Surprised man

US FDA continue to find Data Integrity violations

Within the last 30 days, the US FDA released two new Warning Letters and yes-you guessed it, all contain data integrity violations. Lets look them below:

Falsifying test data from a stability batch

The latest Warning Letter is to an API manufacturer who acknowledged to the inspector during the inspection that a laboratory analyst substituted a reference standard chromatogram in place of a 12-month stability sample. These stability results were submitted to the US FDA to support a drug master file.

The firm indicated that this issue was discovered by management at the 24 month interval, but to them, this was not an issue for the quality of the batch as the 24 and 36 month stability results met specifications. The Warning Letter indicates that the extent of data falsification issue was not addressed.

Failure of Data Integrity controls

The Warning Letter goes on to indicate other failures to prevent unauthorised access or changes to data and also failures to provide adequate controls to prevent manipulation and omission of data. It states:

“Multiple analysts, testing multiple drugs, deleted unknown peaks without justification. These manipulations made the drugs appear to meet their specifications. Of concern, one of these unknown peaks was for a residual solvent known to be a genotoxic impurity”.


Data Integrity remediation

As a result, the US FDA seeks Data Integrity Remediation plan. Their request includes:

  1. A comprehensive investigation of all systems as well as interviews by a qualified third party of current and former employees “to identify the nature, scope, and root cause of data inaccuracies”.
  2. A current risk assessment of the potential effect of the failed results “and should include analyses of the risks to patients caused by the release of drugs affected by a lapse in data integrity, and risks posed by ongoing operations”.
  3. A management strategy that should include:
  • The detailed corrective action plan with “a comprehensive description of the root causes of the DI lapses”.
  • Interim measures to protect patients should include “notifying customers, recalling product, conducting additional testing, adding lots to your stability programs to assure stability, drug application actions, and enhanced complaint monitoring”.
  • Long-term measures “describing any remediation efforts and enhancements to procedures, processes, methods, controls, systems, management oversight, and human resources (e.g., training, staffing improvements) designed to ensure the integrity of data”.


 No controls for computerised systems

The second Warning Letter was also issued to an API Manufacturer. In this one, the investigator observed the sharing of system usernames and passwords of laboratory equipment. This allows “electronic data to manipulation and/or deletion without traceability“. Selected data was also copied from systems hard drives to CDs before drives were wiped to free up space. This was conducted without supervision and checks of data and audit trails before deletion.

The US FDA recommended that the firm investigate their review and retention procedures and provide an interim plan for reviewing and retaining data while in the process of implementing access controls and audit trail capabilities.

How to prevent these Data Integrity issues?

In a previous blog, Trevor Schoerie discussed the need to remove the Means, Opportunity and Motives for personnel (analysts in this case) to commit DI violations. Trevor suggests that when reviewing and designing a process which generates critical data, you should try to design people out of the process. GMP requires a continuous improvement culture, so you should routinely critically examine all your business processes, not only for business risk and process efficiency, but also to remove data integrity violation opportunities.

A great place to start if you are concerned that your company may have DI concerns is the recent Parenteral Drug Association (PDA) “Points to Consider” document. I have summarised its usefulness in a recent blog, so please feel free to share your thoughts if you have read this document.

Why not come to the 2016 GMP & Validation Forum in Melbourne on the 11th and 12th of July and discuss Data Integrity with us?

Read more on warning letters here and here.