James Davidson, Ph.D, Lachman Consultants07.18.17
The ongoing focus of the global pharmaceutical industry and the regulatory agencies around the world relative to ensuring the integrity of all data associated with the manufacturing and testing of pharmaceuticals, has led to the issuance of Data Integrity guidance documents by four of the world’s leading regulatory agencies. In order of their publication, data integrity guidance documents, or in some cases draft guidance documents, have been issued by, the Medicines & Healthcare Products Regulatory Agency (MHRA), the U.S. Food & Drug Administration (FDA), Pharmaceutical Inspection Co-operation Scheme (PIC/S) and the Australian Therapeutic Goods Administration (TGA). The full titles and initial dates of publication of the guidance documents are listed below:
Summary of the Guidance Documents:
What follows is a high level summary of the Data Integrity guidance documents regarding format and content and some recommendations for when each document might prove useful to all those with a direct need to understand the detailed requirements and those that may only seek to have a better basic understanding of data integrity requirements. Logically, all four of the guidance documents refer to the ALCOA principle for defining the high level requirements for ensuring data integrity. As a reminder, ALCOA is an acronym representing the following data integrity elements:
The MHRA & FDA Guidance Documents
As the first two of the Data Integrity guidance documents that we are highlighting here, and likely the most familiar, the MHRA and FDA guidance documents are organized in a similar fashion. Both offer definitions of fundamental data integrity terms and cover many of the same topics, but at times from a slightly different perspective. Therefore, understanding the positions expressed in both documents on an individual data integrity topic can often prove very helpful in designing comprehensive data integrity control systems.
Common topics of both the MHRA and FDA guidance documents are highlighted in Table 1. The Table does not represent an exhaustive list and is only intended as a starting point for gaining a broad understanding of data integrity requirements. Overall, the guidance provided by the two documents is very consistent and presented in language that should be understandable to the target audiences in the global pharmaceutical industry.
The FDA guidance document does not specifically refer to the term, “data governance”, however, a section of the guidance is devoted to referencing where many of the critical data governance elements are described in 21 CFR 210 and 21 CFR 211.
The PIC/S & TGA Guidance Documents
The focus of the PIC/S document is the overall Data Governance System where the expectation is that a firm has arrangements for data governance, which are documented within their Quality Management System. Such Data Integrity (DI) controls should be risk based, utilizing the ICH Q9 guidance where any residual DI risk is documented and a firm’s risks are to be regularly re-assessed by senior management. In addition, the PIC/S guidance provides an increased level of detail when addressing many of the areas covered by the MHRA and FDA guidance documents.
The draft document provides inspectorate guidance on the assessment of Data Criticality and Data Risk when reviewing a firm’s DI Risk Assessment. A significant proportion of the document discusses Organizational Influences on DI, which includes: Code of Ethics; Quality Culture; Quality Metrics and expectations when addressing identified DI issues. In addition, the document discusses principles of DI including the Quality Elements of Data via the ALCOA+ acronym and the specific DI considerations for both paper and computer-based systems. Interestingly, there is a section dedicated to third party vendors where it states that the “contract giver” as part of vendor qualification needs to verify the third party’s data governance measures.
The TGA released its Data Management and Data Integrity (DMDI) policy statement on April 6, 2017. TGA states in the policy that it “serves to provide some clarification regarding the TGA’s official position regarding DMDI practices for industry,” but at the same time noting that, “the requirements for data management and data integrity are not new and have been embedded in GMP requirements for a number of decades.” The Policy also indicates that as a PIC/S member, the TGA intends to reference the August 2016 PIC/S Data Integrity Guidance document, “when performing inspections of manufacturers and, where relevant, in reviewing approval submissions to TGA.”
The TGA Policy statement, as the newest of the four Data Integrity guidance documents, describes the following specific recommended areas of focus for pharmaceutical manufacturers with regard to DMDI, also discussed in the FDA and MHRA guidance documents:
1. Review of existing quality system procedures and systems to ensure data integrity is maintained. Manufacturers are encouraged to focus on:
3. Review of data integrity controls at key service providers through supplier management and audit programs.
In conclusion, no matter where your firm may purchase or manufacture and test pharmaceutical products around the world, it is to the entire industry’s decided advantage to become familiar with the detailed contents of all four of these guidance documents. Together, the documents provide both the specific detailed requirements and expectations for systems of data integrity controls and the overall framework for a data governance system. CP
References
James Davidson, Ph.D
Lachman Consultants
James Davidson, Ph.D., is the Vice President of the Science and Technology practice at Lachman Consultants. He is currently responsible for all aspects of Lachman’s work in the areas of Laboratory Compliance, including Data Integrity, as well as API, Dosage Form and Analytical Development and QbD. He holds an A.B degree in Chemistry from Hope College and a Ph.D. degree in Organic Chemistry from the Georgia Institute of Technology.
