributable to the person generating the data, this includes who performed an action and when. Attributable can be accomplished by recording manually by initialing and dating a paper record or by audit trail system functions, integrated in an electronic system.
To follow the “LEGIBLE” principle, all paper and electronic data must be legible, permanent, and accessible throughout the data lifecycle. This means that data and recorded media should be durable, so paper and ink should not be temperature-sensitive, photosensitive or easily oxidizable, and electronic storages shall be tested and continuously maintained.
“CONTEMPORANEOUS” means to generate/record the paper or electronic data at the time a complete, truthful, and reflective of the observation of the process.
In 2010 the ALCOA principles were expanded to ALCOA+, in order to better define the requirements to preserve data integrity.
What Is ALCOA+ (Plus)
Behind the “plus” stands the acronym CCEA. CCEA stands for complete, consistent, enduring and available. These extended principles shall be considered to comply with full data integrity requirements. ALCOA+ principles can therefore be understood as an extension of the basic ALCOA principles.
COMPLETE = The data must be whole; a complete set.
CONSISTENT = The data must be self-consistent and chronological.
ENDURING = Data must be durable; lasting throughout the data life cycle.
AVAILABLE = Data must be readily available for review or inspection purposes.
What Is The Difference Between ALCOA and ALCOA+?
In general terms, there is no real difference in expectations, regardless of which acronym is used. The only difference is in the terminology being used, in which one could argue that the term ALCOA+ takes into account what is known as “Audit Trails”.
These audit trails are used in particular to track users and projects and to document that users have not made any unauthorized changes, therefore, covering the requirements of the CCEA.
How To Meet All 9 ALCOA Principles?
No matter the size, many companies are currently using electronic systems, with the goal to increase their operational efficiency through the use of automated and controlled processes. Considering how critical it is to ensure a suitable level of control on the management of data through the entire life-cycle, data integrity guidance is crucial. That’s why here we will focus on how to fulfill ALCOA+ most basic requirements on computerized systems.
- To be “ATTRIBUTABLE” your system must have:
- Individual user accounts
- Capacity to store data related to individual user activities (who – what – when)
- Electronic signatures that are permanently linked to user activities with identification and time stamp
- To be “LEGIBLE AND PERMANENT” your system must:
- Allow data legibility. Pay special attention to the font type, size and language of your data.
- Have safeguards to avoid data loss.
- To be “CONTEMPORANEOUS” your system must:
- Be configured to record activities, events, and decisions as they occur.
- Have secure timestamps that cannot be changed, and are stored synchronously across all process levels.
- To be “ORIGINAL” your system must:
- Have secure electronic storage of data. Backup copies, cloud storage etc.
- Have established process flows for data review and approval, ensuring proper identification and traceability of both raw data and processed data.
- To be “ACCURATE”, “COMPLETE”, and “CONSISTENT” your system must:
- Have procedures and workflows for standardized controls (e.g. input of data should be checked for accuracy and completeness by a second person).
- To be “ENDURING” your system must:
- Be regularly maintained, updated and re-validated (when necessary) .
- To be “AVAILABLE” your system must:
- Be able to generate audit trails.
- Have hierarchy processes in place to allow access to data.
What Do I Need To Ensure Data Integrity Through ALCOA?
Problems with data accuracy and consistency exist in every business, which can result in everything from minor disruptions to substantial business complications. Understanding the basics of data integrity and business continuity is the first step in preserving the quality and security of your data.
To ensure your data integrity it is recommended to:
- Have an improved information and communication structure. Limit data access and change permissions to restrict data modifications by unapproved parties.
- Implement a well-defined process to identify and minimize data integrity risks
- Have an adequate use and understanding of technology, IT systems, and related compliance requirements.
- Apply a targeted management of data integrity. Keep a regular backup of your data to prevent any loss.
- Focus on validation of computerized systems, including people, equipment and processes; the validation effort shall be always commensurate with the risk assessed..
- Use logs to monitor when data is recorded, modified,, or archived.
- Conduct systematic internal audits to ensure compliance with established processes and regulatory requirements.
The collection and storage of data is of enormous importance. Creating suitable processes and control mechanisms should therefore have a high priority in your quality management to maintain data integrity. Furthermore, it is particularly important that it is always clear whether data is in its original state or whether an intervention in the data structure has taken place. If changes were made to the data, these should always be always traceable and documented.
The Importance Of Data Integrity
Data integrity has always concerned regulatory authorities, especially when it is related to medicinal products and GxP-related activities. The ALCOA acronym has been used since the 1990s. It is important to understand that the industry has changed dramatically over the years, considering the continuous development and introduction of new technology and tools. Even if continuously adapting to the current technologies and trends, the overall concept of assuring the integrity and reliability of data with GxP impact remains of the same importance.
ALCOA are a set of 9 data integrity principles introduced by the FDA, to ensure the reliability of data and information obtained in production and control of pharmaceutical products.
Data integrity principles are that data must be Attributable, Legible, Contemporaneous, Original and Accurate.
ALCOA and ALCOA+ are principles established to assure data integrity efforts, including the assignability and traceability of data.
The purpose of ALCOA is that of ensuring that data generation and recording related to a product is accurate and consistent throughout the life cycle of said product.
ALCOA+ stands for Attributable, Legible, Contemporaneous, Original, Accurate, Complete, Consistent, Enduring and Available.
ALCOA is a commonly used acronym for “attributable, legible, contemporaneous, original and
accurate”. And ALCOA+ is ALCOA plus the CCEA principles of “complete, consistent, enduring and available”.
Data integrity is the degree to which data are complete, consistent, accurate, trustworthy and reliable