By Independent Consultant, Brian Nadel
Data Integrity needs to be taken seriously in the pharmaceutical industry today and always! The FDA has issued many Warning Letters and Import Alerts to dosage form and Active Pharmaceutical Ingredient (API) manufacturers in the past several years. Manufacturers need to understand that once FDA finds some of your data to be unreliable, then they consider all your data unreliable. Many companies continue to use paper records [21 CFR Part 11 does not require you to use electronic records] and this is acceptable.
Problems have been found recently with the lack of compliance with chromatographic data acquisition systems used in quality control laboratories to test the potency of drugs and API. These data systems such as LIMS and Empower must be validated to comply with the regulations in 21 CFR Part 11. Electronic audit trails include those that track creation, modification, or deletion of data (such as processing parameters and results), those that track actions at the record or system level, such as attempts to access the system or rename or delete a file.
The Data Integrity regulations have been official since 1997. These new regulations have enabled a new industry to sprout, 21 CFR Part 11 compliant hardware and software. In addition to the hardware and software companies, consulting companies specifically focused on Data Integrity Compliance have also arisen. Please use caution as these electronic data systems must be validated at your site, using your systems, to truly claim that these systems are validated. Do not just take the vendor’s word for it that their data systems are compliant with this new regulation.
FDA expects that data to be reliable and accurate. CGMP regulations and guidance allow for flexible and risk-based strategies to prevent and detect data integrity issues. Firms should implement meaningful and effective strategies to manage their data integrity risks. This should be based upon their process understanding and knowledge management of technologies and business models. In recent years, FDA has increasingly observed CGMP violations involving data integrity during CGMP inspections. This is troubling because ensuring data integrity is an important component of Industry’s responsibility to ensure the safety, efficacy, and quality of drugs, and of FDA’s ability to protect the public health. Not to mention compliance with FDA regulations is the most sound business model for success.
The following statement is taken from a Warning Letter issued to a foreign manufacturer in 2016:
Our inspection revealed that your firm selectively omitted CGMP records directly related to the testing and manufacturing of your products. You are responsible for the accuracy and integrity of the data generated by your firm. A firm must maintain all raw data generated during each testing and manufacturing operation, including graphs, charts, and spectra from laboratory instrumentation. You must properly identify these records to demonstrate that each released batch was manufactured in accordance with validated parameters, was tested appropriately, and met release specifications. Your firm’s executive management is responsible for ensuring the quality and safety of your products. Implementing adequate controls and systems to prevent omission and manipulation of laboratory data is at the foundation of fulfilling this critical responsibility.
FDA’s Guidance for Industry on Data Integrity and Compliance With CGMP is available at http://www.fda.gov/downloads/drugs/guidancecomplianceregulatoryinformation/ guidances/ucm495891.pdf
This guidance contains a wealth of information, which will help companies understand the definitions and requirements regarding data integrity. FDA’s Introduction to this guidance is included as follows: The purpose of this guidance is to clarify the role of data integrity in current good manufacturing practice (CGMP) for drugs, as required in 21 CFR parts 210, 211. This guidance provides the Agency’s current thinking on the creation and handling of data in accordance with CGMP requirements. These data integrity regulations are included in 21 CFR Part: 11 Electronic Records; Electronic Signatures. This URL includes the 21 CFR Part 11 regulations: https://www.accessdata.fda.gov/scripts/cdrh/cfdocs/cfcfr/CFRSearch.cfm?CFRPart=11
As always, consultants with expertise in data integrity, such as EAS Consulting Group, can provide the independent third-party validation that your company needs to ensure processes and procedures are accurately testing the data in question and that data is yielding meaningful results needed to verify integrity and validation. As mentioned, once FDA finds some data to be unreliable it considers all data to be unreliable. Full compliance with 21 CFR 11 will enable FDA to have trust that your data results and ultimately products are safe to market in the US, saving time and money.