Are You Managing Your Electronic Health Records Properly? According to the ECA Academy, MHRA inspectors have recently noticed several major findings during their inspections. Issues have been noted with audit trails, access and security, scanning and certified copies.
The scope of the FDA document includes drugs, biologics, and positron emission tomography drugs. The agency also states the requirements are consistent with the requirements in ICH Q7, Good Manufacturing Practice Guide for Active Pharmaceutical Ingredients, thus expanding the scope of the document to APIs and drug substances. The FDA states it is the “role of management with executive responsibility to create a quality culture where employees understand that data integrity is an organizational core value. …”
Data Integrity continues to be one of the hottest topics in our industry and for very good reason. Without the necessary systems and/or processes in place to ensure data integrity throughout the product lifecycle, product quality and patient safety issues are more difficult to detect and therefore mitigate in a timely fashion.
It is important to understand what data integrity really means in order to be compliant. Essentially, it refers to the fact that data must be reliable and accurate over its entire lifecycle. Data integrity and data security go hand in hand, even though they’re separate concepts. Uncorrupted data (integrity) is considered to be whole and then stay unchanged relative to that complete state.
Quality metrics, quality culture, and data integrity are of particular concern to both the industry and regulatory authorities. Pharmaceutical Online has published an interesting history of how these three areas have come together in establishing current global regulatory expectations.
Ensuring data integrity is a crucial task for drug manufacturers wishing to stay out of trouble with the FDA, a top enforcement official at the agency told an industry conference.
“Everything else that we do is based on the integrity of the data,” Douglas Stearn, the director of the Office of Enforcement and Import Operations in the Office of Regulatory Affairs, said at the 12th annual FDA Inspections Summit, sponsored by FDAnews. “When you’ve got this problem, you’ve got a very big problem.”
The FDA views data integrity as a good manufacturing practice issue, and the agency can determine that a product is adulterated if it uncovers evidence of falsification, manipulation or concealment of data about test results, batch processing or other operations, Stearn said.
Sometimes companies land in hot water over issues that can seem “shockingly small,” such as falsification of work records to generate unearned overtime payments, which can raise questions about overall control of the information system. Managers may be unaware of these problematical practices, so accountability is key, he said.
“Innocent people can be put in a bad place,” Stearn said. “Your system should be able to tell who’s on it, and doing what.”
In the years after the Hatch-Waxman act was passed in 1984, the generic drug industry was hit by scandals that still cast a shadow over the FDA’s policing of data integrity, Stearn said. Companies manipulated data to move their abbreviated new drug applications to the front of the line, and in one case, an FDA reviewer was prosecuted for taking payoffs, Stearn said.
Data integrity enforcement is changing as more records are computerized and more foreign companies join the drug supply chain, he said. It can be difficult for the agency to prosecute violators abroad because of the absence of subpoena power and different practices regarding court summonses and evidence, Stearn said. Another check on American enforcement clout in India and China, the largest overseas drug producers, is the lack of extradition treaties between those two countries, respectively, and the United States, he said.
Stearn pointed drug manufacturers to two reference sources for data integrity guidelines:
• FDA regulations, which include requirements such as “backup data are exact and complete,” data is “secure from alteration, inadvertent erasures, or loss”, certain activities are “documented at the time of performance” and that a company maintain “complete records of all tests”.