Siegfried Schmitt offers some steps that manufacturing companies can take to ensure data integrity.
In general, media tend to report on the most serious data integrity violations uncovered by regulators. Often when companies find similar issues through their own internal investigations, they remain confidential and unreported. It would, therefore, be presumptuous to assume violations reported on by the press are representative of the industry as a whole.
What inspections have triggered, however, is increased attention toward potential data integrity issues lurking across the industry. Few companies would have data integrity verification activities integrated into their quality oversight programs before these examples of serious violations of healthcare regulations became public knowledge in the form of warning letters, consent decrees, or reports in the European EudraGMDP database.
Conscientious companies have taken these potential data integrity issues seriously by starting internal investigations, incorporating data integrity assessments into their quality assurance oversight programs, and in some cases, establishing a special data integrity office. Companies — even those in good standing with regulators — have initiated such activities regardless of existing or anticipated compliance concerns.
The question is: what have these internal investigations uncovered, if anything? The answer, surprisingly, is that they have uncovered a significant amount.
Once you start studying analytical data, root cause analyses, logbooks, and any other data source, gaps are repeatedly found in data traceability and trustworthiness.
A few data-related issues include: uncertainty where the data originated from and who created it (e.g., where several analysts use the same user ID and password on a set of similar instruments); which raw information produced the reported data (e.g., where a summary table reports stability data results, but all raw data on the chromatography instrument have since been deleted); and whether these are the original data (e.g., where there is no audit trail on the analytical instrument). These issues are not necessarily the result of willful malpractice, but are often caused by insufficiently controlled processes, poor documentation practices, suboptimal quality oversight, and often enough, professional ignorance.
Occasionally people do intentionally falsify data. This is unfortunate but, thankfully, still a rarity.
The following are some steps companies should take to ensure data integrity:
- Embed data integrity verification activities into internal audit processes.
- Create awareness among staff so they can assist with this endeavor, and report concerns before they become full-fledged issues.
- Train internal auditors to understand what to look for when detecting data integrity deficiencies.
- Seek external support to assure completely unbiased, third-party investigations and/or to enhance your internal investigation program.
- It should come as no surprise that companies already struggling to meet basic compliance standards are at a disadvantage when it comes to data integrity. Making data integrity a key element of a compliance approach, however, will give the company a competitive advantage. It is always better to proactively prevent issues, such as data integrity failures, to occur, than trying to remediate and resolve inspection findings. Compliance excellence makes good business sense.
Siegfried Schmitt is Principal Consultant, PAREXEL International.
For the full version of this article, click on to Pharmaceutical Technology.