Data integrity is the degree to which data are complete, consistent, accurate, trustworthy, reliable, and that these characteristics of the data are maintained throughout the data life cycle.

1. DATA INTEGRITY Ahmed Nouri
PharmD., MSc. Clinical
Pharmacy

2. OUTLINES
What is Data Integrity?
• Defining Data and Meta data.
• The Concept and Basics of Data
Integrity.
• ALCOA Principles
• Mistakes Versus Falsification or
Fraud.
How to implement Data Integrity?
•Practices; Top Failures and Ways to
avoid them.

3. Integrity
Data
Integrity
Data

4. DEFINING DATA AND METADATA
Data
Information derived or obtained from raw data, facts, figures and
statistics collected together for reference or analysis. (MHRA, 2018)
Raw data is defined as the original record (data) which can be
described as the first-capture of information, whether recorded on
paper or electronically

5. META DATA
•Meta Data are data used to describe other data.
•It can be used to describe information such as file type,
format, author, user rights, etc. and is usually attached to
files, but invisible to the user.
•For example, author, date created, date modified, and file
size are examples of very basic document metadata.
•Having the ability to filter through that metadata makes it
much easier for someone to locate a specific document.

6. AUDIT TRAIL
Secure, computer-generated,
time-stamped electronic record
that allows for reconstruction of
events relating to the creation,
modification, or deletion of an
electronic record.
Example: audit trail for an HPLC
run could include username,
date/time of run, integration
parameters used, details of a

7. INTEGRITY
BEING HONEST, EVEN
WHEN NOBODY IS
WATCHING.
Quality
Quality means doing it
right when nobody is
looking.
Integrity
The quality of being
honest and having
strong moral
principles.
Internal consistency or
lack of corruption

8. DATA INTEGRITY.
Data integrity is the degree to which data
are complete, consistent, accurate,
trustworthy, reliable and that these
characteristics of the data are maintained
throughout the data life cycle.
DATA LIFE CYCLE:
From initial data generation and recording
through processing (including
transformation or migration), use,
retention, archiving, retrieval and
destruction.

9. REGULATORS VIEW
Data Integrity breach break the trust between
Industry and Regulatory Agencies .
between the inspections, batch release, … etc ::
we trust you to do the right thing when the
regulatory agency are not watching.
If they find compliance gaps, regaining trust can
be costly, and time-consuming Task.
Karen Takahashi Senior Policy Adviser to USFDA

10. DATA INTEGRITY - PURPOSE
 Assures the quality, safety and efficacy of the drugs
documented record available to represent the quality of
the product after sold
 Reliability of the data is important
 Questioning data integrity = loss of trust
 Submitting false data to the FDA is a criminal violation
 FDA has a “zero tolerance” policy for data integrity

11. WHAT ARE DATA INTEGRITY
BREACH ?
1. Falsification / fabrication
2. Dishonest / malicious
3. Hiding
4. Bad practice: Shortcuts, etc

12. KNOW THE DIFFERENCE BETWEEN
POOR/BAD PRACTICES AND
FALSIFICATION
•Human errors data entered by mistake
•Ignorance (not aware of regulatory
requirements or poor training)
•Errors during transmission from one
computer to another
•Changes due to software bugs or
malware of which the user is unaware
•Use of non-validated software
applications/Spreadsheets
•Discarding source documents after
accurate transcription;
•Hardware malfunctions
•Willfully falsification of data or
fraudulent data (with the intent
to deceive)
•Selection of good or passing
results (exclusion of poor or
failing results)
•Unauthorized changes of post
acquisition data
• overwriting, change the name /
data

13. FDA FINDINGS RELATED DATA
INTEGRITY
Backdating/Postdating/missing /mismatching Signatures
Data manipulation/ data falsification,
Copying existing data as new data
Not saving the actual electronic or deleting electronic data after Printing-
Chromatograms
Disposing the original hard copies
Not reporting of failures and deviations
Releasing the failing product
Hiding/obscuring /withholding critical information etc
Mismatch between reported data and actual data

