Data Integrity and Principles of ALCOA and ALCOA+

Against the backdrop of globalization, especially in case of pharmaceutical industry, data integrity has become one of the basic expectations that a regulator expects from a manufacturer. USFDA, MHRA, WHO or any other regulatory agency when inspecting an offshore manufacturing premises expects that the data presented to them shall be reliable and trustworthy. The data presented shall comply with all the basic principles of ALCOA and ALCOA+. Any issues observed with respect to data integrity may lead to breach of trust between the assessor and assessee. This often leads to failure of regulatory inspections and develop a relation of distrust which is difficult to recover if not impossible.

Data integrity refers to the completeness, consistency, and accuracy of data. Complete, consistent, and accurate data should be attributable, legible, contemporaneously recorded, original or a true copy, and accurate (ALCOA).

Data integrity is critical throughout the CGMP data life cycle, including in the creation, modification, processing, maintenance, archival, retrieval, transmission, and disposition of data after the record’s retention period ends. System design and controls should enable easy detection of errors, omissions, and aberrant results throughout the data’s life cycle

In past few years, FDA and other regulatory agencies have given numerous observations w.r.t. data integrity, documentation and record management practices. The major reasons for these types of observations are:

• reliance on inadequate human practices;
• poorly defined procedures;
• resource constraints;
• the use of computerized systems that are not capable of meeting regulatory requirements or are inappropriately managed and validated;
• inappropriate and inadequate control of data flow; and
• failure to adequately review and manage original data and records.

Following various principles of ALCOA and ALCOA+ shall ensure the integrity of the data being generated. Principles of ALCOA and ALCOA+ are as follows:

ATTRIBUTABLE: The word attributable means that the record generated whether manually or electronically shall be traceable to the person or the machine used to performed the task. It’s also important to record the date of the collection or generation of data. Even the changes made to any records shall be attributable.

In paper records, this could be done through the use of initials, full handwritten signature or a controlled personal seal. In electronic records, this could be done through the use of unique user logons that link the user to actions that create, modify or delete data; or unique electronic signatures which can be either biometric or non-biometric. An audit trail should capture user identification (ID), date and time stamps and the electronic signature should be securely and permanently linked to the signed record.

LEGIBLE: Legibility means that the data recorded shall be clear to read, especially where the data is being recorded manually. Such problem is not normally encountered with the electronically generated data. However, care should be taken while deciding on the fonts and font sizes for electronic systems. Often, we encounter problems reading ‘O’ and ‘0’, ‘l’ and ‘1’ etc.

Apart from writing or recording properly, care shall be taken while writing the sentences. Confusing and long sentences shall be avoided. The language used shall be consistent and straightforward.

The data shall be well supported by the metadata. Metadata may be defined as the contextual information required to understand data. A data value is by itself meaningless without additional information about the data. Metadata is often described as data about data. Metadata is structured information that describes, explains, or otherwise makes it easier to retrieve, use, or manage data. For example, the number “23” is meaningless without metadata, such as an indication of the unit “mg.” Among other things, metadata for a particular piece of data could include a date/time stamp for when the data were acquired, a user ID of the person who conducted the test or analysis that generated the data, the instrument ID used to acquire the data, audit trails, etc.

The recorded data shall be legible throughout the life cycle of the data which may extend from few years to few decades also. Electronic data are normally only legible/readable through the original software application that created it. In addition, there may be restrictions around the version of a software application that can read the data. When storing data electronically, ensure that any restrictions which may apply and the ability to read the electronic data are understood. Clarification from software vendors should be sought before performing any upgrade, or when switching to an alternative application, to ensure that data previously created will be readable.

Other risks include the fading of microfilm records, the decreasing readability of the coatings of optical media such as compact disks (CDs) and digital versatile/video disks (DVDs), and the fact that these media may become brittle. Similarly, historical data stored on magnetic media will also become unreadable over time as a result of deterioration. Data and records should be stored in an appropriate manner, under the appropriate conditions.

