PDA suggest "Code of Conduct" for Data Integrity
Data Integrity
The Parenteral Drug Association (PDA) recently released a free “Points to Consider” document to members that outlines a number of key elements that would make up a “Code of Conduct” for Data Integrity (DI) within the pharmaceutical Industry. The document was created as a result of collaboration of PDA members as part of a Data Integrity program and is not intended to be a regulatory standard, law or guidance.
If you are not a current PDA member, we strongly suggest that you join to get your hands on this great document and other great publications by the PDA. We have pulled out a few juicy bits from their document and discuss them here.
The topic of data integrity continues to get a lot of attention since the release of the MHRA Data Integrity Definitions Guide back in March 2015. Here in Australia, it was a hot topic for a PDA event in Melbourne that Trevor Schoerie presented at, and has led to various PharmOut blogs on Data Integrity since then.
Quality and Trust
The 14 page document outlines the many benefits that such a Code of Conduct might have if adopted by a pharma, biotech or medical device manufacturer, and their third party suppliers.
A Code of Conduct could aim to highlight and reinforce aspects of “quality and trust” when ensuring the reliability and integrity of information and data during the life cycle of a product. We have created a map of the elements suggested in the document, as shown in the figure below:
Ethical Conduct
Although most of the content of the Code of Conduct should already be inherently part of the Pharmaceutical Quality System, the document emphasises the importance of truth, trust in compliance and ethics. The document indicates that “Every employee has a duty to engage in conduct to ensure that all stakeholders can trust employee decisions that are based on data and information that are accurate, truthful and complete“.
Certification of Compliance to data integrity
One interesting suggestion in the document is that manufacturers could have employees produce an “annual certification statement” stating that during the past 12 months, the manufacturers own Code of Conduct for data integrity had been adhered to and incidents were reported correctly when a data integrity issue arose. I can see the benefits of continuously highlighting data integrity as an important matter, but that is what annual GMP refresher training is all about.
Documentation Control Systems
As data integrity is not just about electronic data, a Code of Conduct should suggest that notebooks and worksheets should also have the same level of oversight and that raw data should not be recorded on “unofficial forms, writing pads or other controlled media“. The document re-iterates the importance of Good Documentation Practices but again, puts the responsibility on employees to follow company procedures, laws and legalisation already in place. Also records, be it paper or electronic, shall be retained as originals or true copies, with the processes clearly defined within suitable documentation control systems.
Electronic system configuration, validation & maintenance
The core of this section of the document indicates that manufacturers should reflect practices and procedures for collecting, analysing, reporting and storing electronic data, with the appropriate security controls, audit trails and other items that form part of Annex 11: Computerised Systems from both the European Commission and PIC/S PE 009 and US FDA 21 CFR Part 11 Electronic Records; Electronic Signatures.
Auditing, Investigation and Disciplinary Action of data integrity issues
The Code of Conduct should re-iterate the need for an internal audit program that evaluates data integrity. The document also discusses how to deal with the “human” side of data integrity issues, which it defines as “Wrongful Acts“. Investigation when these Wrongful Acts occur may include the engagement of Human Resources and Legal Counsel, based on a written procedure for disciplinary action. When data integrity breaches occur that have an impact on a marketing authorisation or a released product for example, the appropriate regulatory authority must be contacted.
So what is key to avoiding data integrity issues?
What is evident through this suggested Code of Conduct is the need for trust in employees to follow procedures, for them to operate in an ethical and truthful manner, and for manufacturers to have these procedures in place and to continuously train their employees on them. Third party suppliers must also be aware of their responsibilities and these must be clearly defined in contracts and agreements, with data integrity also forming part of ongoing vendor/supplier programs.
Does your company have sufficient procedures in place to cover the content of this suggested Code or will you be using this document to further strengthen your data integrity program?
National GMP and Validation Forum
Following on from last year’s event, PharmOut will once again facilitate robust training sessions and open discussions on the above at the GMP and Validation Forum in Melbourne, Australia on the 11/12 July 2016. Last year, we were fortunate to have Sion Wynn, possibly the world’s expert in this area, and Australia’s own Data Integrity expert, Trevor Schoerie present on this subject.
This year promises to be another excellent event, covering the latest innovative industry trends. See you there.
