Data Integrity related regulatory requirements, current Data integrity approach of Pharmaceutical industries, ALCOA+ Approach.

1. By
Deepak Mishra

2. Scope
What is Data Integrity…???
Regulatory Requirements for Data integrity
Recent Regulatory Changes
Comman Data integrity Issues
Process flow mapping in Data integrity
Criteria for Data integrity
Data Integrity Citations in Warning Letters
8/15/2014 2

3. What is Data Integrity…???
Generating, transforming, maintaining & assuring the
accuracy, completeness & consistency of the data over
its entire life cycle in compliance with applicable
regulatory requirements.
ICH Q10 Pharmaceutical Quality System defines the
associated life cycle processes.
8/15/2014 3

4. GMP Regulatory Requirements for Data
Integrity (21 CFR 211 Regulations 3) (Contd.)
Instrument must be qualified & fit for the purpose
(§211.160(b) ,§211.63).
Software must be validated (§211.63).
Any calculation must be verified (§211.68(b)).
Data generated in an analysis must be backed up
(§211.68(b)).
Reagents & Reference solutions to be prepared with
appropriate records (§211.194(c)).
8/15/2014 4

5. GMP Regulatory Requirements for Data
Integrity (21 CFR 211 Regulations 3) (Contd.)
Methods must be verified under actual condition of
use (§211.194(a)(2)).
Test data must be accurate & complete & follow
procedures (§211.194(a)).
Data & reportable value must be checked by second
individual to ensure accuracy, completeness &
conformance with procedures (§211.194(a)(8)).
Methods used must be documented & approved
(§211.160(a)).
8/15/2014 5

6. Recent Regulatory Changes (Contd.)
Three Regulatory changes on Data integrity in
regulatory laboratories :
A complete response from a company to all 483
observations within 15 business days.
Conducting Part 11 audits alongside normal GMP
inspections of companies. 21 CFR Part 11 is the
guidance on “ Electronic Records; Electronic
Signatures – Scope & Applications”.
8/15/2014 6

7. Recent Regulatory Changes
EU Monitoring the records of activities and specifically
mentions hybrid and fully electronic systems.
New EU GMP regulations for computerized systems
(Annex 11) and documentation (Chapter 4) released in
January 2011 and become effective on June 30, 2011.
8/15/2014 7

8. Hybrid System
Hybrid system - an environment consisting of both
Electronic & paper-based Records (frequently
characterized by handwritten signatures Executed on
paper). An example of hybrid system is the one in
which the system user generates an electronic record
using a computer based system & then is required to
sign that record as per GMP,GLP OR GCP
REQUIREMENTS.
8/15/2014 8

9. Comman Data Integrity Issues (contd.)
Comman Passwords : Not possible to identify who
creates or changes the data/records when analysts
share passwords.
User Privileges : No defined or segregated user levels
for modifications of methods/sequences and
integration.
8/15/2014 9

10. Comman Data Integrity Issues (contd.)
Processing methods : Integration process not
controlled & also no defined procedure of Integration.
Regulatory bodies more concerned over the re-
integration of chromatograms.
Audit Trails : Audit trail functionality turned off within
the system. As a result, impossible to trace who/when
modified the data & why.
8/15/2014 10

11. Comman Data Integrity Issues
Incomplete Data : Most comman data integrity issue.
Record not complete.
Computer System Control : No adequate control over
data & unauthorized access to modify, delete or not
saving electronic files and hence, may not be original,
accurate or complete.
8/15/2014 11

12. Process Flow Mapping in Data Integrity
Process Flow Mapping – A useful approach to focus on
electronic data for ensuring the Data integrity.
Map the workflow within the Laboratory, to identify &
list all the steps performed for each Analytical
Technique (from sample receipt to approval of results)
& each laboratory operations.
8/15/2014 12

13. Process
Flow
How
Actions
performed
How
Actions
recorded
Decisions
about the
action
Extent of
Manual or
Automated
process
Risk
associated
What
Actions
Performed
8/15/2014 13

