In the recent JulyAugust issue, Contract Pharma looked at he issuance of data integrity guidance documents by four of the world’s leading regulatory agencies. Taken together,
these guidelines stipulate an array of data integrity and governance expectations.
All four of the regulatory agencies’ directions on data integrity
make the point that it is important for an organization to consider
the sum total of measures that ensure data integrity, irrespective
of the process, format or technology in which data is generated,
recorded, processed, retained, retrieved and used throughout the
data life cycle, and that these preparations guarantee complete,
consistent and accurate records.
This article looks at some of the ways an organization can establish a culture and cost-effective means to meet the various challenges in sustaining data integrity. Particular emphasis is placed
on a practical and risk-based approach toward data integrity governance. Sensibly, data integrity governance can be accomplished
through: marshalling the proper expertise and thoughtful planning, training and leveraging cGxP knowledge, assessment and
risk analysis, and self-inspection and remediation.
EXPERTISE AND PLANNING
According to Global ISPE Data Integrity Special Interest Group of
the ISPE GAMP Community of Practice, “If a company does not
have in-house experience for implementing data integrity, or has
failed in past implementation attempts, they should bring in out-
side expertise to help guide the initial states of implementation.”
Organizations must get a grip on data integrity governance
across the data life cycle by initially focusing on expertise and
planning. “The big lesson in the industry is that in order to en-
sure data integrity, quality must be managed at the entry point
of data from the beginning of developing an active pharmaceuti-
cal ingredient (API) to the information appearing in the product
label,”said Dr. Nancy Pire-Smerkanich, assistant professor in the
Department of Regulatory and Quality Science in the School of
Pharmacy at the University of Southern California.“It is very dif-
ficult to build quality back as the process approaches the end of
the data life cycle.”
For many organizations, a starting point is to identify a data
integrity and governance lead—in larger organizations this will
likely be a full time data governance officer—and the establish-
ment of a cross-functional team to bring focus on the principles
of data integrity across the data life cycle and organization. In the
same way, an effective quality system must have the support and
active involvement of top management, so too must an effective
data integrity program have executive commitment.
In the absence of expertise, harnessing external know-how
will save time and money in the long run and set the organization on a steady path toward a mature data integrity governance.
However, the objectives must be to transfer outside expertise and
knowledge to experts in-house and move toward a company culture embracing data integrity governance. Organizations should
avoid completely outsourcing a data integrity governance program to a third party vendor, which would indicate the company
is not taking ownership of its own records.
A cross-functional team’s purpose is to ensure that data integrity approaches are included or continue to be a focus used
in methods and processes throughout the organization. These
teams can help establish internal expertise by organizing and
gaining support for data integrity subject matter experts to be
embedded in functional groups and on product lines.
If the organization does not have data governance and integrity as a concept built into the quality framework as a whole, the
data governance lead and cross-functional team should immediately consider putting in place a data governance policy and
plan for the organization. The first draft of such a policy will focus
on gaps in the organizational approach, while referencing quality
procedures already in place as they relate to existing cGxP data
integrity requirements. The long-term objective should be for a
holistic data integrity approach to be integral to the overall quality approach.
Data Integrity: A Practical
and Risk-Based Approach
Looking at ways an organization can form a culture and cost-effective means to meet
the various challenges in sustaining data integrity