Data Integrity Policy

by ·

This document provides the information on data integrity policy i.e. policy to investigate and handle incidences related to GXP data, identified during internal/external audit or during review of data at any stage.

Data integrity policy

SCOPE :

Applicable to all functions and departments where GxP activities generated by electronic and paper based systems in pharmaceutical companies and contractors/service providers.

POLICY DETAILS:

Company shall develop –

  • A culture within the organization to ensure that the data is complete, consistent and accurate in all its form throughout data lifecycle (Paper and electronic).
  • To create the right environment to enable data integrity controls to be
  • Organizational culture driven by performance indicators on the success of data governance
  • Approach to perform the data integrity risk
  • Governance measures to ensure periodic audits to detect data integrity failures within organization’s
  • Mechanism to investigate impact of data integrity failure to the patient or
  • Data integrity controls for both, manual and computerized
  • Where data integrity weaknesses are identified, appropriate corrective and preventive actions shall be implemented across all relevant activities and systems and not in isolation.
  • Controls over intentional and unintentional changes to Systems and processes in a way that facilitate compliance with the principle of data

 

General Information:

Data Integrity is a life cycle approach; it refers to maintaining and assuring the accuracy and consistency of data over the entire data life cycle i.e. from Data generation Data collection, Data Processing, Data Review, Data Approval, Data Reporting, Data Archival and assuring data Integrity requires appropriate quality and risk management systems for each data/ processing step, including adherence to sound scientific principles and good documentation practices.

Compliance to Data Integrity starts from

Development → Manufacturing → Packing → Distribution → Other (post-marketing activities like pharmacovigilance/ complaints etc.).

Principles of Data Integrity apply to paper records, electronic records, records generated through hybrid systems and by other data such as photography, imagery, chromatography plates etc. that were created during manufacturing, packaging, testing, holding, shipping and distribution and any other ancillary or supporting activities within the framework of GxP.

Procedure to investigate and handle data integrity incidence:

 During the life cycle of GxP processing inclusive of documentation, following procedure shall be followed to investigate and suggest corrective actions.

If any observation related to breach to data integrity is noted in below cases which are not limited to;

  1. Doer himself reported his data integrity
  2. During periodic review of GxP
  3. During Internal and regulatory
  4. At any point of time of review (Other than doer).
  5. During Investigation

The individual identifying the event of breach to data integrity shall report the incident to the department head. Department Head shall inform the respective unit/site Human Resource Business Partner (HRBP) and Head Unit Quality Assurance immediately in writing or telephonically or physically within one (1) working day.

Deviation shall be filed as per SOP to find out root cause, assess impact and assign appropriate Corrective action and Preventive actions. Deviation shall be logged immediately on identification of the incident.

Note: Initial categorization of all deviations as an outcome of breach to data integrity shall be “Critical”. Final categorization of deviation may or may not change based on detailed investigation by task force committee.

Department head shall communicate information of data integrity incidence to Head Site Quality Assurance, Unit Head, Site Head and HR.

The Unit Head / Head Unit Quality Assurance shall be the lead investigator and enlist other discipline Heads as necessary.

Suspected or known falsification of records shall be fully investigated under the cGMP quality system to determine the effect of the event on patient safety, product quality, and data reliability; to determine the root cause; and to ensure the necessary corrective actions are taken, if necessary, global CAPA(s) shall be initiated.

Investigation shall be conducted by Task force investigation committee which consist of following members:

  • Site HR head or an assigned representative(mandatory)
  • Concerned department head (mandatory)
  • Reporting manager of the concerned person (optional)
  • Quality head of the unit (mandatory)
  • Unit head (mandatory)
  • Head Site Quality (same/other location)
  • Site QC head (same/other location)
  • Site head (same/other location)
  • Other Cross Functional Team members as applicable

Note: If person mentioned above is not present then, person can nominate peer or superior (even from other location) which shall be considered in task force investigation team.

Investigation shall contain summary of all information from applicable GMP areas, Laboratories, manufacturing operations, processing and information systems covered by the assessment. In case of exclusion of any part of the operation, justification for the same shall be prepared.

An assessment of the extent of data integrity deficiencies at the facility shall be conducted.

Comprehensive retrospective evaluation shall be conducted to identify the nature of the data integrity deficiencies; these shall include all the work that the individual may have done before.

Risk assessment shall be performed to identify the potential effect of the observed failures on the quality of the product that was released. The risk assessment shall include the following but not limited to;

  • Analyzing risks to patients
  • Risks posed by ongoing operations
  • Any impact on the veracity of data submitted to regulatory agencies including data related to product registration
  • Long-term measures describing any remediation efforts and enhancements to procedures, processes, methods, controls, systems, management oversight, and human resources (e.g., training, staffing improvements) designed to ensure the integrity of data.

Based on the Data Integrity incidence, investigation carried out and conclusion derived, disciplinary action shall be taken by Task Force Investigation Committee as per Cipla Data Integrity Guideline.

Appropriate notification to regulatory authorities shall be made where significant data integrity incidents have been identified which has an impact on product quality and patient safety in instances where product already released to market by unit QA in consultation with site QA and respective stakeholders.

AMENDMENT AND WAIVER :

The company reserves the right to amend, alter and/ or terminate this policy at any time.

DEFINITION :

 Data Integrity : Data integrity is the degree to which data are complete, consistent, accurate, trustworthy, reliable and that these characteristics of the data are maintained throughout the data life cycle. The data should be collected and maintained in a secure manner, so that they are attributable, legible, contemporaneously recorded, original (or a true copy) and accurate.

Hybrid Data: Data is generated by using hybrid system where both paper-based and electronic records constitute the original record.

Other Data: The data generated is captured by a photograph or imagery (or other media).

Breach of Data Integrity: It is a violation of the integrity of Data to get intended results or to test products into compliance. This means, the actions performed, and the documents/records written do not reflect the truth and the reality which has taken place.

Common terms used are Falsification of data, Alteration of data and events, Misleading information, statements or facts, Misrepresentation of what happened, Untruthful statements, Deceit, Forgery.

Few examples of breach to data integrity are as below, but not limited to:

  • Data falsification and generation of unauthorized
  • Signing off or owning records for activity not performed by
  • Intentionally misplacing or replacing
  • Trial runs in analysis (Actual Standards, Reference, working / test standards) shall not be used to perform system suitability test.
  • Manipulating date and time in computer system or any other system used for GMP
  • Manipulating and or misrepresenting any parameters such as process or analytical parameters
  • Reprocessed Chromatograph not retained for
  • Recording of an activity not
  • Copying existing data as new data, unless supported by original
  • Re-running samples without justification and
  • Discarding/deletion of data, unless
  • Releasing failing
  • Not saving electronic or hard copy

 

ABBREVIATIONS:

CAPA :  Corrective Action and Preventive Action

GMP :   Good Manufacturing Practices

GxP  :   Good X Practices where X stands for Chromatographic, Clinical, Manufacturing, laboratory, distribution, quality, pharmacovigilance etc.

HR   :   Human Resources

SOP :  Standard Operating Procedure

 

REFERENCES:

MHRA                          :    GxP Data Integrity Guidance and Definitions.

USFDA                         :    Guidance on Data Integrity and Compliance with drug cGMP – Guidance for Industry

PIC/S                           :    Draft Guidance on – Good practices for data management and integrity in regulated Environment.

 

You may also like...

Leave a Reply

Your email address will not be published. Required fields are marked *