Basic data integrity issues continue to plague many businesses. The quantity of warning letters and Form 483 inspectional observations at manufacturing facilities throughout the globe is evidence of this. Import restrictions, product seizures, non-approvals or delayed approvals, substantial penalties, disbarment, and criminal responsibility for people or businesses are all possible consequences of non-compliance. Errors in data integrity may reduce FDA and consumer confidence. Even a simple error might be mistaken for a deliberate scam. This article walks businesses subject to FDA regulation through the data integrity compliance procedure.
The legal standards for data integrity
Among the requirements for data integrity listed in 21 CFR 211 and 212 are:
- Backup data are “safe against manipulation, accidental erasures, or loss,” precise and full, and
- To “avoid degradation or loss,” data must be “stored.”
- “Documented at the time of performance” requirements for certain actions and “scientifically sound” requirements for laboratory controls
- original records, authentic copies, or other “exact replicas of the original records” be kept on file.
- “Complete data obtained from all tests,” “full record of all data,” “complete record of all data,” and “complete records of all tests run”
- Record-keeping obligations and electronic signatures
- Data Integrity and Compliance with cGMP: FDA Draft Guidance, April 2016 The Agency’s current thinking on the generation and processing of data in line with CGMP regulations is provided in this advice.
- Definitions and Guidelines for Industry GMP Data Integrity from the MHRA, March 2015.
- Code of Conduct for PDA
Challenges and Causes of Data Integrity Infractions
Despite the many guidelines and public declarations outlining what is required of the manufacturers, many businesses have issues with data integrity because of the following factors:
The majority of the data for the pharmaceutical sector is gathered manually. There are several locations where data may be transferred, including worksheets and notes to calculators and back, LIMS, reports, and so forth. Data transmission errors may happen, as is usually seen during audits.
The management must play a crucial role by taking action to counteract each of the aforementioned variables that lead to problems in data integrity.
Understanding related terminology and putting into practice the recommended best practices outlined in the guidance papers is a crucial step on the road to data integrity compliance.
Definitions Associated with Data Integrity and Best Practices
The term “data integrity” relates to the consistency, correctness, and completeness of data. Such information need to be traceable, readable, contemporaneously recorded, authentic, original, or a genuine copy (ALCOA).
- The contextual information needed to comprehend data is known as metadata.
- It is defined as information about information.
- Data retrieval, usage, and management are all made simpler by structured information, which also defines and explains data.
- Metadata for a specific piece of data may comprise, among other things
- Date and time stamp for the data’s acquisition
- Username of the person who performed the analysis or test that produced the data
- Used instrumentation for data acquisition
- auditing tests
a safe, computer-generated electronic record with a time stamp that enables the reconstruction of the sequence of events leading to its creation, alteration, or destruction.
An audit trail is a timeline of a record’s “who, what, when, and why.”
Dynamic and static data
- Static Data: A paper record or an electronic picture are examples of static data records since they do not change over time.
- Dynamic Data: Records of data that let user interaction with them. For instance, a chromatographic record that enables the user to reprocess and alter the baseline
a secure replica of the original data that has been kept for the duration of the records retention term. The data must be in the backup file, together with any related metadata, and it must be in the original format or a format that is compatible with the original format.
Guidelines for Obtaining Data Integrity
Provide instruction and raise awareness
Every employee involved in a production floor operation has to get comprehensive data management training. The instruction must go beyond proper document use. It need to explain the rationale behind how the procedures are carried out. Include the following to improve training:
- Poor management has consequences for every given process.
- How even the slightest errors may develop into major issues
- Why verifications are crucial
- Why procedures should be adhered to
Establish safeguards against human mistake in processes and technology
- Have clear, concise, and well-defined SOPs. proper staff training on them.
- Keep audit trials so you can see exactly who visits a system, what login information was used, and when it was used. Investigating problems and addressing their causes will assist.
- periodically examine audit trials
- Keep audit documents on available to demonstrate to investigators that reviews are frequently undertaken by qualified experts.
- Make sure your SOPS include a procedure for notifying management of problems if they arise.
- Simplify SOPs, educate personnel on all instructions, and evaluate the results of these actions.
Procedural controls to be set
Integrate administrative and procedural controls into your main line of business. It should be composed of a number of papers, such as written instructions, instruction manuals, record-keeping and review procedures, audits, and self-inspections of regulating procedures.
Establish technical controls
- Establish security measures to secure information systems, including passwords, operating system or application software access controls, network protocols, intrusion detection systems and firewalls, encryption technologies, network traffic flow controllers, etc.
- Put the proper technological safeguards in your goods for each of the three stages: data at rest, data in motion, and data in use.
- Establish a culture of honesty
- Encourage workers to think critically and differently by recognising their accomplishments.
Document controls settings
No information should be entered on unauthorised forms, notepads, or unrestricted media. The SOPs for excellent documentation procedures must include a statement of this policy.
- Worksheets and lab notebooks have to be distributed by the quality unit.
- It is not advisable to distribute system user accounts, particularly those with data manipulation capabilities.
- Maintaining a central library will reduce hazards of duplication, such as duplicate copies of paper documents, numerous copies of databases and spreadsheets, and so on.
- Verify the operation of verification controls by conducting an audit of electronic systems.
- Make that the archiving procedures preserve and guard against data loss.
- Regularly create electronic data backups and maintain them in accordance with GMP regulations.
- One line should be drawn across the incorrect entry. Record the adjustment, initial it, and note the date along with the justification. Justify and support any data deletions. B’B’ 212.50(a), 212.50(b), 212.70(f)(1)(vi), and 211.194.
- accurately, totally, and honestly enter data
- During their retention periods, securely store data, documents, and backups. Whenever required, restrict access and utilize fireproof storage.