“Data integrity” is a long-standing concept, first introduced in 1938 in the “Federal Food, Drug, and Cosmetic (FDC) Act.” However, in the digital age, its importance has greatly increased. By 2018, more than 65% of FDA warning letters featured data integrity issues, a sign of rising regulatory attention1,2. As this can be seen with the US example, data integrity remains a central issue for any organization that interacts with regulators because of its cross-departmental nature.
Data must be recorded exactly as intended and must remain the same as when it was originally recorded. The accuracy and validity of data must be maintained during its entire life cycle.
|A||Attributable||Who performed an action and when? If a record is changed, who did it and why?|
|L||Legible||Data must be recorded in a permanent durable medium and be readable|
|C||Contemporaneous||Data must be recorded when it was performed followed by date and time|
|O||Original||Is the information the original data or a certified true copy of the original data?|
|A||Accurate||No errors or editing performed without documented amendments|
|A||Available||Available for review at anytime|
|E||Enduring||Records exist for the entire period|
|C||Complete||Data is in a complete state to avoid any recreation or manipulation|
|C||Consistent||Data is in a sequential manner with a sign and date and follows GDP for consistency in documentation|
Bioprocessing customers have rigid requirements to manage and export data electronically in a computerized system. Data management encompasses data integrity, data collection and retention, saving of the data into a network, paperless lab procedures, and the use of active directory servers.
Data integrity is critical for any organization that interacts with regulators like the FDA, MHRA or EMA. This includes healthcare firms, bioprocessing companies, medical device organizations, clinical research organizations, and several other FDA-regulated industries such as food and beverage manufacturers, as these organizations need to be compliant with data integrity regulations.
Data integrity helps ensure reliability of instrument usage, data accuracy, traceability, and compliance as per regulatory requirements. Compliance with data integrity helps to ensure the trustworthiness and reliability of electronic records. Even during process development, compliance to data integrity policies offers great benefits for a company by making technology transfer and scale-up to GMP easier. “For our customers, it is critical to know that their results are reliable, can be easily accessed, and cannot be altered,” explains Shweta Nair, Senior Product Manager at Advanced Instruments. “In addition to data integrity, what is important is data management, namely the ability to acquire the data, store it and retrieve that data easily when needed. This is the flexibility we provide with Advanced Instruments’ products.”
Collecting inaccurate or “bad” data could have serious consequences for a company, such as the loss of an entire batch, delays in product development cycles, major auditing issues, and even fines. “The whole life cycle can be delayed,” says Nair. “This means loss of time and money.” The highest risks, when not working in a compliant manner, lie in import bans, product recalls, or even the closing of production plants.
In the US, the underlying premise in §§ 210.1 and 212.2 is that CGMP sets forth minimum requirements to assure that drugs meet the standards of the Federal Food, Drug, and Cosmetic Act (FD&C Act) regarding safety, identity, strength, quality, and purity. The requirements with respect to data integrity in 21 CFR part 211 and 21 CFR part 212 include, among other things:
Electronic signature and record-keeping requirements are laid out in 21 CFR part 11 and apply to certain records subject to records requirements set forth in Agency regulations, including parts 21 CFR part 210, 21 CFR part 211, and 21 CFR part 212. For more information, see guidance for industry 21 CFR Part 11, Electronic Records; Electronic Signatures — Scope and Application3. The guidance outlines the FDA’s current thinking regarding the narrow scope and application of 21 CFR part 11 pending FDA’s reexamination of 21 CFR part 11 as it applies to all FDA-regulated products.
EudraLex Vol. 4 Annex 11(EudraLex rules governing medicinal products in the EU, Volume 4, GMP, medicinal products for human and veterinary use) offers a detailed guide to the areas of compliance that need documentation.
Both documents cover the same topic: the use of computerized systems in regulated activities. However, the approach of 21 CFR Part 11 is to make clear the requirements to be met in order to conform to regulations. In contrast, the approach of EudraLex Vol. 4 Annex 11 is to make clear how to conform to its rules.
Another significant difference is the approach to risk management. EudraLex Vol. 4 Annex 11 points to risk assessment as the start of compliance activities. 21 CFR Part 11 differentiates security for open and closed systems, with extra security measures for open systems but without reference to risk or criticality.
Labs are also often asked to comply with various Pharmacopeia guidelines, such as USP chapter 785, European Pharmacopeia, and others. These guidelines regulate the qualifications of osmometers (Installation Qualification/Operational Qualification), operation and calibration of osmometers, the types of osmolality instruments, and the results reporting.
|EudraLex Vol 4 Annex 11||21 CFR Part 11|
|Scope/Principle||Computerized systems as part of GMP regulated activities. Application should be validated. IT infrastructure should be qualified.||E-records and e-signatures as used for all FDA regulated activities.|
|Focus||Risk-based quality management of computerized systems||Using e-records and signatures in open and closed computer systems|
|Objective||Using a computerized system should ensure the same product quality and quality assurance as manual systems with no increase in overall risk||E-records and e-signatures should be as trustworthy and reliable as paper records and handwritten signatures|
Osmolality testing is a key process parameter in the pharma and bioprocessing industries. Therefore, the reliability, consistency, and accuracy of osmolality data is crucial throughout the bioprocessing workflow. When using technology in a GMP environment it is important to maintain data integrity using the following characteristics4:
Advanced Instruments osmometers could help customers meet the strict data integrity requirements as they include features such as:
These data features are flexible to meet the growing needs of organizations and also help GMP organizations meet these restrictions and regulations. Moreover, the data management features support integration into a company’s system and allow the company to optimize the review of their data as they streamline their processes.
The OsmoTECH® PRO and OsmoTECH® XT are compliant with 21 CFR Part 11, EudraLex Vol. 4 Annex 11, and Pharmacopeia requirements. However, it is the responsibility of the end-user to implement the necessary controls in their laboratory to effectively achieve the compliance requirements. “From the data integrity perspective, Advanced Instruments is constantly on top of changes to the regulatory requirements. Our engineers work closely with our customers to ensure that any software capabilities or features that are required are quickly implemented and rolled out. Our customers truly appreciate how engaged and proactive we are about data integrity. In addition, the close connection we maintain with our customers through our service engineers and salespeople helps us collect and quickly respond to customer feedback,” says Nair.
1. Mihailisin, I. (2020, September 13). Data Integrity in Pharmaceutical Industry – ympronta. Ympronta srl. Retrieved from https://www.ympronta.it/en/blog/ympronta-blog-1/post/data-integrity-in-pharmaceutical-industry-2
2. Office of Regulatory Affairs. (n.d.). Inspection Observations. U.S. Food and Drug Administration. Retrieved from https://www.fda.gov/inspections-compliance-enforcement-and-criminal-investigations/inspection-references/inspection-observations.
3. Office of the Commissioner. (2003, August). Part 11 Electronic Records; Electronic Signatures Scope and Application. U.S. Food and Drug Administration. Retrieved from https://www.fda.gov/regulatory-information/search-fda-guidance-documents/part-11-electronic-records-electronic-signatures-scope-and-application
4. SL Controls. (2021, April 20). What is ALCOA+ and Why Is It Important to Validation and Data Integrity. SL Controls. Retrieved from https://slcontrols.com/what-is-alcoa-and-why-is-it-important-to-validation-and-data-integrity
Learn more by checking out our additional educational resources below.