What is data integrity in Pharmaceutical industry?

•FDA reiterates, Adherence to the data integrity is must to ensure the cGMP
compliance.

• GMP is a system that assure the products are consistently produced and controlled
according to quality standards.

•The data integrity issues have been frontrunners for the USFDA to hammer Pharma
companies.

•The data integrity-related CGMP violations have led to several regulatory actions
including
-warning letters
-import alerts
-consent decrees.
•USFDA gives a very high importance to Data integrity.

•USFDA suggests that data integrity refers to the completeness, consistency, and
accuracy of data, which should be attributable, legible, contemporaneously recorded,
original or a true copy, and accurate.
INTERTECH LABS. DIRECTOR,T.RAJA RAO
EY Fraud Survey --Data Integrity

EY’s
EY’s Fraud
Fraud Survey
Survey

INTERTECH
INTERTECH
LABS. DIRECTOR,T.RAJA
LABS RAO
 Affect on Prosperity of companies-Data Integrity

• A few years ago, Ranbaxy signed a consent decree with

USFDA and also paid $500million in civil and criminal fines.

• Recently, Dr.Reddys, Sun Pharma, Aurobindo &Biocon,.

received form 483 observations, but there was no data
integrity related observations, Hence the stock moved up.

• This makes it interesting to understand data integrity, from

the eyes of USFDA.

INTERTECH
INTERTECH
LABS. DIRECTOR,T.RAJA
LABS RAO
 FDA’s minimum data integrity requirements are:
• Data should be secure from
- Alteration
- inadvertent erasures, or loss.
- Backup data should be exact and complete.
• Data should be stored to prevent deterioration or loss.
• Certain activities should be documented at the time of performance
• laboratory controls should be scientifically sound.
• The records should be retained as
- Original records
- True copies,
- Other accurate reproductions of the original records.
• FDA requires
- Data to record complete information,
- A complete record of all data from all the tests performed
- No test or data should be failed to record.
• Metadata to be stored throughout the record’s retention period.

INTERTECH
INTERTECH
LABS. DIRECTOR,T.RAJA
LABS RAO
 Other guidance that USFDA suggests on data integrity

• All changes in the critical data to be audit trailed.

• The data to be auditable for reconstruction of the past events
- Creation of the records.
- Modification of the records.
- Deletion of the records.
• should enable appropriate controls over the data/records.
• The change in the records can only be made by authorized personnel .This
restricts alteration of records.
• The system administrator role for computers (having rights to alter files and
settings) be assigned to personnel independent from those who are
responsible for recording the content.
• The systems controls, including documentation controls, should be designed to
follow CGMP.
• Companies must keep the incomplete or the erroneous forms as part of the
permanent record along with written justification for their replacement.
• The processes should be designed so that quality data to be created and
maintained cannot be modified.

INTERTECH
INTERTECH
LABS. DIRECTOR,T.RAJA
LABS RAO
 USFDA prohibits followings:

• Recording of the data on pieces of paper that can be discarded.

• Storing of the data in temporary memory.
• Sampling and testing with the goal of achieving a specific result or
to overcome an unacceptable result as this is not as per the CGMP
standards.
• Use of actual samples to perform system suitability (system
suitability tests should be done by using written procedures and
data should be recorded for scientific justification for exclusion).
• 1/3of pharmaceutical companies have not conducted reviews to
assess potential gaps in data integrity
• ‘Analysing the state of Data Integrity Compliance in the Indian
Pharmaceutical Industry’.
• Data Integrity Reviews are conducted to evaluate if, data records
are accurate, complete, attributable, legible and maintained
within their original context in electronic or paper form.

INTERTECH LABS
-Integrity of data is the foundation on which we make decisions
on quality, safety and efficacy
-Companies need to take these issues seriously, especially those
around data integrity as it is a critical aspect within the overall
compliance framework.”
-Maintaining data integrity is crucial for the pharmaceutical sector.
Today, companies with existing or anticipated concerns around
data integrity should initiate regular proactive data integrity
assessments.

INTERTECH LABS
 Few Reasons Identified by EY survey
• 1)Technology upgrade is the need of the hour –
• 25% were unaware of the 21 Code Federal Regulation (CFR) Part 11
• 33% have shared employee login ids and passwords for laboratory systems.
• Lack of management support/Involvement
• 2) Work pressure and shortage of manpower affects quality compliance -
Over 57% of the employees indicated that work pressure on the
manufacturing personnel to meet Key Performance Indicators (KPIs)
• - volume of output
• low rejection ratio and overall equipment effectiveness.
• 18% did not have adequately staffed Quality Assurance teams to review the
manufacturing and testing of all the products independently.
• This indicates that shortage of manpower or excessive work pressure can
lead to inaccurate or incomplete documentation, and eventually could
impact the product quality.
3)Absence of quality process and procedures - 33% respondents did not
conduct reviews to assess potential gaps in assurance of data integrity. It
has been observed that regular and proactive data integrity reviews can
ensure accuracy and consistency of GMP data. 13% respondents did not
have clearly documented Standards Operation Procedures (SOP) on backup
and deletion of laboratory data files generated by HPLC or GCs.
INTERTECH LABS
 Few Reasons Identified by EY survey