14. DATA INTEGRITY – REGULATORY
REQUIREMENT
FDA September 1991: Application Integrity Policy – Fraud, Untrue
Statements of Material Facts, Bribery, and Illegal Gratuities
FDA Guidance for Industry April 2016: Data Integrity and Compliance
With CGMP
MHRA Guidance March 2018: GXP Data Integrity Guidance and
Definitions
WHO Guidance September 2015: Good Data and Record Management
Practices
PIC/S Guidance Good Practices For Data Management And Integrity In
Regulated GMP/GDP Environments - November 2018
EMA Questions & Answers August 2016

15. MHRA -DATA INTEGRITY DEFINITIONS
AND
GUIDANCE
Handwritten entries should be made in
a clear, legible, indelible way.
Records should be made or completed
at the time each action is taken and in
such a way that all significant activities
concerning
the manufacture of medicinal products
are traceable.
Any alteration made to the entry on a
document should be signed and dated;
the alteration should permit the
reading of the original information.
Where appropriate, the reason for the
alteration should be recorded.

16. DATA INTEGRITY AS PER USFDA
Data integrity is critical to regulatory compliance, and the
fundamental reason for 21 CFR Part 11.
Many regulatory bodies as the FDA, Health Canada and the EMEA
recommend the use of:
ALCOA
to ensure good documentation practices in pharmaceuticals

17. ALCOA PRINCIPLE
ATTRIBUTABLE
WHO
PERFORMED
AND WHEN?
LEGIBLE
CAN IT BE READ?
PERMANENT
RECORD
CONTEMPORANEOU
S
RECORDED AT THE
TIME THE ACTIVITY
WAS PERFORMED
ORIGINAL
ORIGINAL
RECORD OR
CERTIFIED TRUE
COPY
ACCURATE
ERROR FREE
A L C O A

18. ATTRIBUTABLE
It includes who performed an action and when. This can be recorded
manually by initialing and dating a paper record or by audit trail in an
electronic system.
It is important to ensure a signature log is maintained to identify the
signatures, initials and/or aliases of people completing paper records.
For example:
During a validation, test results should be initialed and dated by the
person executing the test.
Adjustment of a setpoint on a process or monitoring system should
be made by an authorized user and the details of the change logged
in an audit trail.
A correction on a lab record should be initialed and dated to show
when and who made the adjustment

19. ATTRIBUTABLE MISTAKES
•Common User ID and password or sharing
•Disable of audit trail : Not able to identify the person who did the
activities or changed.
•Admin user ID is as “Admin” and who is access? Not able to indentify.
•Analyst doesn’t log out of PC in HPLC. Subsequent analysis is
performed by second analyst under same login.
•Design of forms/ record: BPR does not have space for recording
observation or additional information / signature.
•Two persons are performing the activity and one person signing

20. LEGIBLE
Readability
All data recorded must be legible (readable) and
permanent.
Ensuring records are readable and permanent assists with
its accessibility throughout the data lifecycle. This
includes the storage of human-readable metadata that
may be recorded to support an electronic record.
For example:
GDP will always promote the use of indelible ink when
completing records.
When making corrections to a record, ensure a single line
is used to strike out the old record. This ensures the
record is still legible.
Controlling your paper records/forms and formatting
them such that there is ample room for the information to
be recorded.

21. CONTEMPORANEOUS
Contemporaneous means to record the result,
measurement or data at the time the work is
performed. Date and time stamps should flow in
order of execution for the data to be credible.
Data should never be back dated.
For example:
If executing a validation protocol, tests should be
performed, and their results recorded as they happen
on the approved protocol.
Data that is logged, or testing that is performed

22. CONTEMPORANEOUS MISTAKES
Second person /witness ( eg weight) enter the data by observer at the actual
time; but second person only signing at end of the shift.
Electronic version of the excel output saved on personal drive and printed in
a later time.
Time clock is not available/ accessible where the activity is performed. Eg.
maintenance activity at near by /away
Unavailability of form, raw data sheet and log books right place.
Recording data in white paper /scrap papers / post it and entered the data
in actual record later
Non compliance with Good documentation practices (back date /forward
date).

