A Firm Line on Data Integrity Can Keep Companies on FDA’s Good SideFrom Breaches to Illicit Document Shredding, Violators Can Be Shut Out of Markets
“Data integrity” isn’t just something for banks and credit reporting agencies to track – it’s also a big deal for drug makers. The U.S. Food and Drug Administration (FDA) has made data integrity a key part of its Current Good Manufacturing Practice (CGMP) regulations, and you don’t have to look too deep into the headlines to see the agency calling out drug makers and others for lapses in data integrity.
This summer alone, pharmaceutical companies around the globe have gotten warning letters from the FDA describing data integrity concerns or breaches. Sometimes the letters are just warnings, but not always. It’s become a huge compliance risk: Running awry of FDA rules means even international companies can be shut out of the American market.
In mid-September, Chinese medical instrument maker Wuxi received notice of violations and was asked to investigate its data integrity. Earlier in the year, the Indian firm Divis
‘Data Integrity’ Can Be Found in the Details
perfect for bedtime reading but critical for companies – both domestic and international – that work within the agency’s sphere.
Data integrity underpins the agency’s CGMPs and concerns backups, storage, completeness and security. “FDA has increasingly observed CGMP violations involving data integrity during CGMP inspections,” notes an FDA analysis of the report. “Ensuring data integrity is an important component of the industry’s responsibility to ensure the safety, efficacy, and quality of drugs, and of FDA’s ability to protect public health.”
So what does a data integrity violation look like? The FDA can be vague when issuing public notices of violations, but one violation issued to an Indian firm provided some insight. On a site inspection, regulators reviewed closed circuit television records and found “extensive shredding of what appears to be controlled documents and extensive signing of documents by QA.” The violation also noted that “a contract employee with QA removed documents from the shredder and placed them in his pocket,” and said shredding was going on in the middle of the night, apparently by janitors – not to mention that sensitive documents were found in the trash.
‘Baking’ Security Into Management Practices
Firms today must take a global approach to data integrity, experts warn, and collaboration among company units is key. With the FDA taking a close look at quality assurance, manufacturers must work to “bake security into the design,” said industry watcher Suzanne Schwartz. “It’s much easier to bake it in than to bolt it on as an afterthought.”
While some firms may have internal resources to ensure data integrity, outside consultants can be an important link in regulatory compliance. “Incidents … underline the need for analytical laboratories to have robust controls in place to ensure full workflow traceability and accountability,” one report noted. “For many pharmaceutical companies, the most effective solution will be an integrated informatics platform, comprising a chromatography data system (CDS) and laboratory information management system (LIMS).”
Learn About Data Security From a Pro
Life sciences industry expert Angela Bazigos reviews the latest intel on FDA data integrity issues in her webinar for Audio Educator, “Data Integrity: Big, Hard and Here to Stay!” Bazigos overviews data integrity and the FDA’s take on it, explains integrity issues and warning letters, details industry best management practices both in the United States and abroad, and covers storage issues and future trends. The conference is aimed at CEOs, regulatory, quality and IT VPs, regulatory affairs professionals, quality managers and engineers, consultants, small business owners, personnel from the pharma, biotech and medical device industries, and anyone involved with the FDA.