At the MHRA Blog, a GDP Inspector has posted some thoughts on Data Integrity. As always, it is valuable to read what an agency, or a representative, of an agency in this case, is thinking.
The post starts with a very good point, that I think needs to be continually reiterated. Data Integrity is not new, it is just an evolution of the best practices.
It is good to see a focus on data integrity from this perspective. Too often we see a focus on the GCP and GMP side, so bringing distribution into the discussion should remind everyone that:
- Data Integrity oversight and governance is inclusive of;
- All aspects of the product lifecycle
- All aspects of the GxP regulated data lifecycle, which begins at the time of creation to the point of use and extends throughout its storage (retention), archival, retrieval, and eventual disposal.
Posts like this should also remind folks that data integrity is still an evolving topic, and we should expect more guidance from the agencies from this in the near future. Make sure you are keeping data integrity in your sites and have a process in place to evaluate and improve.
I recommend starting at the beginning, analyzing the health of your current program and doing a SWOT.
Data integrity has been, for the last few years, one of the hot topics of regulatory agency inspections for the last few years, one that it has often been noticed seems to be, at times, a popular umbrella for a wide variety of related topics (that usually have a variety of root causes).
Data Integrity is an interesting grab bag because it involves both paper and electronic data. While some of the principles overlap, it sometimes can seem nebulous, Luckily, the MHRA recently published a final guidance on GXP Data Integrity that ties together several threads. This is a great reference document that lays out some key principles:
- Organizational culture should drive ALCOA
- Data governance is part of the management review process
- Data Risk Assessments with appropriate mitigations (full risk management approach)
I love the snarky comment about ALCOA+. More guidances should be this snarky.
The FDA so far this year has been issuing warning letters and 483s in more traditional GMP areas, such as testing and validation. It will be curious if this lessening of focus in a subtle shift in inspection, or just the result of the sites inspected. Either way, building data integrity into your quality systems is a good thing.
Processes and tools for the prevention, detection, analysis, reporting, tracking and remediation of noncompliance to data integrity principles should be integrated into the Quality Management System to:
- Prevention of data integrity issues through governance, training, organizational controls, processes, systems underlying and supporting data integrity.
- Detection of data integrity issues through leveraging existing Quality Systems, tools and personnel.
- Remediation of data integrity issues through leveraging existing Quality Systems that identify and track implementation of corrective/preventive action(s).
Some ways to integrate includes:
- Data integrity training for all employees
- Include as an aspect of audits and self-inspections
- Controls in place to ensure good documentation practices
- good validation practices
- Computer system lifecycle management (include audit trail reviews)
- Ensure your root cause investigators and CAPA people are trained on data integrity
- Data integrity as a critical decision point in change management
Data integrity, like many other aspects of a quality culture, are mindsets and tools that are applied throughout the organization. There really isn’t a single project or fix. By applying data integrity principles regularly and consistently you build and ensure. A such, data integrity is really just an affirmation of good quality principles.