Version 1.6.1
David Trew
Consulting Ltd
The World Health Organisation has identified some principles for assuring the integrity of data and records with will be discussed here. Good management data and records are critical components of a pharmaceutical quality management system (QMS). A systematic approach will provide a high level of assurance that all GxP records and data are accurate, consistent, trustworthy and reliable throughout their lifecycle. The QMS should include policies and procedures that address the following general principles of a good data management program.
The data and record management program must assure robust control of data validity of both paper and electronic data and records. Reverting from an automated or computerized to manual or paper-
These principles apply to parties to a contract. However, it is the purchasers, clients or users who are ultimately responsible for the robustness of all decisions made on the basis of GxP data, including those that are made on the basis of data provided to them by the party preforming the services or providing the data under the terms of a contract. Purchasers, clients or users should therefore perform due diligence to assure themselves that the service provider has appropriate programmes in place to ensure the trustworthiness and reliability of the data provided.
Good documentation practices (GDP) should be followed to ensure all records, both paper and electronic as this allows for the full reconstruction of the related activities. In addition, GDP ensures that robust decisions are made based on reliable and complete data sets.
To establish a robust and sustainable good data management system it is important that senior management ensure that appropriate data management programmes are in place.
The critical components of an effective management program should include:
The application of modern quality risk management principles and good data management principles to the current quality management system to integrate those elements that assure the reliability of data. This could include monitoring the risks associated with data integrity and applying appropriate quality metrics. This can provide management with the necessary oversight for good decision making that will reduce the risks of data integrity failures.
Personnel must be free of any commercial, political, financial and other pressures or incentives that may adversely affect the quality and integrity of their work;
There must be adequate human and technical resources allocated to avoid excessive workload and pressures on those who are responsible for generating data and for keeping records, which may increase errors;
Staff must be made aware of the importance of their roles in ensuring data integrity, and the importance of these activities in assuring product quality and protecting patient safety.
A quality, no blame, culture should be established and maintained in the working environment. This minimises the risk of non-
An essential component of this is the transparent and open reporting of all deviations, errors, omissions and aberrant results at all levels of the organisation. Steps should be taken to prevent, detect and correct weaknesses that are identified with systems and procedures that may lead to data errors. In addition, this will also lead to improved decision making processes.
In the current quality environment, the resources allocated to controlling the reliability and trustworthiness of data and records should be consummate with the assessed risks associated with a lack of integrity for the particular data or records. Risk assessment tools, such a Failure Mode and Effects Analysis (FEMA), can be applied to evaluating the risks associated with a failure in data integrity
Robust decision making processes that rely on valid and complete data, must be supported by effective quality risk management systems, and also by the application of sound scientific and statistical principles. For example, the scientific principle of being an objective, unbiased observer regarding the outcome of a sample analysis. This requires that any suspect results must be first be investigated in a though, timely and unbiased manner. A suspect result should only be rejected if there is convincing evidence that clearly identifies a cause. Good data and record-
There are many potential lifecycles that particular data or records could be subject to. Often this will depend on the nature of the data or record. From a data integrity perspective, it is necessary to define data lifecycles and then identify the risks to data integrity at each stage during that lifecycle. A lifecycle management plan can then be developed to manage and control those risks
In addition, to ensure that the organisation, assimilation and analysis of data and its subsequent transformation into information that facilitates evidence based and reliable decision-
Record-
Identifying an appropriate time standard and restricting access to changing clocks for recording timed events;
Ensuring batch records are accessible at locations where activities take place, so that ad hoc data recording and later transcription to official records is not necessary;
Controlling the issuance of blank paper templates for data recording so that all printed forms can be reconciled and accounted for;
Restricting user access rights to automated systems in order to prevent changes being made to both data and audit trails;
Ensuring automated data capture or printers are attached to equipment such as balances;
Ensuring proximity of printers to relevant activities;
Ensuring ease of access to locations for sampling points (e.g. Sampling points for water systems) such that the temptation to take shortcuts or falsify samples is minimized;
Ensuring access to original electronic data for staff performing data checking activities.
The systems implemented and maintained for both paper and electronic record-
There can be little doubt that, in a regulated or accredited environment, issues with the reliability and trustworthiness of laboratory data and records can have extremely serious consequences for the laboratory’s customers, management and staff. In light of this it is vital that everyone working in a regulated or accredited environment that creates records or data must understands the principles and fundamentals of good data integrity practice, which have been discussed in this paper.
However, understanding the principles and fundamentals of good data integrity practice is insufficient on its own to assure the reliability and trustworthiness of records and data. In addition, staff and, in particular, management must also be able to apply these principles and fundaments and develop management strategies to assure the integrity of records and data. This will be the subject of the second paper in this series.
1. MHRA, MHRA GMP Data Integrity Definitions and Guidance for Industry, Mar 2015, http://www.cyclonepharma.com/Guideline/MHRA.pdf, Accessed 28 Jun 2017,
2. MHRA, MHRA GMP Data Integrity Definitions and Guidance for Industry – Consultation Document, Jul 2016, https://www.gov.uk/government/news/mhra-
3. FDA, Data Integrity and Compliance with CGMP Guidance for Industry, Draft Guidance, Apr 2016, https://www.fda.gov/downloads/drugs/guidances/ucm495891.pdf, Accessed 28 Jun 2017
4. WHO, Guidance on Good Data and Record Management Practices, Draft Guidance, Sep 2015, http://www.who.int/medicines/areas/quality_safety/quality_assurance/Guidance-
5. PIC/S, Good Practices for Data Management and Integrity in Regulated GMP/GDP Environments, Draft Guidance Aug 2016, https://picscheme.org/en/news?itemid=33, Accessed 28 Jun 2017
6. R.D. McDowall, FDA’s Focus on Laboratory Data Integrity – Part 1, http://www.scientificcomputing.com/article/2013/09/fda%E2%80%99s-
7. FDA, Warning Letter WL: 320-
8. R.D. McDowall, FDA’s Focus on Laboratory Data Integrity – Part 2, http://www.scientificcomputing.com/article/2013/09/fda%E2%80%99s-
9. US District Court for the District of Maryland, 25th January 2012, Ranbaxy Inc. and named individuals, Consent Decree of Permanent Injunction, Civil Action number JFM12CV0250
10. R.D. McDowall, Ensuring Data Integrity in a Regulated Environment, http://www.scientificcomputing.com/article/2011/05/ensuring-
11. P. Smith, Data Integrity in the Analytical Laboratory, Pharma. Tech., 2014, 38, (5) 58 – 60, http://www.pharmtech.com/data-
Page
Page