Version 1.6.1
David Trew
Consulting Ltd
Data Integrity in Regulated and Accredited Environments
Part 1: Fundamentals and Principles
Dr David Trew BSc(Hons), PhD, CChem MRSC
1 Introduction
It is a fundamental expectation and requirement that all scientific data and records are both reliable and trustworthy. When the data are used to make decisions concerning the health and safety of individuals, the quality of the environment, to support national and international trade, the detection of crime and the prosecution of offenders, the reliability and trustworthiness of those records is of critical importance.
In the heavily regulated pharmaceutical and healthcare sector, the integrity of manufacturing records and laboratory quality control testing continues to attract considerable regulatory scrutiny. The issue of unreliable manufacturing and testing records in the pharmaceutical industry was first identified in 2005 when US generic drug manufacturer Abel Laboratories was found by the US Food and Drug Administration (FDA) to have routinely resampled, re-
Able Laboratories was forced to suspend production of, and recall all of its products from the market. With no production and no products, it was able to sell, the company’s value fell by over 85 %, and by the end of 2005 the company had sold its assets to Sun Pharmaceuticals.
Since the Able Laboratories scandal the integrity of manufacturing records and laboratory testing data has continued to attract increasing scrutiny from the regulatory authorities and other stakeholders in the pharmaceuticals and life sciences sectors. More recently, Indian generic drug manufacturer Ranbaxy entered in to a consent decree with the FDA in January 2012.
The regulated pharmaceutical and life sciences sectors are not the only industries to experience scandals over fabricated records and data. For example, the accredited forensic analysis sector has been rocked by misconduct. In 2012 confidence in the entire Massachusetts judicial system was compromised when Annie Dookham, an analytical chemist working in the Massachusetts Forensic Drug Laboratory, analysing samples of seized drugs in criminal court cases, was discovered to have falsified the test results in samples for up to 40000 criminal drugs cases over a ten-
Some of the regulatory authorities have published guidelines which elucidate their current thinking and expectations regarding the systems companies should have in place. These systems should be able to provide a high level of confidence that the data and records being used to make decisions concerning the quality of regulated products are reliable and trustworthy.
The United Kingdom Medicines and Healthcare Regulatory Authority published guidelines titled “MHRA GMP Data Integrity Definitions and Guidance for Industry”1 in March 2015, and issued an undated version2 as a consultation document in July 2016. In September 2015 the World Health Organisation published a draft “Guidance on Good Data and Record Management Practices”3. In addition, in April 2016 the FDA published a draft Guidance for Industry titled “Data Integrity and Compliance with CGMP”4. All of these guidelines advocate accurate, legible, contemporaneous, original and attributable, as fundamental requirements for achieving comprehensive data integrity. The Pharmaceutical Inspection Cooperation Scheme has also published a draft document “Good Practices for Data Management and Integrity in Regulated GMP/GDP Environments”5.
In addition to the guidance documents published by the regulatory agencies a number of articles have also been published addressing different topics. In the first part of a two-
Human errors when incorrect data is entered by mistake (an uncorrected fat finger moment), stupidity (not being aware of regulatory requirements or poor training) or wilfully (falsification or fraud with the intent to deceive)
Selection of good or passing results to the exclusion of those that are poor or failing
Unauthorized changes to data made post-
Errors that occur when data is transmitted from one computer to another
Changes to data through software bugs or malware of which the user is not aware
Hardware malfunctions, such as disk crashes
Changes in technology, where one item is replaced when it becomes obsolete or no longer supported, making old records unreadable or inaccessible
This paper also discusses potential data integrity issues associated with chromatographic data systems (CDS) and discusses the deficiencies found during an inspection at Indian drug manufacturer RPS Life Sciences7. It is noted that all FDA inspectors have received training in data integrity. Also instead of looking at paper printouts, inspectors now look at the electronic records created by the CDS, and will request to be taken through the analysis and audit trails. It is also important to understand that it is the electronic records that are considered to be the data, not the paper printouts.
The second part of this article8 discusses the Consent Decree9 between Ranbaxy Laboratories and the US Food and Drugs Administration. The principle elements of this Consent Decree are:
- A requirement to establish an Office of Data Reliability in the US that is responsible for conducting audits of submissions to ensure integrity of data, including that from Quality Control.
- The Data Reliability Office must be headed by a Chief Data Reliability Officer (CDRO) who reports to the Managing Director (MD) of Ranbaxy Laboratories.
- One of the principle responsibilities of the CDRO is to recommend to the MD that specific staff members be disciplined or terminated for data manipulation, or that regulatory submissions should be withdrawn due to falsification of data.
- All existing drug applications are to be reviewed by a Data Integrity Expert to identify any falsified data.
- The audit trails need to be reviewed by the CDRO to identify data irregularities and whether these impact the integrity of the application.
- To establish a global toll-
free number, publicized by the company to all employees, to allow staff members to raise concerns anonymously about working policies and practices that are non- compliant. This is intended to allow staff in the Data Reliability Office to pursue issues to determine if they are true or not and identify individuals who promoted the falsification activities. - In addition, the company must engage an independent GMP auditor for five years to conduct compliance audits at specified Ranbaxy sites, reports from these audits are to be submitted to Ranbaxy management and the FDA.
In addition, Ranbaxy also paid a record breaking $500 million fine. This clearly demonstrates that complying with the regulations is a much more cost effective strategy than taking short cuts or seeking to conceal test results that do not show your products conform to specifications, and then having to cover the costs associated with remediation.
In an earlier article10 published in 2011 McDowall suggests the following ten areas are essential for ensuring the integrity of records created by chromatographic data systems:
1. Identify each user uniquely
2. Implement adequate password controls
3. Establish different user roles / access privileges
4. Establish and maintain a list of current and historical users
5. Control changes to the system
6. Use only trained staff to operate the system
7. Understand predicate rules for laboratory records
8. Define and document e-
9. Review the audit trails for each run
10. Back the system up regularly
Smith11 has discussed the potential data integrity issues associated the use of Fourier transform infra-
The current paper is the first part of an ongoing series which will discuss data integrity in regulated and accredited environments. Part one of this series will present a discussion of the fundamentals and principles of assuring data integrity. The second part will discuss strategies for establishing systems to manage the integrity of laboratory data and records in regulated and accredited environments.
Page
Page
PDF
PDF