The term “data integrity” means the degree to which data are complete, consistent, accurate, trustworthy, and reliable and that these characteristics of the data are maintained to support the quality of drug products throughout their lifecycle from the point of development through commercialization.
Data integrity can be compromised in different ways. Every time data is replicated or transferred, it should remain intact and unaltered between updates.
Error checking methods and validation procedures are typically relied on to ensure the integrity of data that is transferred or reproduced without the intention of alteration.
It is an endless journey of continuous monitoring and verification process. It describes measures used to ensure the validity and accuracy of a data set or all data contained in a database or other construct.
For instance, error checking and validation methods may be referred to as examples of data integrity processes.
Several references and guidelines exist for data integrity such as PDA Technical Report 80 which establishes laboratory data management practices and others as HIPAA, GDPR (General Data Protection Regulation), etc.
The intent of the PDA Technical Report 80 is to outline regulatory requirements and expectations, along with best industry practices, to highlight common gaps in Data Integrity Management System for Pharmaceutical Laboratories, and to recommend methods of remediation.
It summarizes the risks and the best practices, including audit approaches, that can be utilized to develop a robust data integrity management system for laboratory settings with both manual and electronic processes that firms can follow to achieve compliance and mitigate risks.
The scope of the PDA Technical Report 80 focuses on the management of data integrity within pharmaceutical quality control analytical and microbiology laboratories and is also applicable to analytical development and R&D laboratories. It provides the framework and tools necessary to establish a robust data integrity management system to ensure data integrity for paper, hybrid, and computerized systems within the laboratory.
It includes the maintenance and audit trail of the data over its entire life-cycle and is a critical aspect to the design, implementation, and usage of any system which stores, processes, or retrieves data.
ALCOA Approach to Data Integrity
ALCOA stands for;
ALCOA applies to paper and electronic data. For more information about ALCOA for electronic records, press here.
For answers to frequent questions about Data Integrity and Compliance With Drug CGMP Guidance for Industry, press here.
Data Validation Pre-requisites to Data Integrity.
Data integrity is contrary to data corruption.
The overall intent of any data integrity technique is the same: ensure data is recorded exactly as upon later retrieval, ensure the data is the same as it was when it was originally recorded.
It considers how well your systems prevent intentional or unintentional changes to information.
Data integrity is not to be confused with data security, the discipline of protecting data from unauthorized parties.
In the United States, the HIPAA Privacy Rule (Health Insurance Portability and Accountability Act of 1996) establishes national standards to protect health information and applies to health plans, health care clearinghouses, and those health care providers that conduct certain health care transactions electronically.
The HIPAA Privacy Rule is composed of national regulations for the use and disclosure of Protected Health Information (PHI) in healthcare treatment, payment, and operations by covered entities.
Other data integrity involves the safety of data in regards to regulatory compliance — such as GDPR (General Data Protection Regulation) compliance — and security.
The General Data Protection Regulation is a law on data protection and privacy in the European Union (EU) and the European Economic Area (EEA). It also addresses the transfer of personal data outside the EU and EEA areas.
It ensures the confidence, trust, and accuracy of the information in terms of recoverability and searchability, traceability, and connectivity
When the integrity of data is secure, the information stored in a database will remain complete, accurate, and reliable no matter how long it’s stored or how often it’s accessed. Data integrity also ensures that your data is safe from any outside forces.
Some best practices include input validation to preclude the entering of invalid data, error detection/data validation to identify errors in data transmission, and security measures such as data loss prevention, access control, data encryption, and more.
Types of Data Integrity
There are two types of data integrity: physical integrity and logical integrity. Both are a collection of processes and methods that enforce in both hierarchical and relational databases.
Physical integrity is the protection of data’s wholeness and accuracy as it’s stored and retrieved. When natural disasters strike, power goes out, or hackers disrupt database functions, physical integrity is compromised. Human error, storage erosion, and a host of other issues can also make it impossible for data processing managers, system programmers, applications programmers, and internal auditors to obtain accurate data.
Logical integrity keeps data unchanged as it’s used in different ways in a relational database. Logical integrity protects data from human error and hackers as well, but in a much different way than physical integrity does. There are four types of logical integrity.
Entity integrity relies on the creation of primary keys, or unique values that identify pieces of data, to ensure that data isn’t listed more than once and that no field in a table is null. It’s a feature of relational systems that store data in tables that can be linked and used in a variety of ways.
Referential integrity refers to the series of processes that make sure data is stored and used uniformly. Rules embedded into the database’s structure about how foreign keys are used ensure that only appropriate changes, additions, or deletions of data occur. Rules may include constraints that eliminate the entry of duplicate data, guarantee that data is accurate, and/or disallow the entry of data that doesn’t apply.
