“We highly recommend that you hire a third party auditor, with experience in detecting data integrity problems, to assist you with this evaluation…”
This is a quote from a warning letter from the FDA. In it, the FDA recommends hiring an independent auditor with experience in data integrity. This step would help the company ensure compliance with data integrity in their processes.
In other warning letters about FDA inspections or in inspection reports from other authorities, you will always find critical deviations that concern the issue of data integrity. And this does not only affect companies in India and China, but also European companies.
The consequences of these deviations are manifested in production shutdowns and product recalls, import restrictions or halted drug approvals, and can be seen in the following examples.
The Indian company GVK Biosciences performs clinical trials for pharmaceutical companies. During an inspection in 2014 the French Medicines Agency found numerous errors in the documentation of the trials. These clinical trials were the basis for numerous generic drugs within the European Union. In Germany alone, these errors have resulted in the suspension of market approval for many drugs.
Stallergenes is a French company that specializes in the diagnosis and treatment of allergies. At the Antony site near Paris, the system introduced a new ERP system in 2015. Mistakes in the implementation allowed inaccurate doses of drugs to enter the market. The French authorities stopped production at the plant in December 2015 and initiated the recall of all delivered products. On February 1, 2016, the company announced that production had resumed.
Due to critical inspection results, the FDA has imposed import restrictions on several companies from India and China.
Moreover, warning letters and negative inspection results also led to considerable damage to the reputations of the companies concerned.
Good data management is a critical success factor for a (pharmaceutical) quality management system. Data are used as a basis for decisions in the quality processes. Data serve as proof that the company meets the requirements of the authorities. The applicability of data in these processes largely depends on the integrity of the data. The WHO confirmed this statement in a September 2015 Draft Guideline entitled “Guidance on Good Data and Record Management Practices”.
The British authority (MHRA) said in a Guideline (“MHRA GMP Data Integrity Definitions and Guidance for Industry”) in March 2015 that data integrity is a fundamental requirement for a pharmaceutical quality management system.
The criteria for data integrity was summarized in the WHO document using the abbreviation “ALCOA” which stands for the following attributes: “Attributable,” “Legible,” “Contemporaneous,” “Original” and “Accurate”.
“Attributable” means that data can be assigned to a responsible source (person or system).
“Legible” means that during the legally required record retention periods, the data is available, readable and correctly interpretable.
“Contemporaneous” means that the data are recorded at the time at which they occur or are detected, and that the timing of data and actions will be recorded correctly.
“Original” means that the original record or a verified copy thereof is recorded.
“Accurate” means that the data is accurate, reliable and valid. For this, the monitoring of the data must be guaranteed over the entire life cycle of the data.
Computerized systems have a particularly critical impact on data integrity. The systems affected range from computer-aided test sites on Excel-based applications to complex IT systems such as Enterprise Resource Planning (ERP) systems and laboratory information management systems (LIMS).
In the validation of computerized systems, compliance with the principles of data integrity is a critical success factor. DHC’s process-oriented and risk-based validation method follows the requirements for data integrity.
In addition, we can assist in the review of your IT processes and systems with regard to the requirements for data integrity.
The starting point was the FDA’s requirement to ensure data integrity while using external support. An external consultant cannot create data integrity, but we can help to identify challenges in this area and to develop solutions.
In a joint workshop we can