Let’s discuss a great topic, that of Data Integrity. Has everyone read the MHRA GXP Data Integrity Guidance and Definitions? Issued March 2018, this guideline focuses on the promotion of a risk-based approach to data management that includes data risk, criticality and lifecycle. The guideline covers all GxP’s (and in my opinion, concepts of data integrity should also be applied even before GLP, in the research arena), so this mini-article will just give a flavor of some considerations as they relate to GCP.
What is data integrity? The definition used by the FDA for internal training: is “Data are of high quality if they are fit for their intended uses in operations, decision-making and planning . . . as data volume increases, the question of internal consistency within data becomes paramount.” The ALCOA acronym used by the FDA to define expectations is: Attributable, Legible, Contemporaneous, Original, and Accurate. The MHRA additionally refers to "ALCOA+" where the "+" stands for Complete, Consistent, Enduring and Available.
Data integrity is also agnostic of the system used, be it electronic, paper, a hybrid of the two or other imaging techniques, such as photographs. Instances of data integrity failure can occur at almost any point in the creation of data for a clinical trial, so let’s talk about some multi-dimensional strategies you can consider to help prevent and mitigate data integrity issues:
- Let’s start with procedural documents (Policies, SOP's, Risk Management Plans etc.); these are a must. They need to clearly state how you will handle data integrity issues, including serious breaches. Serious breaches must be reported to the local Authority according to local regulations, e.g. MHRA requires notification within seven days.
- Do you have Data Risk Management plans as part of your Quality system? Do they deal with issues such as might occur at data creation, data transmission and data archiving? Are you clear on all the definitions? Are you able to demonstrate an acceptable state of control?
- Are you thinking about performing Data Integrity Risk Assessments (DIRA's) (see also audits below)?
- Do you have a committee (remember charters and quorums!) who are called upon to discuss and make decisions on serious data integrity issues?
- Has everyone been trained in the concepts of Good Data Practices and how to report issues internally?
- If you use vendors, do the contractual obligations clearly state data integrity responsibilities, e.g. reporting to sponsors and/or Health Authorities, communication flows and documentation requirements?
- Do you qualify your vendor for data creation, transmission and storage?
- Do you apply robust strategies and diligence in selecting and engaging Clinical investigators, sites and site staff?
- Do you perform site and system audits - both routine and for cause?
- Are you applying advanced statistical methods for detecting data issues?
- Where weaknesses are detected, (by audit or self-identified) are you capturing these in your CAPA system?
As I wrote each line, I could have gotten carried away and added so much more, so I hope your data is delightful and this is enough to encourage you to learn more about this fascinating and critical topic.
About the Author: Jane Wood is the Principal of YourEncore's Quality Center of Excellence. With over 40 years global experience, Jane has led small and large teams of Quality professionals to mitigate risk and develop R&D Quality solutions. Jane currently leads a team of subject matter experts offering in-depth experience in all sections of Quality and GxP.