European Pharmaceutical Review explores how a surge in the number of warning letters for data integrity failings have prompted regulators to publish new guidelines.
Several reports highlight a rise in the number of health authority enforcement actions, such as warning letters, import alerts, product detentions and suspensions or revocations of marketing authorisations, as a result of poor data integrity (DI) practices in the manufacture and testing of pharmaceuticals.
This report addresses the key factors shaping pharmaceutical formulation, including regulation, QC and analysis.
Access the full report now to discover the techniques, tools and innovations that are transforming pharmaceutical formulation, and learn how to position your organisation for long-term success.
What you’ll discover:
Key trends shaping the pharmaceutical formulation sector
Innovations leading progress in pharmaceutical formulation and how senior professionals can harness their benefits
Considerations and best practices when utilising QbD during formulation of oral solid dosage forms
Can’t attend live? No worries – register to receive the recording post-event.
One report produced by Deloitte implies that DI violations account for over 40 percent of warning letters issued globally. Of note, Asian pharmaceutical manufacturers received almost three quarters of the total number of DI-based warning letters in 2017.1
These unacceptable documentation and record management practices have been highlighted during inspections of good manufacturing practice (GMP), good clinical practice (GCP) and good laboratory practice (GLP).
To combat failings in DI, the World Health Organization (WHO), UK Medicines and Healthcare products Regulatory Agency (MHRA) and US Food and Drug Administration (FDA) have all issued draft guidance on practices, which may come into effect during 2020.
According to the WHO guidelines: “Data integrity is the degree to which data are complete, consistent, accurate, trustworthy and reliable.”2
The WHO guidelines suggest the rise in DI infringements may be due to:
too much reliance on human practices
the use of computerised systems that are not appropriately managed and validated
failure to adequately review and manage original data and records.
Complete and accurate data is vital because regulatory bodies use this as an indication of product efficacy and reliability of each piece of equipment or process. Regulatory bodies do not look at every individual data item at each clinical or manufacturing facility they audit.
The FDA and data integrity
The FDA breaks down the requirements for DI under the acronym ‘ALCOA’:3
Attributable – each data item must record who created it, and when and why it was created
Legible – records must be able to be read and be permanent enough to be accessible throughout their data lifecycle
Contemporaneous – data should be recorded at the time the work is performed; this can be using the server time from the organisation’s system or by adding a time zone
Original – original data (also known as primary data) should be recorded
Accurate – without error, the data should be complete, truthful and reflective of the observation.
Each of these principles were contravened at some point in 2019 by pharma who received warning letters sent by the FDA. Some of the letters cited editing or deleting data so that only passing results were included in batch reviews, repeated retesting of data to achieve a specific result, deleting raw data, blocking audit trails and backdating data entries.
Challenges in maintaining data integrity
According to some, the main pressure in DI compliance is the drive to convert to electronic records, which has left some companies with a ‘hybrid system’ – half on paper and half digital. The WHO guidelines state these systems should be avoided and updating to an all-digital system should be the priority for any companies in this position.
…Among the challenges for companies attempting to maintain DI is the rise of digitalisation, which can be time consuming and complicated”
However, this is easier said than done. If an average pharmaceutical quality control laboratory needed to update its systems, the process of installing a fully computerised structure may take over six months to validate. One expert, Dr Christoph Jansen, Mettler Toledo’s Technical Key Account Manager, suggested that off-the-shelf software solutions are likely to give the best levels of compliance, because individualised software systems may not capture all the data required and can be difficult to validate and maintain, as well as add new equipment to.4
Another factor impacting DI is the insufficient or inefficient training of employees. Many employees, especially in developing countries, may undergo a high number of training sessions in a short time period, yet reports indicate as much as 75 percent of this type of intense training is worthless.5 Instead, experts suggest a gradual learning process could result in better knowledge surrounding DI. A report by Deloitte indicates companies should also ensure their training materials are of sufficient quality and that staff are able to attend every training session.1
Takeaways from the new guidelines
Senior management is responsible for establishing and implementing a data governance system. Should that system be digital, there must be an access and privileges framework in place that applies the appropriate controls for each user (eg, no modification, deletion or creation of data). Furthermore, unique usernames and passwords should be utilised for systems and should not be shared or used by other staff members.2,6
Audit trails should reflect users, dates, times, original data and results, changes and reasons for changes. They should be enabled when software is installed and remain enabled throughout the equipment’s lifespan.2
Any known falsification or data changes cannot be dealt with informally. Instead, they should be fully investigated under a Good Practice control system to ascertain the possible impact on patient safety, product quality and data reliability. Furthermore, companies must ensure they determine the root cause and ensure any corrective actions are taken. Companies should be able to demonstrate evidence of the investigation and actions taken.6
Enterprises must also be cognisant that they are responsible for the integrity of data regarding their product even if the work is outsourced. Beyond their own internal governance systems, companies that use subcontractors or outsourcing organisations must verify that the external company’s systems are adequate and that they maintain data integrity across all sources. The WHO guidelines state clauses should be laid out in writing about how often and who is responsible for checking that outsourcing facility data records are compliant.2
Conclusion
A rise in the number of DI breeches during 2019 has encouraged regulatory bodies, such as the WHO and FDA, to publish guidelines on good documentation practices and how data should be inputted and handled. Among the challenges for companies attempting to maintain DI is the rise of digitalisation, which can be time consuming and complicated, but there are regulations and advice for companies to ensure they can fully comply.
