Data integrity deficiencies will impact regulated organizations which could result in significant financial implications as well as lost reputations.
The FDA utilizes the ALCOA (attributable, legible, contemporaneous, original and accurate)
||Who performed the action and when? If a record is changed, who did it and why? Linked to the source data.
||Data must be recorded permanently in a durable media and be readable.
||The data should be recorded at the time the activity is performed and date and time stamps should follow in order.
||The information must be the original copy or a certified true copy.
||No entries or editing performed without documented amendments
For new systems building ALCOA into the design specifications to ensure that the system will meet the Data Integrity requirements reduces the overall risk of non-compliance and failure. A collaborative approach with the system / equipment suppliers to implement suitable risk management, design reviews, change control, verification and acceptance testing is key to achieving robust computerized systems which meet the regulatory expectations for Data Integrity.
For legacy systems, a different approach is required:.
- GAP Analysis review of the system to identify areas of non-compliance.
- Remediation of the system GAP’s; this is ideally made through control system software and / or hardware upgrades with robust test plans to verify the system functionality.
- Where systems cannot be upgraded and in certain circumstances interim manual controls can be implemented to provide a level of data integrity assurance; however permanent automated solutions should be implemented.