With the new Data Integrity guidance from MHRA this March we should revisit the importance of data integrity in Research & Development (R&D) as well as more heavily regulated parts of the pharma pipeline.
Data integrity risks are inherently proportional to the complexities of the processes and technology devices and computerized systems where the data is sourced from. In R&D, each step in the data process plays a critical role in the pharmaceutical product lifecycle. By architecting a process to capture all relevant data you can mitigate risks and have more reliable data from a validated source.
There is much discussion lately on the topic of “data integrity.” Organizations such as the Food and Drug Administration (FDA) and Medicines and Healthcare Products Regulatory Agency (MHRA) in the United Kingdom and other such regulatory organizations around the world have released industry guidelines for data integrity. PIC’s Guidance on Data Integrity was published in August 2016. Health Canada, the World Health Organization (WHO), and the Therapeutic Goods Administration (TGA) in Australia have all also discussed data integrity, stemming from FDA’s ALCOA approach.
FDA and MHRA warning letters within the last year have cited several companies for a lack of data integrity in their processes and for flaunting data integrity based on a lack of proper traceability and security measures.
The ALCOA Principle
A new acronym, ALCOA, had been released in the most recent MHRA guidelines this year and the FDA released a draft guidance in April 2016, the FDA in a document entitled “Data Integrity and Compliance with CGMP Guidance for Industry.” Under the question of “What is Data Integrity?” the following answer was provided by the FDA:
For the purposes of this guidance, data integrity refers to the completeness, consistency, and accuracy of data. Complete, consistent, and accurate data should be attributable, legible, contemporaneously recorded, original or a true copy, and accurate (ALCOA).
In the most recent guidance by the MHRA entitled ‘GXP’ Data Integrity Guidance and Definitions’ the definition is:
Section 6.4 Data integrity is the degree to which data are complete, consistent, accurate, trustworthy, reliable and that these characteristics of the data are maintained throughout the data life cycle. The data should be collected and maintained in a secure manner, so that they are attributable, legible, contemporaneously recorded, original (or a true copy) and accurate. Assuring data integrity requires appropriate quality and risk management systems, including adherence to sound scientific principles and good documentation practices.
Although ALCOA has been around for many years, it has now taken a high degree of emphasis. But data integrity is nothing new. Data integrity has been the expectation in PIC’s Guide to GMP, Chapter 4 and Annex 11, ISO 13485: Sections 4.2.3, 4.2.4, as well as the Australian Code to GMP human blood, blood components, human tissues and human cellular therapy products: Sections 400-415.
With the increased focus on this area of data governance it is finally worth noting that MHRA instructs organisations that there is need to take responsibility for the systems used and the data they generate. The organisational culture should ensure data is complete, consistent and accurate in all its forms, i.e. paper and electronic. Within increasing focus on ALCOA, the digital data files need to be managed for the life time of the data which could easily be 40 years and above. As the MHRA states the data governance policy (or equivalent) should be endorsed at the highest levels of the organisation.