14. Criteria for Data Integrity (contd.)
Widely Used Term “ALCOA”.
First used by Stan Woolen to help him remember
compliance terms relevant to Data Quality.
Sometimes referred as “ALCOA+” because they involve
additional terms based on European Medicines
Agency’s (EMA) concept on Electronic Data.
8/15/2014 14

15. 8/15/2014 15
A Attributable Who performed the action & when ? If
record is changed, who did it & why?
Who did it ?
Source Data
L Legible Data must be recorded permanently
in durable medium and be readable
Can you read it ?
Permanent recorded
C Contemporaneous Data should be recorded at the time
work performed
Was it done in real
time..?
O Original Is the information an original record
or certified true copy..??
Is it original or true
copy..?
A Accurate No error or editing performed
without documented amendments
Is it accurate ?
Complete All data including repeat or reanalysis
performed on the sample
21 CFR 211.194
Consistent Consistent application on data time
stamps in expected sequence
Date /time stamps
Enduring Recorded on controlled worksheets,
laboratory notebooks or media .
Medium used to
record data
Available Available/accessible for review/audit
for the lifetime of the record
For the lifetime of the
record

16. Data integrity Citations in warning letters (contd.)
Sun Pharmaceuticals Industries Ltd, Gujarat
(November 2013).
 Failure to include complete Data necessary to document he
analysis.
 Failure to assign or identify raw materials with a distinctive code,
batch & to identify the disposition of materials.
 Calibration records found torn.
 CAPA records found to be torn used to assign the extended due date
of ongoing CAPA.
 Numerous raw data files on HPLC & GC instruments found to be
deleted on computers used to operate the instruments.
 Testing of samples no. of times for passing the batches of product.
8/15/2014 16

17. Data integrity Citations in warning letters (contd.)
Wockhardt Limited , Aurangabad (March, 2013).
Presence of torn raw data records of calibration, stability
protocols in waste area.
Incomplete HPLC & GC data.
Facility of deletion of Raw Data files from hard drive.
No record & justification of any deviations from required
Quality control mechanisms.
Incomplete training record of Personnel.
8/15/2014 17

18. Data integrity Citations in warning letters (contd.)
USV Limited, Mumbai (June 2013)
 Failed to follow and document at the time of performance required
laboratory control mechanism (21 CFR §211.160(a)). Sample weight
prints found in backdated.
 Failed to exercise appropriate controls over computer or related
systems to assure that only authorized personnel institute changes
in controlled records & other documents.
 Disabled Audit Trails on GC, HPLC & other software operated
instruments .
 Shared Login Ids between QC personnel of instruments like GC,
HPLC.
 Lacks assurance for the periodic backup of the data & failure to
ensure that audit trails will not be disrupted in future.
8/15/2014 18

19. Data integrity Citations in warning letters (contd.)
Fresenius Kabi (January 2013, Kalyani)
Unofficial testing of samples as Trail, demo etc & not
reporting those results.
No investigation for OOS samples observed & also no
adequate procedure of investigation .
Facility of Unauthorized changes or deletion on
controlled electronic records.
Analysis of samples with “Testing into Compliance”
approach.
8/15/2014 19

20. Data integrity Citations in warning letters (contd.)
Apotex Pharmachem India (January 2014, Bangalore)
Failure to maintain the complete data from all laboratory tests.
Testing of samples with “Testing into complaince” approach.
Failure to document & investigate OOS results.
Failure to include adequate documentation during complaint
investigations.
Failure to record the analytical activities at the time they were
performed.
8/15/2014 20

21. Maintaining the Data Integrity
Including Data verification activities in internal audits.
Creating Awareness among the staff about the data
integrity importance.
Train internal auditors what & how to check the data
integrity deficiencies.
Incorporating data integrity assessments into their
Quality Assurance Programs.
8/15/2014 21

22. Summary
Data
Integrity
Compliance
Competitive
Advantage
8/15/2014 22
Always better to have Proactive
approach than Remedial Approach

23. 8/15/2014 23