Professional Documents
Culture Documents
1. Objective
To lay down procedure for data integrity as part of quality management system.
To establish guidelines and procedures to ensure data integrity in regulatory
activities.
To prevent unauthorized access, loss, alteration, or falsification of data
throughout the regulatory processes, including data generation,
collection, analysis, and reporting. Adherence to data integrity principles
is essential to maintain regulatory compliance and ensure the reliability
and trust worthiness of submitted data
2. SCOPE
This procedure is applicable for all the data associated with GxP and quality
management system.
Applied to all personnel involved in regulatory activities, including data generation,
collection, analysis, and reporting.
It covers both electronic and paper-based data and encompasses all regulatory
functions, such as clinical trials, product registration, post-marketing surveillance,
and quality management.
3. DEFINITIONS
GxP: Common terms used for multiple practices defined by regulatory agencies (e.g.
Good Manufacturing Practices, Good Laboratory Practices (GLP), Good Clinical
Practices (GCP) etc.)
Complete: The data must be whole; a complete set
Consistent: The data must be self-consistent
Enduring: Durable; lasting throughout the data lifecycle
Audit Trial: An audit trail is a chronology of the “who, what, when, and why” of a
record and exists in paper and/or electronic formats. The audit trail is a
form of metadata containing information associated with actions that
relate to the creation, modification or deletion of GXP records. An audit
trail provides for secure recording of life-cycle details such as creation,
additions, deletions or alterations of information in a record, either paper
or electronic, without obscuring or overwriting the original record.
Data: The information derived or obtained from raw data and generated as
Standard Operating Procedure
Document Title Data Integrity Page 2 of 7
Review:Regularreviewsandauditsofdataintegritypracticesmustbeconductedto identify
and address potential vulnerabilities or areas for improvement.
Training:Personnelinvolvedindatagenerationandprocessingmustreceiveadequate
training on data integrity principles and procedures.
4. RESPONSIBILTIES
Standard Operating Procedure
Document Title Data Integrity Page 3 of 7
Providetrainingtopersonnelondataintegrityprinciples,includin
gdataentry,handling, and storage practices.
Conductperiodicawarenessprogramstoreinforcetheimportanc
eofdataintegrityand regulatory compliance.
Standard Operating Procedure
Document Title Data Integrity Page 4 of 7
Dataintegrityisapplicableforbothmanualrecording(paper)a
ndautomatedsystem (electronic).
Sufficienttrainingshallbeimpartedtoallconcernpers
onnelondataintegrity. Completeness, consistency and
accuracy of data should be ensured.
Anydataintegrityidentifiedshallbehandledasperqualityma
nagementsystemand risk assessment shall be performed
wherever applicable. Appropriate corrective
andpreventiveaction shallbetaken.
FalsificationofGxPrecordsordatashallresultindisciplinary actions.
Thegenerationorprocessingofdatashallfollowalogicalandseq
uentialapplicationof date and time.
Datashallbeattributable
(persongeneratedormodifiedthedata),legible(readableand
permanent), contemporaneous (data recording at the time of
activity), original (true copy) and accurate (error free).
Additionally, data should be complete, consistent, enduring and
should be readily available and accessible throughout the life-
cycle of data.
Dataverificationandapprovalshallbedocumentedandshal
lincludethereviewof raw data and metadata (metadata- data
generated about data, e.g. audit trail).
Audittrailshallbereviewedaspartofroutinedatareview/
approvalprocess.Any abnormalities identified during
review shall be handled appropriately.
Data recording on behalf of others should be avoided
and if unavoidable, appropriate justification (e.g.
language/literacy limitations, documenting line
interventionsbysterileoperators)shallbegivenwithtraceabilit
yofbothpersons performing the task and person completing
the record.All recording shall be contemporaneous.
Standard Operating Procedure
Document Title Data Integrity Page 5 of 7
Clocksfortimerecordingshouldbecontrolledandsynchroni
zed.Timezonesshould be specified where data is used.
Datageneratedduringmaintenanceorsuitabilit
ytestingactivityshallbe documented and retained.
Thereshouldbetraceabilityofdatareprocessingormodif
icationi.e.traceability from final result to original raw data
is required.
Equipment(e.g.pHmeter,balances)thatprovidesonlyprinteddataoutput, then
printoutshallconstitutetherawdata.Equipment
thatstoresthedatapermanentlyand only holds certain volume, the data
should be extracted as electronic data.
Errorsorinconsistencyidentifiedduringthedatareview,t
hereviewermust obtain clarification from the recorder
and correction shall be made after appropriate
justification.
Anymodification inelectronicorpaper-baseddatashallbeattributable.
Datashouldbeexcludedbasedonvalidscientificjustificat
iononly.Alldata(even if excluded) shall be retained with
original data set.
Thereshallbereconciliationofissuedpages,worksheet
s,logbooks,notebooks and printouts wherever
applicable.
Originaldatashallbemaintainedasperdocumentret
entionpolicyandshall be destroyed as per policy.
Computersystemandsoftwarefordataprocessingshall
bevalidatedbasedon usage wherever applicable.
Electronicsignatureshouldbesecuredanditcanbeappliedbythe‘owner’ of
thesignatureonly.Electronicsignaturemustprovidetraceabilityofsig
natoryanddate of signature along with meaning of signature (e.g.
reviewed or approved).
Standard Operating Procedure
Document Title Data Integrity Page 6 of 7
Systemusersshallbegivenaccessaspertheirrolesand
responsibilities.User access rights shall prevent
unauthorized data amendments.
Datamigration/
transfershallbevalidatedwhereverapplicabletoensuredataintegrity
is maintained throughout the data life-cycle.
Anyrightstoalterthefilesandsettingshallbegiventopersonnelfrom
independentdepartmentordifferentfromuserdepartment.
Loginshouldnotbesharedamongindividuals.Ifunavoidable,appro
priatejustificationand documentation should be in place
Databackupshouldbeperformed routinely.
Databackupandrecoveryprocessmustbeappropriatelyvalidatedtoavoi
danyalteration during backup and recovery process.
Recordsshallberetained inamannerthattheycannotbemodifiedordeleted
without traceability.
6. ProcessFlow chart
7. SafetyRequirements:
Standard Operating Procedure
Document Title Data Integrity Page 7 of 7
N/A
8. REFERENCES
MHRAGXPDataIntegrityGuidanceandDefinitions;Revision1:March2018
GoodPracticesforDataManagementandIntegrity
inRegulatedGMP/GDP Environments – PIC/S;
PI041-1(draft 2); August 2016