4 ) Lapses in data integrity continue to rise – . 21% stated that

audit trails on laboratory equipment are not always enabled in
their organizations. Absence of audit trails can be a serious
problem as there would be no records of data captured which
could lead to severe action by regulators.
5) Setting up whistle-blowing frameworks, still work in progress –
28% of respondents indicated that their organizations did not
have a fraud reporting mechanism in place. In such a guarded
industry, lack of whistle-blowing policies means individuals
who genuinely want to help their organizations by flagging any
unethical acts or wrongdoings may be forced to report such
issues externally.
•

INTERTECH LABS
FDA-Expectations on data integrity

INTERTECH LABS
 Data Integrity

USFDA’s Current Expectations and Guidance,

including Data Integrity and Compliance With
CGMP
Tip of iceberg
1)cGMP ‒ minimum requirements
2)Data integrity underpins CGMP
3)Lapses obscure other problems

INTERTECH LABS
 Draft Guidance
Data guidance Integrity and Compliance With CGMP, (April 2016)

Q&A style guidance focused on frequently occurring

data integrity lapses with definition of key terms.

When final, will represent our current thinking on

data integrity and CGMP compliance.

http://www.fda.gov/downloads/drugs/guidancecompliancereg
ulatoryinformation/guidances/ucm495891.pdf

INTERTECH LABS
Draft guidance was published in

INTERTECH LABS
 Why to write a guidance?

- FDA has increasingly observed CGMP violations involving

data integrity during CGMP inspections.

- 21 Warning Letters have involved data integrity lapses in

drug manufacturing in 2015-2016

- Ensuring data integrity is an important component of

industry’s responsibility to ensure the safety, efficacy, and
quality of drugs, and of FDA’s ability to protect the public
health

INTERTECH LABS
 Throughout CGMP- ALCOA
Data shall be Original or true copy that is

Accurate
Legible
Contemporaneous
Attributable

INTERTECH LABS
 Paper requirements = electronic requirements

1. Metadata
2. Audit Trail
3. Static vs. dynamic records
4. Data Backup
5. Systems

6. The requirements for record retention and review do not differ

depending on the data format; paper-based and electronic data
record-keeping systems are subject to the same requirements.

INTERTECH LABS
 Data Integrity: Not a New Concept
Principles from the paper-and-ink era still apply

• § 211.68 requires that backup data are exact and complete, and secure from alteration,
inadvertent erasures, or loss

:
• § 212.110(b) requires that data be stored to prevent deterioration or loss

• §§ 211.100 and 211.160 require that certain activities be documented at the time of
performance and that laboratory controls be scientifically sound

• § 211.180 requires true copies or other accurate reproductions of the original records;

• §§ 211.188, 211.194, and 212.60(g) require complete information, complete data

derived from all tests, complete record of all data, and complete records of all tests
performed.

INTERTECH LABS
 APIs - ICH Q7

Computerized Systems (5.4)

– GMP-related computerized systems should be validated.

– Appropriate installation and operational qualifications should

demonstrate the suitability of computer hardware and
software to perform assigned tasks.

– Incidents related to computerized systems that could affect

the quality of intermediates or APIs or the reliability of
records or test results should be recorded and investigated.

INTERTECH LABS
 FDA concern to use of shared login accounts for
computer systems?
you must implement documentation controls that ensure
actions are attributable to a specific individual.”

• When login credentials are shared, a unique individual

cannot be identified

• On paper you would sign/initial and date your work or the

review of other’s work

WL: Firms used a password shared by four or five individuals.

INTERTECH LABS
 FDA concern to use of shared login accounts for
computer systems?
you must implement documentation controls that ensure
actions are attributable to a specific individual.”

• When login credentials are shared, a unique individual

cannot be identified

• On paper you would sign/initial and date your work or the

review of other’s work

WL: Firms used a password shared by four or five individuals.

INTERTECH LABS
How access to CGMP computer systems be restricted?

FDA recommends to restrict the ability to alter

specifications, process parameters, or manufacturing or
testing methods by technical means where possible
(Eg:-By limiting permissions to change settings or data).

• FDA suggests that the system administrator role, including

any rights to alter files and settings, be assigned to
personnel independent from those responsible for the
record content.

WL: Failure to prevent unauthorized access/changes to data,

INTERTECH LABS
 When does electronic data become a CGMP record?

When generated to satisfy a CGMP requirement, all data become a CGMP

record

• You must document, or save, the data at the time of performance

• Not acceptable to record data on pieces of paper that will be discarded

after the data are transcribed

INTERTECH LABS
 When does electronic data become a CGMP record?

When generated to satisfy a CGMP requirement, all data become a CGMP

record

• You must document, or save, the data at the time of performance

• Not acceptable to record data on pieces of paper that will be discarded

after the data are transcribed

INTERTECH LABS
•
It is not acceptable to use an actual sample in test,
prep, or equilibration runs as a means of disguising
testing into compliance

WL: Unreported product failures, labeled “trial” HPLC

injections. Similar failures for gas chromatography,
ultra violet spectroscopy and moisture analyses –
January 2015

INTERTECH LABS