The time has come for us to talk about the Data Integrity elephant in the GMP room. Despite Data Integrity being a hot topic in industry for the past 5 years, it continues to attract a lot of attention – the constant discussion generating more questions than answers, and creating confusion over what does and what doesn’t qualify as a breach.
When the regulatory authorities are off site, they have to believe that each organisation will do the right thing when they aren’t being watched. However, recent FDA reports indicate that this trust might be a little misplaced as later audits have revealed some old issues which are still floating around industry, such as:
- Testing into compliance
- Data manipulation
- Data deletion/record destruction
- Disregarding failing and/or questionable results
All of the above are textbook examples of bad practices which can lead to breaches in Data Integrity. The recurrence of these issues also explains why Data Integrity remains one of the most important and relevant topics in industry, as well as high up on the regulator’s checklist globally.
Let me present a scenario: An operator realises that they forgot to record a mixing time in a batch record. Would this count as a Data Integrity issue, and are they in trouble?
The answer is: well it all depends! What was the immediate action after the operator realised they had this issue? What was the time frame? What did they do? Who was notified? What is the risk to the product? Was a subsequent CAPA raised?
Not everything is a Data Integrity issue especially if it is handled in an appropriate manner!
There are also many myths surrounding Data Integrity which can become ingrained in company culture and make issues harder to fix later down the line (you may even have heard a few of these):
- If it happens in the QC laboratory it’s only a QC issue.
- It’s not a Data Integrity issue if it’s only seen in HPLC or GC equipment.
- Only the person who made the error is responsible for its occurrence.
- It’s not a Data Integrity issue if only one system is affected.
- Senior and corporate management are not responsible for any Data Integrity issues as they aren’t directly involved in the day to day activities and weren’t aware that it was going on.
Data Integrity issues extend well beyond the laboratory and it is the responsibility of all staff to know what the Data Integrity risks are in their organisation and to be involved in mitigating those risks. It is advisable to go back and re-examine your processes and look for potential Data Integrity issues before they become inherent, for example:
- Are your audit trails turned off?
- Do your audit trails even exist?
- Do analysts have access permissions which would allow them to delete lab results from test instruments?
- Are operators recording data in real time?
- Are samples re-tested without justification?
- Are HPLC test injections being run prior to the sample run?
These are just a few of the things you need to consider. With Data Integrity deviations ranked first on the list of recent FDA warning letters, there is no better time than now to conduct your Data Integrity “health check.” Use the free PharmOut data integrity checklist to get you started.
If you’d like to learn more about DI, PharmOut also provides Data Integrity training events in Melbourne, Sydney, Adelaide and Brisbane, click here to find out more.
To read more on data integrity check out our related blogs below: