In 2020 thus far, numerous warning letters have been issued from the FDA citing data integrity violations. Common findings violate principles of ALCOA+, 21 CFR Part 11, and the FDA’s data integrity guidance document. Some of these findings include:
- Deletion or manipulation of data
- Aborted sample analysis without justification
- Invalidated OOS results without justification
- Destruction or loss of data
- Failure to document work contemporaneously
- Uncontrolled documentation
Data integrity is of utmost importance in any CGMP manufacturing setting now more than ever. While data integrity guidance is not a new concept, there is increased scrutiny of data integrity and 21 CFR Part 11 compliance as electronic records have become the industry standard. For manufacturers trying to attain a high degree of data integrity, the FDA’s Data Integrity and Compliance with Drug CGMP Guidance for Industry document is a great tool to frame an approach to vigorous internal policies. This document is repeatedly referenced in FDA warning letters when companies are in violation of principles stated in the guidance. This document encourages manufacturers to implement effective and robust strategies to ensure that accurate and secure data management systems are in place and routinely monitored by the quality unit.
Another standardized tool referenced in numerous data integrity guidance documents for managing data integrity risks is ALCOA+. ALCOA+ provides a set of principles to be applied to all CGMP records; Attributable, Legible, Contemporaneous, Original, Accurate, Complete, Consistent, Enduring, and Available. Although ALCOA+ is not the final word for data integrity compliance, using these principles to challenge data generation and management strategies provides a strong framework for internal data management policies. Managing data integrity risks is essential to the safety, purity, quality, and efficacy of drug products.
21 CFR Part 11 is also exceptionally important for data integrity of electronic records and electronic signatures. 21 CFR Part 11 is a legally binding statute that companies must comply with when generating electronic records. There are many ways that validated instruments, software, and procedures can manage and mitigate data integrity risks and demonstrate compliance to 21 CFR Part 11. Software should be chosen that does not allow for data modification without a permanent record and that creates records attributable to who did the work, when, and why. Once an appropriate software is chosen, it should be validated to the rigors of 21 CFR Part 11 and data integrity guidance to actively demonstrate complete compliance and secure data. This year alone, numerous warning letters have been issued for data integrity violations. Many are obvious violations while some are discreet and could go undetected. The following are examples of data integrity observations issued from the FDA thus far in 2020 and considerations for avoiding such observations.
In March of this year a manufacturing site was found to be intentionally shredding and destroying records. Additionally, the site failed to integrate certain chromatography peaks due to disabled peak detection, which was against its procedure. Furthermore, investigation into unknown chromatography peaks was not conducted per procedure. This same company produced OOS results that were not properly investigated and replaced the OOS with a resample repeatedly, resulting in three failed results and an insufficient laboratory investigation. This occurred before accepting the fourth passing result. Based on guidance, data should never be destroyed, replaced, or overridden. Data should be protected and enduring. When data result in an unknown or OOS, the event should be documented and thoroughly investigated. Corrective and preventative actions should also be taken to protect the data lifecycle.
Another FDA observation this year found employees signing logbooks and batch records that should have been reviewed in weeks past. This clearly violates the “contemporaneous” requirement of ALCOA+. The gathering, review, and release of data should be documented contemporaneously, that is, at the time the work is performed. Procedures should dictate this requirement and analysts should be trained to document work at the time of completion to avoid discrepancies. Many software platforms take the work out of this for users by permanently recording who performed the work, when, and why in a secure audit trail – all in real time, with the inability to edit. These are all examples of overt data integrity violations. It is critical for any CGMP site to review, maintain, secure, and retain CGMP documentation. While many of these observations are overt violations, and some even appearing intentional, many violations are inadvertent and difficult to detect.
Subscribe to our e-Newsletters
Stay up to date with the latest news, articles, and events. Plus, get special offers
from American Pharmaceutical Review – all delivered right to your inbox! Sign up now
The FDA stated a recent finding from another company for aborted chromatography sample set runs. Although aborting a run is not necessarily forbidden, in the rare instances where a run must be aborted, there should be clear procedures and aborted runs should be investigated thoroughly. These actions were not performed by this company for the aborted runs. The same warning letter also stated deleted data as a finding. Data should never be deleted and everything possible should be done to secure and retain all CGMP data. Again, many software platforms eliminate the risk of deleting data all together by making this action prohibited. A warning letter issued to another company found that the company was printing uncontrolled copies of batch records and maintenance sheets. These copies were pre-printed and kept in an unsecured area. The same company could not locate raw data from a standard curve from an analytical assay. Analysts and operators should be properly trained to retrieve all data pertaining to CGMP processes for inspectors or to make important quality decisions regarding batch disposition. They were also found to be using scrap pieces of paper to record data of an analytical assay. Another company was found unable to produce laboratory data on product batches, violating the available principle of ALCOA+. A laboratory technician reported that raw data is routinely discarded. These observations all pose many data integrity concerns — data on uncontrolled scraps of paper and loss of data violate almost every principle of ALCOA+. Documents should be controlled and in original form to avoid loss or obstruction of original data.
A secure quality system must be in place to prevent any intentional or unintentional loss of CGMP data. Many software programs used with analytical instruments prevent loss of data under any circumstance, mitigating risks for such data integrity violations mentioned above. Software programs offer audit trails, various user permissions, inability to delete data, and many other features making it simple to automate compliance to data integrity guidance and 21 CFR Part 11. The bottom line is that data, paper or electronic, must be retained to make appropriate quality decisions and demonstrate proper control. All the above findings were referenced from warning letters issued thus far in 2020 alone. Data integrity is not going away, so it is critical to implement appropriate platforms for manufacturing and QC testing.
When thinking about these or any other data integrity concerns, it ultimately ties back to patient safety. It is of the utmost importance to have quality systems in place that demonstrate accuracy and integrity of data to ensure safety, quality, and efficacy of drug products. Handling data appropriately to manage and mitigate data integrity risks is critical to CGMP manufacturing. It is imperative to comply with the FDA’s data integrity guidance not only to avoid warning letters like these but ultimately to ensure quality products and patient safety.
Author Biography
Michelle Neumeyer is the Life Sciences Product Applications Specialist for the Sievers line of analytical instruments at SUEZ - Water Technologies & Solutions. Previously, Michelle has worked in Quality at Novartis and AstraZeneca, ensuring compliant water systems, test methods and instrumentation. Michelle has a B.A. from University of Colorado, Boulder in Molecular, Cellular and Developmental Biology.