How can a company comply with data integrity guidelines?
The basic thought is clear: collect, process and store your data in a complete, consistent and accurate manner. That may seem simple, but it is not. Following the ALCOA+ principles or developing a data governance strategy can help.
How often does it happen that there are multiple copies, that the original document is overwritten or that errors occur during the collection of data? There may even be a data breach without anyone knowing about it. These practices can lead to polluted and outdated data, compromising data integrity.
These following weeks, our Data Integrity Expert, Nathalie Wellens, will explain the concept of data integrity, its evolution, data governance strategies or programs, how to implement a data governance framework in your company and remediation solutions.
How can a company act in accordance with regulatory guidelines?
Nathalie: There are two things a company can implement to work accordingly:
1. Work according to the ALCOA or ALCOA+ principle. This is a framework that pharmaceutical companies use to ensure data integrity. The ALCOA principle applies to both paper documents and electronic/digital data. The acronym stands for:
- Attributable: when data (or e.g. a product) is produced, it must always be clear where, when, how and by whom. If an adjustment has been made, it must be clear why. This means that there must always be a link to the source of the data, e.g. a person or computer. This can be done by using a barcode, QR-code, user ID (username with password) or a signature with date.
- Legible: the data must always be legible and permanently accessible throughout the data lifecycle.
- Contemporaneous: data is recorded the moment the data is being produced. The date and time must be chronological.
- Original: original data or ‘primary/source data’ is the source of the data. The first data point where the data was produced/measured.
- Accurate: accurate data is error-free, complete and correct. Each modification is documented.
- +Complete: All data, including repetition or re-analysis, must be complete.
- +Consistent: all elements of the data, e.g. 3 consecutive batches of data must have a date and time indication that is consecutive.
- +Sustainable: data must be recorded on controlled worksheets, lab logbooks or electronic media (no post-its or personal notes that could be lost).
- +Available: data should always be accessible and available for review.
Nathalie: “If a company can apply these ALCOA+ principles, they are handling the data in a correct manner but then there is no strategy or framework within which the entire company can work. Setting up a data governance strategy is important. It must be an integral part of the quality management system and inherent to your corporate DNA. This way, you increase the support base among the employees and the company creates a real commitment”.
2. Creating a data governance strategy
“Data governance is the sum of the processes & procedures to ensure that data, irrespective of the format in whih they are gerenated, are recorded, processed, retained and used to ensure the record throughout the life cycle of the data. Data governance ensures good management of records and data throughout the regulated undertaking. Data governance encompasses the people, processes and technology required to achieve consistent, accurate and effective data handling.” (Source: ISPE GAMP Guide: Records and Data integrity)
Think of data governance as the who, what, when, where and why of the organization’s data. A data governance program is therefore not a ‘nice-to-have’ for a life sciences company but is fundamentally part of the company. It is important that the management understands, supports and communicates the concept of data governance to the employees. There must be a sufficiently large support base and a distinct corporate culture of safety & quality. Implementing a successful data governance strategy requires careful planning, the right people, the right tools and technology.
Another aspect of data governance is the protection of company and customer data. This of course should have a high priority. Data breaches are almost everyday occurrences and governments put a stop to them with laws that protect our private data. A data management program builds in controls to protect data and help organizations comply with compliance regulations.
Need help to comply with data integrity guidelines?
Our experienced Data Integrity experts would be happy to assist you.
A risk-based and pragmatic approach
In order to address the growing need of the industry to implement data integrity in a smart and efficient way, Pauwels Consulting has developed a unique data governance program. The program combines a thorough pre-assessment with subsequent transition according to the well-known PDCA cycle. GAP assessments and associated actions are carried out in parallel across each department with continuous feedback loops and include alignment of all DI-related documentation (e.g. URS, data handling procedures, etc…).
Our risk-based and pragmatic approach embeds strong leadership and proper behavioral management. It is designed to achieve and sustain DI cultural excellence across the entire organization. Proper training is crucial so our Data Integrity team has compiled a variety of training modules that can be tailored to achieve these goals, together!
Do you have any questions for us? Let’s get in touch!