- MHRA GMP Data Integrity Definitions and Guidance for Industry, March 20151
- Draft FDA Data Integrity and Compliance with CGMP Guidance for Industry, April 20162
- Draft PIC/s Guidance Good Practices for Data Management and Integrity in Regulated GMP/GDP Environments, PI 041-1 (Draft 2), 10 August 20163
- TGA Data Management and Data Integrity (DMDI), 6 April 20174
Summary of the Guidance Documents:
What follows is a high level summary of the Data Integrity guidance documents regarding format and content and some recommendations for when each document might prove useful to all those with a direct need to understand the detailed requirements and those that may only seek to have a better basic understanding of data integrity requirements. Logically, all four of the guidance documents refer to the ALCOA principle for defining the high level requirements for ensuring data integrity. As a reminder, ALCOA is an acronym representing the following data integrity elements:
- Attributable – Who performed and when?
- Legible – Can it be read? Permanent Record
- Contemporaneous – Recorded at the time the activity was performed
- Original – Original record or certified true copy
- Accurate – Error free
The MHRA & FDA Guidance Documents
As the first two of the Data Integrity guidance documents that we are highlighting here, and likely the most familiar, the MHRA and FDA guidance documents are organized in a similar fashion. Both offer definitions of fundamental data integrity terms and cover many of the same topics, but at times from a slightly different perspective. Therefore, understanding the positions expressed in both documents on an individual data integrity topic can often prove very helpful in designing comprehensive data integrity control systems.
Common topics of both the MHRA and FDA guidance documents are highlighted in Table 1. The Table does not represent an exhaustive list and is only intended as a starting point for gaining a broad understanding of data integrity requirements. Overall, the guidance provided by the two documents is very consistent and presented in language that should be understandable to the target audiences in the global pharmaceutical industry.
The FDA guidance document does not specifically refer to the term, “data governance”, however, a section of the guidance is devoted to referencing where many of the critical data governance elements are described in 21 CFR 210 and 21 CFR 211.
The PIC/S & TGA Guidance Documents
The focus of the PIC/S document is the overall Data Governance System where the expectation is that a firm has arrangements for data governance, which are documented within their Quality Management System. Such Data Integrity (DI) controls should be risk based, utilizing the ICH Q9 guidance where any residual DI risk is documented and a firm’s risks are to be regularly re-assessed by senior management. In addition, the PIC/S guidance provides an increased level of detail when addressing many of the areas covered by the MHRA and FDA guidance documents.
The draft document provides inspectorate guidance on the assessment of Data Criticality and Data Risk when reviewing a firm’s DI Risk Assessment. A significant proportion of the document discusses Organizational Influences on DI, which includes: Code of Ethics; Quality Culture; Quality Metrics and expectations when addressing identified DI issues. In addition, the document discusses principles of DI including the Quality Elements of Data via the ALCOA+ acronym and the specific DI considerations for both paper and computer-based systems. Interestingly, there is a section dedicated to third party vendors where it states that the “contract giver” as part of vendor qualification needs to verify the third party’s data governance measures.
The TGA released its Data Management and Data Integrity (DMDI) policy statement on April 6, 2017. TGA states in the policy that it “serves to provide some clarification regarding the TGA’s official position regarding DMDI practices for industry,” but at the same time noting that, “the requirements for data management and data integrity are not new and have been embedded in GMP requirements for a number of decades.” The Policy also indicates that as a PIC/S member, the TGA intends to reference the August 2016 PIC/S Data Integrity Guidance document, “when performing inspections of manufacturers and, where relevant, in reviewing approval submissions to TGA.”
The TGA Policy statement, as the newest of the four Data Integrity guidance documents, describes the following specific recommended areas of focus for pharmaceutical manufacturers with regard to DMDI, also discussed in the FDA and MHRA guidance documents:
1. Review of existing quality system procedures and systems to ensure data integrity is maintained. Manufacturers are encouraged to focus on:
- Control of hard copy documentation and batch records, including the control and use of blank forms and templates
- Processes for the access, generation, control and review of electronic data and audit trails
- Validation of electronic systems
- Systems for storage, back-up and archiving of GMP data
- Staff training and awareness of data integrity requirements
3. Review of data integrity controls at key service providers through supplier management and audit programs.
In conclusion, no matter where your firm may purchase or manufacture and test pharmaceutical products around the world, it is to the entire industry’s decided advantage to become familiar with the detailed contents of all four of these guidance documents. Together, the documents provide both the specific detailed requirements and expectations for systems of data integrity controls and the overall framework for a data governance system. CP
References
- www.gov.uk/government/uploads/system/uploads/attachment_data/file/412735/Data_integrity_definitions_and_guidance_v2.pdf
- https://www.fda.gov/downloads/drugs/guidances/ucm495891.pdf
- https://picscheme.org/layout/document.php?id=715
- https://www.tga.gov.au/data-management-and-data-integrity-dmdi
James Davidson, Ph.D
Lachman Consultants
James Davidson, Ph.D., is the Vice President of the Science and Technology practice at Lachman Consultants. He is currently responsible for all aspects of Lachman’s work in the areas of Laboratory Compliance, including Data Integrity, as well as API, Dosage Form and Analytical Development and QbD. He holds an A.B degree in Chemistry from Hope College and a Ph.D. degree in Organic Chemistry from the Georgia Institute of Technology.