Version 1.6.1
David Trew
Consulting Ltd
2 Fundamentals of Data Integrity
The enduring assets of an organisation’s operations are the records that document those activities. These records are often used to support critical decisions, such as:
Regarding the quality of medical products for release into commercial distribution, which could affect the health of patients
In support of national or international trade
Concerning the safety of using chemical substances in consumer products, or
Regarding prosecution of criminals
The reliability and trustworthiness if those records are of paramount importance.
In addition, if records are used to perform a regulatory function, they are considered to be legal documents. Falsification of, or even wrongly making changes to, such records can be considered criminal acts, and could result in criminal exposure for the person performing those acts11.
For records to be considered reliable and trustworthy they must comply with the following fundamental attributes: Legible, Attributable, Contemporaneous, Original, Accurate, Complete, Consistent, Indelible and Available. In addition, it is submitted that verifiable is also a fundamental requirement.
2.1 Legible and understandable
A record that cannot be read or understood has no value and might as well not exist. All records should be composed so they conform to grammatical convention which should be consistent throughout. It is best to avoid buzzwords, cliques and slang as these are prone to change with time and are often not understood outside a particular locality. It is always good practice to have any record reviewed by a second person as this can often highlight any ambiguities.
2.2 Attributable
All data generated or collected and records must be attributable to the person generating the data or making the record. This should include who performed an action or created a record and when the activity was performed or the record created. For paper records this is normally done by the individual signing and dating the record with their signature. For electronic records, each user must have an individual account for their exclusive use. Access controls must be implemented which prevent access to anyone other than the authorised user. The use of computer accounts by anyone other than their authorised users will undermine the ability of the organisation to attribute a record to its originator. In addition, it could also be considered fraud and my result in criminal exposure.
As the records being signed may be legal documents, it is critically important that signers clearly understand the meaning of, and implications associated with their signatures. A signature, whether it is a traditional handwritten signature or an electronic signature, should be individual to a specific individual and the practice of signing someone else’s name or initials is fraud, and is taken very seriously.
2.3 Contemporaneous
Contemporaneous means to record the result, measurement or data at the time the work is performed. Delaying writing up, for example until the end of the day, will inevitably affect the accuracy of that record as details can be forgotten or miss-
2.4 Original
All records must be original; information must be recorded directly onto the document or entered directly into the computer system. This avoids the potential of introducing errors in transcribing information between documents. If information from a computer system is printed out, that printout should be signed, dated and attached to the record. However, the electronic record is the original record.
2.5 Accurate
The record must reflect what actually happened. Any changes should be made without obscuring or obliterating the original information, the use of whiteout or correction fluid is prohibited. Any changes made to a record should be signed by the person making the change and dated to show when it was made and a written explanation should also be provided.
Remember, the record may be needed after you have left the company and cannot be contacted for clarification.
2.6 Complete
The record must contain all information associated with the analysis of the sample, including system suitability tests, injection sequences, processing methods, sample preparation procedures and results. This must also include any reinjections or repeat analysis performed on the sample. Remember the position of the regulatory authorities for something that needs to be done is – ‘if it isn’t documented it’s a rumour’. However, failing to disclose reanalysis or reinjection of samples will undermine confidence in the reliability of the records.
2.7 Consistent
Consistency in this context refers to the sequence of the component events, which the analytical method comprises, being performed in a logical order. For example, it is not possible to commence a HPLC run before the samples have been prepared, therefore the balance printout for the sample weights should be date/time stamped prior to the sample injection time. Therefore, all date/time stamps should be in the expected sequence.
In order to avoid confusion in this respect, it is worth ensuring all instruments that produce date/time stamped printouts are synchronised. This is best done by reference to a standard reference time, such as a national online time server.
2.8 Indelible
Indelible means the record must be legible for the lifetime of the record and once it has been made it cannot be removed.
Hand written entries of information should be made in ink and not pencil which can be erased.
If printouts are made on thermal paper, which darkens with time, a photocopy should be made; this should be certified as an accurate copy of the original print and attached
If print outs are attached to a page they should be
Secured to the page as specified in your laboratory’s SOPs
Signed and dated across the attachment and the page
Annotated with a reference to the document
2.9 Available
All records should be available for inspection, audit and review for the lifetime of the document. If a document is requested during a regulatory audit, it should be produced within thirty minutes. Therefore, the laboratory should establish an easy to reference archive system. Records should be archived so as to preserve their integrity, such as
Secure facility with restricted access
Effective fire suppression
Protection from dampness or humidity
Controlled access to Document
2.10 Verifiable
In the current data integrity environment, it is not sufficient to have reliable and trustworthy data, you must be able to convince a sceptical audience of regulators and other stakeholders of the integrity of your data. It is therefore, critical to establish mechanisms whereby the fundamental attributes, discussed above, can be verified. This includes capturing metadata, such as an audit trail, which clearly establishes when the record was created and who created it. It addition, it is also critical to establish that the data retains its original content. If changes have been made then the audit trail should capture who made the change, when the change was made and why the change was made. When entering an explanation for a change it is important to provide a meaningful explanation. Words like update, revision or correction do not convey any useful explanation. It is important to explain why the update, revision or correction was made.
Page
Page
PDF
PDF