Regulators around the globe have issued guidance on data integrity in the last five years. As per FDA guidance, “Data integrity refers to the completeness, consistency, and accuracy of data. Complete, consistent, and accurate data should be attributable, legible, contemporaneously recorded, original or true copy, and accurate (ALCOA).
In simple terms, data (paper or electronic) should be complete, consistent, and accurate throughout the data life cycle, i.e., from raw data generation and recording through use, migration, retention, archival, and destruction. It is critical to ensure data integrity because data errors could make an adulterated drug batch reach the patient, thus impacting patient safety. Data integrity is not about quality control, but it also applies to compliance with GMP and relates to R&D, clinical trials, production/testing, and quality systems. The data lifecycle starts with data generation, followed by data processing, data modification, data recording, data review, data migration, data back-up/restore/archival, data retention, and data disposition after the retention period. Data integrity risk management is a good compliance and business practice for the prevention of data integrity issues.
There are 5 vital steps for data integrity risk management.
- Risk Assessment: Performing a baseline risk assessment.
- Risk Remediation: Ranking risks based on risk priority number (RPN) and remediation.
- Management Governance: Monitoring metrics and regulatory trends
- Data Governance: Enhance systems, processes, and procedures.
- Training and Communication: Continuous training and effectiveness checks.
It takes time to complete all the steps of comprehensive data integrity mitigation and sustainability, so a phased approach is beneficial when it comes to data integrity initiative implementations.
For example.
Phase 1: Immediate risk mitigation (Risk assessment and remediation of high-risk observation.
Phase 2: Data integrity resilience (Governance and Training).