Latest news on numerous data integrity violations exposed by governing bodies has generated a great deal of interest and has been a matter of concern for companies that actively operate in regulated environments.
Shown in Figure 1 is the rise in violations of data integrity aspects during current good manufacturing practice (cGMP) inspections.(1)
Figure 1. Number of data integrity violations over the last years.
In order to better understand the topic data integrity and its needs, this article gives an outline of major terms employed in this context and provides instances of software functionalities which help in meeting the requirements specified in the FDA guidelines for data integrity.(2)
Data Integrity Terms — An Explanation
Data integrity comprises several aspects that are summed up under the acronym ALCOA+ and ALCOA, which stands for the requirements attributable, legible, contemporaneous, original, and accurate. This group of requirements has been lately extended by the aspects complete, consistent, enduring, and available (ALCOA +). A detailed explanation of these requirements with examples can be found in the chapter The ALCOA Principle.
Data and Metadata
In their data integrity guideline, the FDA has differentiated between “data” and “metadata.” Data are known to be a collection of facts, which can, for instance, be a record, a number, or a list of measurements. On the other hand, metadata, also known as contextual data, offers extra information describing data, for instance, by whom and when a measurement was carried out. Both data types are invariably needed for data integrity and more particularly for the needs of consistency, transparency, and reproducibility (see Figure 2).
Figure 2. Display of metadata in Vision Air for a single measurement. Timestamps, user names, operating procedure type, to name only a few, are displayed together with the collected spectrum and the predicted results.
Dynamic and Static Data
Aside from the difference between metadata and data, data can also be divided as being static or dynamic. Static data contains all non-changeable data, like records stored as PDF or on paper. On the other hand, electronic records, in which users have the option to make changes, are defined as dynamic data. The latter provides convenience to users, but at the same time, it presents a risk of losing transparency. This risk has to be accounted for, for example, through automatic history tracking.
A classic example of how dynamic data can be tracked is shown in Figure 3. Signing events (signing on varied levels, withdrawing signatures, or adding comments) are automatically recorded in the Vision Air software.
Figure 3. Display of changes for dynamic data. All signing and withdrawing steps are clearly documented, allowing users to track the individual steps performed.
The ALCOA Principle
The ALCOA+ and ALCOA requirements form the basis to attain data integrity. All of these requirements have a considerable overlap with requirements stipulated in the FDA 21 CFR Part 11 regulation. Therefore, when attempting to attain data integrity, it is recommended to use software that has been developed in line with 21 CFR Part 11 requirements to ease the effort.
Conversely, it is significant to emphasize that similar to attaining compliance with the 21 CFR Part 11 guideline, software functionalities will cover only parts of these requirements, and more accurately, the technical ones. That is why compliant-ready software can only serve as a strong base to realize data integrity. In order to attain a data integrity process, it is important to define aspects within the company, which is usually done by applying standard operating procedures.
In the below sections, each aspect is first described in brief, followed by a presentation of a practical example based on Metrohm’s Vision Air software.
Attributable — When Did Who Do What?
To conform to data integrity requirements, workflows need to be traceable. As mentioned in the previous chapter, a combination of both data and metadata is required. The requirement of attributability focuses on the availability of metadata, specifically the user ID and the timestamp for each measurement.
The usual sample registration information field produced for each measurement in the Vision Air software is shown in Figure 4. A predefined operating procedure, which provides direction to the operator, is followed by each measurement. The user information and timestamp by whom and when a measurement was carried out are monitored. A unique user ID and a username identify the user. User-defined fields can be added for more information. In this case, an input field for a batch number was generated.
Figure 4. Sample registration window during routine analysis in Vision Air. Both automatically created and user-entered metadata are available for each measurement.
Legible — Do Data Remain Readable Through the Complete Lifecycle?
The requirement of legibility states that data and metadata must be readable and permanent. While this may sound trivial, the implementation can be challenging, especially with regard to long-term readability. A common approach for this requirement is to offer the possibility to print or to export data into frequently used formats.
Metrohm’s Vision Air software offers export options for reports such as CSV, PDF, and XML. In addition, the Vision Air automatic backup scheduler provides an easy way for users to back up the whole database, which can be reimported at any given time (see Figure 5). Long-term readability is ensured by both features.
Figure 5. Automatic backup screen scheduler in Vision Air. Vision Air allows users to define an automatic backup procedure to ensure long-term readability.
Contemporaneous — Are Records Created at the Time of the Activity?
The paper-based documentation approach, which was common in the past, enabled back-dated entering of data. This approach always involves a significant risk of unprecise and false documentation, since information can be forgotten or misremembered. The nowadays more established form of electronic documentation eliminates this risk by creating records ideally at the time an activity takes place.
In the Vision Air software, each measurement is immediately stored in the SQL database. Effective storage is distinctly shown with icons (see Figure 6). Compared to a file-based system, the data structure and the storage location are automatically set, which ensures complete functionality of the system.
Figure 6. Visual display of successful storage of data. In the sample history view in Vision Air, an icon displays the successful storage of data in the SQL database.