This website uses cookies to enable, optimise and analyse site operations, as well as to provide personalised content and allow you to connect to social media. By clicking "I agree" you consent to the use of cookies for non-essential functions and the related processing of personal data. You can adjust your cookie and associated data processing preferences at any time via our "Cookie Settings". Please view our Cookie Policy to learn more about the use of cookies on our website.
This website uses cookies to improve your experience while you navigate through the website. Out of these cookies, the cookies that are categorised as ”Necessary” are stored on your browser as they are as essential for the working of basic functionalities of the website. For our other types of cookies “Advertising & Targeting”, “Analytics” and “Performance”, these help us analyse and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these different types of cookies. But opting out of some of these cookies may have an effect on your browsing experience. You can adjust the available sliders to ‘Enabled’ or ‘Disabled’, then click ‘Save and Accept’. View our Cookie Policy page.
Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
Cookie
Description
cookielawinfo-checkbox-advertising-targeting
The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Advertising & Targeting".
cookielawinfo-checkbox-analytics
This cookie is set by GDPR Cookie Consent WordPress Plugin. The cookie is used to remember the user consent for the cookies under the category "Analytics".
cookielawinfo-checkbox-necessary
This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-performance
This cookie is set by GDPR Cookie Consent WordPress Plugin. The cookie is used to remember the user consent for the cookies under the category "Performance".
PHPSESSID
This cookie is native to PHP applications. The cookie is used to store and identify a users' unique session ID for the purpose of managing user session on the website. The cookie is a session cookies and is deleted when all the browser windows are closed.
viewed_cookie_policy
The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.
zmember_logged
This session cookie is served by our membership/subscription system and controls whether you are able to see content which is only available to logged in users.
Performance cookies are includes cookies that deliver enhanced functionalities of the website, such as caching. These cookies do not store any personal information.
Cookie
Description
cf_ob_info
This cookie is set by Cloudflare content delivery network and, in conjunction with the cookie 'cf_use_ob', is used to determine whether it should continue serving “Always Online” until the cookie expires.
cf_use_ob
This cookie is set by Cloudflare content delivery network and is used to determine whether it should continue serving “Always Online” until the cookie expires.
free_subscription_only
This session cookie is served by our membership/subscription system and controls which types of content you are able to access.
ls_smartpush
This cookie is set by Litespeed Server and allows the server to store settings to help improve performance of the site.
one_signal_sdk_db
This cookie is set by OneSignal push notifications and is used for storing user preferences in connection with their notification permission status.
YSC
This cookie is set by Youtube and is used to track the views of embedded videos.
Analytics cookies collect information about your use of the content, and in combination with previously collected information, are used to measure, understand, and report on your usage of this website.
Cookie
Description
bcookie
This cookie is set by LinkedIn. The purpose of the cookie is to enable LinkedIn functionalities on the page.
GPS
This cookie is set by YouTube and registers a unique ID for tracking users based on their geographical location
lang
This cookie is set by LinkedIn and is used to store the language preferences of a user to serve up content in that stored language the next time user visit the website.
lidc
This cookie is set by LinkedIn and used for routing.
lissc
This cookie is set by LinkedIn share Buttons and ad tags.
vuid
We embed videos from our official Vimeo channel. When you press play, Vimeo will drop third party cookies to enable the video to play and to see how long a viewer has watched the video. This cookie does not track individuals.
wow.anonymousId
This cookie is set by Spotler and tracks an anonymous visitor ID.
wow.schedule
This cookie is set by Spotler and enables it to track the Load Balance Session Queue.
wow.session
This cookie is set by Spotler to track the Internet Information Services (IIS) session state.
wow.utmvalues
This cookie is set by Spotler and stores the UTM values for the session. UTM values are specific text strings that are appended to URLs that allow Communigator to track the URLs and the UTM values when they get clicked on.
_ga
This cookie is set by Google Analytics and is used to calculate visitor, session, campaign data and keep track of site usage for the site's analytics report. It stores information anonymously and assign a randomly generated number to identify unique visitors.
_gat
This cookies is set by Google Universal Analytics to throttle the request rate to limit the collection of data on high traffic sites.
_gid
This cookie is set by Google Analytics and is used to store information of how visitors use a website and helps in creating an analytics report of how the website is doing. The data collected including the number visitors, the source where they have come from, and the pages visited in an anonymous form.
Advertising and targeting cookies help us provide our visitors with relevant ads and marketing campaigns.
Cookie
Description
advanced_ads_browser_width
This cookie is set by Advanced Ads and measures the browser width.
advanced_ads_page_impressions
This cookie is set by Advanced Ads and measures the number of previous page impressions.
advanced_ads_pro_server_info
This cookie is set by Advanced Ads and sets geo-location, user role and user capabilities. It is used by cache busting in Advanced Ads Pro when the appropriate visitor conditions are used.
advanced_ads_pro_visitor_referrer
This cookie is set by Advanced Ads and sets the referrer URL.
bscookie
This cookie is a browser ID cookie set by LinkedIn share Buttons and ad tags.
IDE
This cookie is set by Google DoubleClick and stores information about how the user uses the website and any other advertisement before visiting the website. This is used to present users with ads that are relevant to them according to the user profile.
li_sugr
This cookie is set by LinkedIn and is used for tracking.
UserMatchHistory
This cookie is set by Linkedin and is used to track visitors on multiple websites, in order to present relevant advertisement based on the visitor's preferences.
VISITOR_INFO1_LIVE
This cookie is set by YouTube. Used to track the information of the embedded YouTube videos on a website.