While in the past everything was written down on paper and then stored in the filing cabinet, this has now changed with the advent of email, automation, the cloud, big data and AI. This digitization creates many business opportunities but the chance of something going wrong in the data process flow is increasing. It raises the question for the pharmaceutical industry: how can we still guarantee the safety and quality of the product?
These following weeks, our Data Integrity Expert, Nathalie Wellens, will explain the concept of data integrity, its evolution, data governance strategies or programs, how to implement a data governance framework in your company and remediation solutions.
What is data integrity?
In the context of a GxP environment, data integrity can be defined as maintaining and ensuring the accuracy and consistency of data throughout its lifecycle. This, of course, in compliance with legal requirements. Data integrity is a crucial aspect of the design, implementation and use of any system that stores, processes or retrieves data.
Data integrity is in line with the GxP standards, which can be the (c)GMP, (current) good manufacturing practices, GLP (good laboratory practices), GCP (good clinical practices) or the GDocP, the good documentation practices. To support Data Integrity during the full life cycle of the data, some key concepts in the GMP requirements are summarized in the form of the acronym ‘ALCOA’ or the ‘ALCOA+’ principles.
It should not be confused with data security or data quality. These are only a part of the data governance strategy. Nor is it a synonym for privacy legislation such as the GDPR. However, it can help your company to comply with this privacy regulation.
Why is data integrity important?
Data and its integrity are extremely important to ensure patient safety, the quality of pharmaceutical products and the integrity of company data within the life sciences industry. In addition, data integrity is closely related to the reliability of your organization. Within a GxP environment, the provision of evidence in accordance with legislation and regulations is particularly important to demonstrate the safety and efficacy of a product, for example in the event of legal disputes.
Why is there an increasing focus on the guidelines by regulators?
There has always been a strong focus on patient safety, data reliability and product quality, both within the pharmaceutical industry and the medical devices or healthcare industry. However, in recent years there has been an increase in data breaches and misuse of GMP guidelines, especially in the Asian market (e.g. ‘testing into compliance’ or false data laboratories). As a result of these breaches, the guidelines have been strengthened and there is more monitoring and control of compliance with the guidelines.
In January 2015, the MHRA published new guidelines in the document ‘GMP Data Integrity Definitions and Guidance for Industry’. Later that year, the HMA (Heads of Medicines Agencies) and the EMA (European Medicines Agency) proposed the ‘EU Medicines Agencies Network Strategy to 2020’. This is a five-year strategy for European regulators in which data integrity checks are mandatory in order to prevent fraud.
Subsequently, in 2016, the FDA (Food & Drug Administration) published its guidelines, ‘Data Integrity and Compliance with cGMP’. Although these guidelines are not binding, a great deal of focus is placed on data integrity during audits and inspections by the FAGG, the EMA, the FDA or suppliers.
What could be reasons for violating the guidelines?
The reasons can be very diverse and we can even say that 80% of the breaches happen unknowingly:
- the pressure to produce and guarantee business continuity
- a lack of awareness or knowledge
- the corporate culture does not fully support the concept
- insufficient resources or budget, inadequate technology or processes
Even with a data governance program implemented, individuals can still choose to defraud or falsify data. It is important to know that regulators make no distinction between human error and fraud/falsification when assessing.
What could be the consequences of non-compliance?
- the patient may be in danger
- strict audits or a temporary stop in production
- loss of reputation and reliability
- bad data that cannot be used for analyses or strategic decisions
- recalls, ban on export or production for an indefinite period or cessation of activity
We can state that although these guidelines are not binding, it would be a big mistake not to follow them because the consequences are too big.
Need help to develop & implement a data integrity strategy?
Our experienced Data Integrity experts would be happy to assist you.
A risk-based and pragmatic approach
In order to address the growing need of the industry to implement data integrity in a smart and efficient way, Pauwels Consulting has developed a unique data governance program. The program combines a thorough pre-assessment with subsequent transition according to the well-known PDCA cycle. GAP assessments and associated actions are carried out in parallel across each department with continuous feedback loops and include alignment of all DI-related documentation (e.g. URS, data handling procedures, etc…).
Our risk-based and pragmatic approach embeds strong leadership and proper behavioral management. It is designed to achieve and sustain DI cultural excellence across the entire organization. Proper training is crucial so our Data Integrity team has compiled a variety of training modules that can be tailored to achieve these goals, together!