Data integrity means complete, consistent and accurate recording of data. This requires an original or true copy of contemporaneously recorded data that is attributable to a specific individual and is legible and accurate. The Food and Drug Administration (FDA) considers data integrity to be critical throughout the current good manufacturing practice (CGMP) to ensure product quality and public safety. In response to an increased number of data integrity violations, which have led to warning letters, import alerts and consent decrees, the FDA published a draft guidance on Data Integrity and Compliance with CGMP on April 14, 2016. After considering comments to the draft guidance, the FDA has now issued its Final Guidance on Data Integrity and Compliance with Drug CGMP on December 12, 2018. The Final Guidance is in a Q&A format and provides detailed instructions to the industry that reflects the FDA's current thinking on data integrity.
The Final Guidance first provides references to sections of 21 CFR parts 210-212 as they relate to finished pharmaceutical and positron emission tomography (PET) drugs. The Final Guidance then defines, along expected lines, certain terms, including "data integrity," "metadata," "audit trail," "static" and "dynamic" record formats, "backup" and "systems" (as used in computer or related systems). The Final Guidance also provides recommendations for issues like the invalidation and exclusion of CGMP results, CGMP workflow validation, access to CGMP computer systems, use of shared login accounts, blank forms, audit trails, electronic records and printouts, use of actual samples for testing and calibration, handling of internal tips regarding CGMP issues and personnel training.
More specifically: Management with executive responsibility has the role of creating a quality culture where employees understand the importance of data integrity and are encouraged to identify and promptly report data integrity issues. The Final Guidance states that the absence of management support of a quality culture can lead to breakdown of quality systems and to CGMP noncompliance. To ensure CGMP compliance, the FDA recommends that management ask the following questions:
- Are controls in place to ensure that data is complete?
- Are activities documented at the time of performance?
- Are activities attributable to a specific individual?
- Can only authorized individuals make changes to records?
- Is there a record of changes to data?
- Are records reviewed for accuracy, completeness and compliance with established standards?
- Are data maintained securely from data creation through disposition after the record's retention period?
The FDA links data integrity to the CGMP data life cycle, including creation, modification, processing, maintenance, archival, retrieval, transmission and disposition of data after the record's retention period ends. The FDA recommends the use of system design and controls to simplify the detection of errors, omissions and aberrant results.
The term metadata has a broader meaning to encompass even nonelectronic data. The FDA defines metadata as "the contextual information required to understand data." Therefore, metadata includes units (such as milligram), a date/time stamp, user ID, instrument ID, material status data, the material identification number and audit trails.
The term audit trail is defined as a secure, computer-generated, time-stamped electronic record that allows for reconstruction of the course of events relating to the creation, modification or deletion of an electronic record. The Final Guidance states that if the review frequency for the data is specified in CGMP regulations, then the frequency for the audit trail review should be the same. For example, since 211.188(b) requires review after each significant step in manufacture, processing, packing or holding, and 211.22 requires data review before batch release, the audit trails must be reviewed for each batch before that batch can be released for distribution.
Regarding invalidation of CGMP results and exclusion, the Final Guidance states, as expected, that invalidating test results to exclude them from quality unit decisions about conformance to a specification requires a valid, documented, scientifically sound justification. However, even if test results are legitimately invalidated on the basis of a scientifically sound investigation, the full CGMP batch record provided to the quality unit must include the original (invalidated) data, along with the investigation report that justifies invalidating the result. Similarly, it is not acceptable to only save the final results from reprocessed laboratory chromatography.
The Final Guidance states that access to CGMP computer systems should be restricted to authorized personnel, and that the system administrator role, including any rights to alter files and settings, should be assigned to personnel independent from those responsible for the record content. Likewise, shared login accounts for computer systems are not recommended, because shared logins make it hard to attribute data to a specific individual.
Regarding the use of blank forms, the Final Guidance states document controls must be in place to ensure quality. As such, the quality unit or other document control method should control the blank forms. Further, numbered sets of blank forms may be issued as appropriate, but all forms should be reconciled upon completion of all issued forms. Incomplete or erroneous forms should be kept as part of the permanent record along with written justification for their replacement.
The Final Guidance provides that records become a CGMP record when they are generated to satisfy a CGMP requirement. Therefore, the pieces of paper on which data are recorded cannot be discarded after the data are transcribed to a permanent laboratory. Similarly, storing electronic records in a manner that allows for manipulation without creating a permanent record is not acceptable.
The Final Guidance makes clear that the FDA prohibits manufacturers from sampling and testing with the goal of achieving a specific result or to overcome an unacceptable result (e.g., testing different samples until the desired passing result is obtained). If an actual sample is to be used for system suitability testing, it should be a properly characterized secondary standard, written procedures should be established and followed, and the sample should be from a different batch than the sample(s) being tested.
The Final Guidance stresses the training of personnel in preventing and detecting data integrity issues as part of a routine CGMP training program. Should an employee provide an internal tip or information regarding a quality issue, such as potential data falsification, a company should not handle it informally outside of the documented CGMP quality system. Instead, any data integrity problems should be remediated by formal investigation to determine the scope and root causes, conducting a scientifically sound risk assessment of the potential effects, and implementing a management strategy, including a global corrective action plan that addresses the root causes. Finally, FDA invites individuals to reach out to the FDA to report suspected data integrity issues that may affect the safety, identity, strength, quality or purity of drug products.
For Further Information
If you have any questions about this Alert, please contact Frederick R. Ball, Carolyn A. Alenci, Moreshwar (Moru) B. Vaze, Ph.D, any of the attorneys in our Life Sciences Industry Group or the attorney in the firm with whom you are regularly in contact.
Disclaimer: This Alert has been prepared and published for informational purposes only and is not offered, nor should be construed, as legal advice. For more information, please see the firm's full disclaimer.