Data integrity, an increasing regulatory focus

The life sciences industry generates a massive volume of complex data. As companies embrace automated systems and cloud storage solutions, the volume of data continues to grow. With this shift toward new technology comes greater scrutiny from global regulatory bodies, and a higher likelihood of enforcement action.

What is data integrity?

Data integrity is not just a cornerstone of the life sciences sector, it is the foundation of good science. In fact, it is the backbone of good manufacturing practice, and the basis on which pharmaceutical, medical device and other companies make their decisions.

In essence, data integrity is “properly recorded information”. However, regulatory bodies follow a more detailed definition – a set of standards known as ALCOA. This acronym stands for Attributable, Legible, Contemporaneous, Original and Accurate.

The US Food and Drug Administration (FDA) was the first regulator to introduce such standards. Today these standards govern the role of data integrity in current good manufacturing practice (CGMP) for drugs, as required in 21 CFR parts 210, 211, and 212.

What does this mean in practice?

Data integrity must be observed and maintained every day. Only by doing so can companies ensure the credibility, accuracy, and validation of their data. To achieve this, they need to understand and follow all five principles of the ALCOA framework, which addresses how companies collect, manage and store their data.

• Attributable: All data must be attributable to the person or computer system that collected or generated the data. In other words, whoever performed a data-related task must be identifiable.
• Legible: Data must be legible and permanent. That is, it must be readable by eye or electronically, and should be retained in a durable medium.
• Contemporaneous: All data activities should be timestamped with a record of when each activity took place – at the time it is performed. No activity should be back-dated.
• Original: Every captured piece of data must be retained in its original format, rather than replaced or deleted. In other words, records should be original rather than copies or transcriptions.
• Accurate: Data should be inputted, stored and maintained with precision and validity. It should be complete, consistent, truthful, and representative of facts. Any errors or editing must be accompanied by documented amendments.

In 2020 alone, the FDA released over 150 warning letters for Data Integrity infringements – a 60% increase since 2016

Poor data integrity is a company killer

Data integrity is crucial to the compliance of any life sciences company. Failures in data integrity can have serious consequences. Indeed, the financial and reputational costs can be enormous. Enforcement actions by the FDA, in particular, can devastate a company’s fortunes.

For instance, an FDA enforcement order can result in a facility shutdown, product recalls, delayed or denied approvals, and import and distribution bans – not to mention the criminal prosecution, remediation costs and loss of customers due to a damaged reputation. It can also create long-term problems. Companies which are found in breach of data integrity regulations may lose the trust of the FDA and face more frequent and in-depth inspections in the future.

To put it simply, companies cannot afford to ignore data integrity. Not only is it essential in today’s regulatory environment, it is a key factor that determines a company’s future. Therefore, complying with data integrity regulations should be a business priority.

Why are regulators stepping up their game?

Regulatory agencies are increasing their focus on data integrity in response to the increasing number of data integrity violations that were observed during recent CGMP inspections.

Of particular concern was a number of violations in data manipulation and other data issues that were found in pharmaceutical manufacturing facilities, specifically ones based in Asia. Regulators find such violations particularly troubling, given the industry’s responsibility to ensure the safety, efficacy and quality of drugs. This is especially relevant today in light of the global pandemic and the FDA’s efforts to protect public health.

Such data integrity-related CGMP violations have led to numerous regulatory actions, including warning letters, import alerts, and consent decrees. Of the 75 warning letters issued by FDA in 2016, 43 per cent were linked to instances of data integrity violations. In 2017, this figure had risen to 60 per cent.

High volume of FDA warning letters

The number of FDA warning letters issued in 2020 remained high relative to previous years, due in part to the upsurge of companies attempting to market questionable COVID-19 cures. During the year, the FDA sent almost 150 warning letters for unapproved, adulterated, or misbranded products.

The majority of these letters focused on products marketed with drug claims. The FDA specifically cited a number of data integrity violations, which include:

• Deletion or manipulation of data
• Aborted sample analysis without justification
• Invalidated out-of-specification results without justification
• Destruction or loss of data
• Failure to document work contemporaneously
• Uncontrolled documentation

Among the observed violations was a manufacturing facility that was found to be intentionally shredding and destroying records. At another facility, employees were found to be signing logbooks and batch records that should have been reviewed in previous weeks. Elsewhere, a company was found to have aborted a number of chromatography sample set runs, without following standard procedures or carrying out follow-up investigations.

Although the number of FDA warning letters remained relatively high, the number of 483 inspection observations in 2020 decreased significantly. To illustrate the point, the FDA issued over 2,700 Form 483 observation letters in 2020, compared with more than 4,700 in 2019. This represents a drop of 42%, and is partly due to fewer inspections being carried out owing to the pandemic. However, inspections have now returned to normal levels.

As outlined above, validation poses many challenges to life sciences companies that depend on paper-based processes. The data integrity of paper-based processes depend a great deal on procedure controls, and on the honesty and diligence of individuals who create, approve and execute validation documents. It can be argued that such processes are simply no longer viable in today’s regulatory environment. The obvious answer to this challenge is a paperless validation solution.

Despite the prominent role of data integrity in the life sciences industry, many companies will still fall foul of regulators tasked with auditing them. Kneat can support companies who wish to achieve greater productivity and help them meet all their data integrity compliance demands.

Kneat enforces data integrity, efficiently

Kneat’s SaaS e-Validation Platform, Kneat Gx, digitizes the entire validation lifecycle, enabling Life Sciences companies to develop and deliver therapies as efficiently as possible – whilst enforcing data integrity best practice to ensure full compliance with both FDA and EMA regulators.

Capturing all validation data direct to a secure database, with all entries and changes recorded into an exhaustively comprehensive, time-stamped audit trail Kneat gives users an unprecedented capability to create, manage, access and mine validation data.
Kneat also ensures users apply FDA 21 CFR Part 11.10(a) compliant signatures, providing robust attribution in tandem with a secure role-based user access control system, ensuring only the right users have access to the right documents.

21 CFR Part 11.10(a) governs the procedures and controls that should be followed by organizations who use computer systems in regulated environments. In addition, Kneat Gx supports EudraLex Annex 11, Section 4. Kneat’s compliance with these regulations enable users in the Life Sciences to safely transition away from cumbersome paper-based and hybrid validation processes.

Through pre-approved templates and dynamic data sharing, Kneat automates the transposition of data throughout documents, dramatically reducing the cycle-time of your validation process whilst eliminating user-error and tampering.