Contemporaneous: It’s essential that individuals or systems make a record of an activity as and when the data is generated and acquired. This is not a concern with automated devices, however, where manual recording of data is happening special consideration shall be given to this aspect.

For example, when a blending operation is performed, the quantity of material before and after blending, date, time and duration of blending (Blender start and stop time), blend rpm, room ID, equipment ID, name and signature of doer and verifier, number of blends samples taken and by whom, quantity of blend samples, result of blend samples shall be recorded as and when each activity happens and not before or at a later stage.

The use of a scribe to record an activity on behalf of another operator should be considered only on an exceptional basis and should only take place where, for example, the act of recording places the product or activity at risk, such as, documenting line interventions by aseptic area operators. It needs to be clearly documented when a scribe has been applied. “In these situations, the recording by the second person should be contemporaneous with the task being performed, and the records should identify both the person performing the task and the person completing the record. The person performing the task should countersign the record wherever possible, although it is accepted that this countersigning step will be retrospective. The process for supervisory (scribe) documentation completion should be described in an approved procedure that specifies the activities to which the process applies.”

It is mandatory to maintain a record of employees indicating, their name, signature, initials or other mark or seal used to enable traceability and to uniquely identify them and the respective action.

Original: The records should be original rather than copies or transcriptions. For example, you should not write a record on a scrap of paper with the intention of completing the main record later, as this can result in errors.

Instead, the original recording of the data should be on the main record, whether that record is on paper or on a digital system. The manual entry of data from a paper record into a computerized system should be traceable to the paper records used which are kept as original data.

The first or source capture of data or information and all subsequent data required to fully reconstruct the conduct of the GxP activity should be available. In some cases, the electronic data (electronic chromatogram acquired through high-performance liquid chromatography (HPLC)) may be the first source of data and, in other cases, the recording of the temperature on a log sheet in a room – by reading the value on a data logger. This data should be reviewed according to the criticality and risk assessment.

Accurate: All records should reflect the reality of what happened and should be error free. Also, there should be no editing of the original information that results in that information being lost. Where incorrect information had been recorded, this may be corrected provided that the reason for the error is documented. The original entry shall remain readable and the correction is signed and dated. Nothing should be removed, blocked out, or deleted.

Points to consider for accuracy of data:

1. The entry of critical data into a computer by an authorized person (e.g. entry of a master processing formula) requires an additional check on the accuracy of the data entered manually. This check may be done by independent verification and release for use by a second authorized person or by validated electronic means.
2. Validation and control over formulae for calculations including electronic data capture systems;
3. Ensuring correct entries into the laboratory information management system (LIMS) such as fields for specification ranges;
4. Other critical master data, as appropriate. Once verified, these critical data fields should normally be locked in order to prevent further modification. They could only be modified through a formal change control process;
5. The process of data transfer between systems should be validated;
6. The migration of data including planned testing, control and validation; and
7. When the activity is time-critical, printed records should display the date and time stamp.

Complete: All the information or data i.e. important for recreating and understanding any event shall be recorded. The extent of data required may vary from case to case basis. However, efforts must be put in to ensure the completeness of data.

Consistent: The data shall be arranged in a chronological order. Date and time stamps shall be put on the records for understanding the flow of events. Any additions. Deletions or amendments to the data shall be suitably recorded to ensure the consistency of events.

Enduring: The data recorded on paper or electronically, shall be stored in a way that they are accessible and readable during their lifetime. The records shall be indelible and durable.

Available: The records shall be available for review or audit over their lifetime.

Failure Mode and Effects Analysis (FMEA) model (or any other tool) can be used to identify and assess the risks relating to any system where data are, for example, acquired, processed, recorded, saved and archived. The risk assessment can be done as a prospective exercise or retrospective exercise. This shall be separately discussed in upcoming article.

Reference: WHO TRS 1033, Annexure 4