Domain integrity is the collection of processes that ensure the accuracy of each piece of data in a domain. In this context, a domain is a set of acceptable values that a column is allowed to contain. It can include constraints and other measures that limit the format, type, and amount of data entered.
User-defined integrity involves the rules and constraints created by the user to fit their particular needs. Sometimes entity, referential, and domain integrity aren’t enough to safeguard data. Often, specific business rules must be taken into account and incorporated into data integrity measures.
What data integrity isn’t
With so much talk about data integrity, it’s easy for the true meaning to be muddled. Often data security and data quality are incorrectly substituted for data integrity, but each term has a distinct meaning.
Data integrity is not data security
Data security is the collection of measures taken to keep data from getting corrupted. It incorporates the use of systems, processes, and procedures that keep data inaccessible to others who may use it in harmful or unintended ways. Breaches in data security may be small and easy to contain or large and cause significant damage.
While it is concerned with keeping the information intact and accurate for the entirety of its existence, the goal of data security is to protect information from outside attacks. Data security is but one of the many facets of data integrity. Data security is not broad enough to include the many processes necessary for keeping data unchanged over time.
Data integrity is not data quality
Does the data in your database meet company-defined standards and the needs of your business? Data quality answers these questions with an assortment of processes that measure your data’s age, relevance, accuracy, completeness, and reliability.
Much like data security, data quality is only a part of data integrity, but a crucial one. It encompasses every aspect of data quality and goes further by implementing an assortment of rules and processes that govern how data are entered, stored, transferred, and much more.
Data Integrity Risks
There is an assortment of factors that can affect the integrity of the data stored in a database. A few examples include:
Risks can easily be minimized or eliminated by doing the following:
Getting Started a Data Integrity Management System
Protecting the integrity of your company’s data using traditional methods can seem like an overwhelming task. Secure, cloud-based data integration platforms offer a modern alternative that provides a real-time view of all of your data. With industry-leading cloud integration tools, you can connect multiple source data applications and get access to all of your company’s data in one location.
At CIQA, we can help you in technological aspects of achieving Data Integrity as well as the regulations (FDA, PDA, etc) for achieving data integrity compliance.
ALCOA is used by regulated industries to evaluate its compliance with data integrity and is essential to ensuring Document Control Management (DCM) and Good Documentation Practices (GDPs).
ALCOA applies to paper and electronic data. For more information about ALCOA for electronic records, press here.
For more information questions and answers about Data Integrity and Compliance With Drug CGMP Guidance for Industry press here.
CIQA is a quality and regulatory consultant with 25 years of experience developing products and managing projects in the medical device supply chain, and pharmaceutical industries. His experience includes research, product development, operations management, manufacturing engineering, equipment design, regulatory affairs, and quality assurance. Specific questions about Document Control Management DCM or quality system training can be directed to CIQA at email@example.com.
SUBSCRIBE AND FOLLOW US TO LEARN MORE.
For more details on specific FDA expectations, follow us.
Three (3) Options to Create Document Control Management DCM Procedures:
Bronze Option. You Can Create Your Own Quality Procedures, using a Template.
You can download samples of the Document Control Management DCM procedure templates in .pdf format.
To see the complete list of the most popular quality procedures templates, click here.
In addition, you can request a quotation to buy online a full SOP template document in MS Word format that is completely editable, ready to fill, and adapt to your specific needs.
Silver Option. We Can Bring You a Formal Training on FDA ALCOA Guidance for Data Integrity.
This option is recommended if you want to learn more about how to build robust quality system procedures. One of our expert(s) can provide online step-by-step training to your team (unlimited assistance) on how to build reliable SOPs using our template(s). Also, you can improve your corporate quality procedures and policies by incorporating our template(s) and tools. It includes a fully editable template from the Bronze option, plus training, exams, and a training certificate for each assistant. Request a quote now.
Gold Option. We Can Create Customized Quality Procedures.
One of our expert(s) will create and prepare your customized SOPs with the inputs and specific information of your company. It includes a fully editable template from the Bronze option, plus online support in document creation, implementation, and training. Request a quote online.
GET IN COMPLIANCE TODAY, CONTACT US (Hablamos Español)
For more information about Data Integrity, refer to:
TITLE 21–FOOD AND DRUGS
PART 11 ELECTRONIC RECORDS; ELECTRONIC SIGNATURES
QS Regulation and Guidance • Quality System Regulation and Preamble
Inspection Guide – Pages 8, 15, 21, 22 and 23
Guide to Inspections of Quality Systems [Quality System Inspection Technique (QSIT)]