Original — Is this the First Recorded Observation or a Verified, True Copy?
Result values collected during analyses are typically dynamic data sets, thus allowing post- or reprocessing activities. In NIR spectroscopy, post-processing is more common than reprocessing, which is a typical activity performed, for example, for titration or ion chromatography data sets. Typical post-processing operation of data in NIR spectroscopy is slope/bias correction or general post-calculation. For the sake of transparency, each of these calculations and the individual results must be clearly displayed.
In the Vision Air software, users have the option to display the unprocessed or raw result as well as the processed result. If configured, post-processing is automatically carried out when calculating the result, thereby preventing manipulations or human errors. Shown in Figure 7 is a standard detailed result display in the Vision Air software, in which the raw, unprocessed result, as well as the post-processed result from a slope/bias adaptation, is distinctly shown for the parameter moisture.
Figure 7. Detail result display. In the detail view in Vision Air, the unprocessed and the post-processed result (for example, a slope and bias correction) are displayed for each measurement.
Accurate — Is Data Stored Correctly and are Modifications Clearly Documented?
Alteration of data, if allowed, for example, of dynamic data, has to be documented transparently. For configuration changes of the instrument, extensive review functionalities, typically a two-level signing function as recommended in the 21 CFR Part 11 regulation, should be in place to ensure and help with accurate documentation.
Vision Air Pharma, specifically developed to meet the requirements of the FDA 21 CFR Part 11 regulation, contains a two-level signing system for each configuration change (see Figure 8). Effective application of a configuration change is shown with the help of unambiguous icons, and every configuration change is listed in a table for analysis at a later time. To increase more transparency, comments can be entered for each modification made.
Figure 8. Configuration change viewer in Vision Air. The configuration change viewer in Vision Air allows users to track all changes of the system in a transparent manner.
The ALCOA+ Extension
ALCOA+ extends the requirements to include aspects like consistency, completeness, and availability of data.
Complete — Is All Relevant Data Properly Stored?
With the change to electronic documentation, assessing whether data has been properly stored becomes more difficult. For both kinds of storage (file-based as well as a data-based), the software supports users by showing clearly that data storage was successful.
When compared to a file-based concept, the SQL database used in Vision Air for data storage has the benefit to offer a higher level of data security. By using a database system instead of a file-based system, the risk of unauthorized data manipulations or corrupted data sets can be considerably reduced. In the Vision Air software, each measurement is connected to an exclusive signature (see Figure 9), denoting that data have been correctly stored inside the database and have not been altered.
Figure 9. Visual feedback of correct storage of data in the database. The icon highlighted with a red circle indicates a correct hash signature.
Consistent — Can the Operation Workflow be Reconstructed?
The above-mentioned requirements all seek to make sure workflows are transparent. However, not only from the point of view of transparency, but also from the point of view of efficiency, workflows should be consistent and easily reconstructible.
By using the so-called operating procedures guiding operators at the time of measurement, workflows in the Vision Air software can be easily defined. Each operating procedure includes a set of prediction models as well as an element known as method, which precisely defines how measurements have to be performed (see Figure 10).
Figure 10. Structure of operating procedures in Vision Air. An operating procedure defining how a measurement is done consists of prediction models and a method which specifies different measurement parameters.
For instance, a method can specify the temperature of the sample for a measurement (see Figure 11), which input fields have to be compulsorily filled, and which input fields are accessible.
Figure 11. Method setting options for liquid analysis. In the settings for a method, different measurement parameters can be set. For example, the temperature of the sample vessel for liquid analysis.
Enduring—Does Stored Data Remain Available Longtime? Available—Is Data Accessible/Readable/Printable?
The final two aspects mentioned in the FDA Data Integrity guideline are enduring and available. Enduring and available further highlights the importance of longtime availability of stored data and the possibility to access and read data in common ways.
The two aspects are covered by the formerly mentioned SQL database storage method and the availability of audit trails (see Figure 12), automatic print functions, and backup functionalities. In the Vision Air audit trail, all pertinent relevant can be easily assessed with the help of the built-in filter features.
Figure 12. Audit trail view for login events. In Vision Air, different filter settings can be set to find events easily, for example, all events which refer to a login or log out.
Summary of Important Software Functionalities for Data Integrity
The earlier chapter discussed a number of varied software functionalities. Generally, audit trails can be said to be one among the most critical software functions to attain and maintain operation transparency. Audit trails enable the reconstruction of operations carried out by distinctly showing when, by whom, and why actions were taken. In addition to automatically generated information, like timestamps and user ID, functions like comment fields in tandem with preselected reasons of action must be available.
Apart from transparency, data safety is a crucial aspect of data integrity. This mainly contains data storage and manipulation control. It is possible to realize increased data security by following a database approach instead of file-based approaches, where files, for instance, can be more easily altered or deleted. Moreover, databases enable easier tracking of data manipulation using unique signatures for each collected data.
This information has been sourced, reviewed and adapted from materials provided by Metrohm AG.
For more information on this source, please visit Metrohm AG.