23. ORIGINAL
Original data, sometimes referred to as source data or primary data, is the
medium in which the data point is recorded for the first time. This could be a
database, an approved protocol or form, or a dedicated notebook. It is
important to understand where your original data will be generated so that its
content and meaning are preserved.
For example:
Ensure validation test results are recorded on the approved protocol.
Recording results in a notebook for transcription later can introduce errors.
If your original data is hand written and needs to be stored electronically,
ensure a “true copy” is generated, the copy is verified for completeness and
then migrated into the electronic system.

24. ACCURATE
For data and records to be accurate, they should be free from errors,
complete, truthful and reflective of the observation. Editing should
not be performed without documenting and annotating the
amendments.
For example:
Use a witness check for critical record collection to confirm accuracy
of data.
Consider how to capture data electronically and verify its accuracy.
Build accuracy checks into the design of the electronic system.
Place controls/verification on manual data entry, for example,
temperature results can only be entered within a predefined range of
0-100°C.

25. ACCURATE
X Operator records a passing value for IPC result, even though they
never performed the test, as they know this attribute never fails.
X Actual result is failing , so data is discarded; the system adjusted to
get passing results to avoid an OOS.
X Flow meter readings are recorded with the “typical” value, rather
than the ( start and end) actual value.
X Data is recorded on paper, however during transcription the
numbers are accidentally reversed.
X Data from passing run is re-named, and used for a different
sample to ensure a result within specification.

26. + COMPLETE
X Deleting selective data (deviation/OOS) and retaining
desired data.
X Worksheets/ notebooks not reconciled or controlled.
X Data printout without instrument ID, analyst name, method name,
or date, or time …. analysis.
X Three technicians work on a complex calibration, but only one
person’s name is on the record.
X Data printout is retained as raw data, original meaningful metadata
is discarded.

27. + CONSISTENT
X Batch record steps are filled inconstantly- based on the operators
time.
X Recorded info may found ambiguity in the process or data, which
may be due to inadequate design of worksheet /
format. Eg parallel activity / sequential activity…
X System flashes the results and the results disappears before
operator can record the data. Eg rpm of reactor/cfg
X System allows you to preview data prior to naming or saving the
record.

28. + ENDURING
X Thermal paper is used for equipment printouts, but copies are not
made available.
X New software upgraded for the system, but existing data could not
be retrieved due to old version of software
X Poor quality of printed report/ BPRs
X Record the data in temporary manner and forget . Eg QC chemists
writes in butter papers, post-it notes, etc.,
X Not storing the data from the system / not taking backup

29. + AVAILABLE
OOS results are hideout in separate folder and frequently deleted.
Files are not backed up, and data is deleted from the system
periodically .
Records are not archived until its complete retention period.
Validated spreadsheet is not backed-up.

30. TIPS FOR DATA INTEGRITY -
IMPLEMENTATION
Establish a “Data Integrity policy” .
Describe the DI and consequences of DI breach /falsification of data
Training on the DI policy or procedure .
Establish a GDP so that even the most innocent recording issues cannot
be perceived as fraudulent
Design systems to prevent DI
Keep the BPRs / Log books / at work place to assess and record
Control over templates/ formats/ blank papers
Setting proper access to users/ audit trail
Connect recorder / printouts / Access to Clock for recording time

31. CONCLUSION
In the pharmaceutical industry, data integrity play an important role to
maintain the quality of a final product because the poor practice can
allow the substandard product to reach patients, so it’s necessary for
an existing system to ensure the data integrity, data traceability, and
reliability. On quality bases, data integrity is a critical component of a
Quality System. Quality data provides the base for the confidence of the
company to utilize correct data to operate in accordance with
regulatory requirements.
Data integrity is critically important to regulators for various reasons,
including patient safety, process, and product quality. The integrity and
trustworthiness of the data provide a baseline for the regulators'
opinion about the company.
It’s also the responsibility of the manufacturer to prevent and detect
poor data integrity practices which occur due to the lack of quality
system effectiveness. Quality Risk Management (QRM) approach can
prevent, detect and control potential risks where data is generated and
used to make manufacturing and quality decisions, ensure it is
trustworthy and reliable.

32. THANK YOU
PharmD., MSc Clinical
Pharmacy
Ahmed
Nouri