ALCOA principles: ‘healthy’ guidelines for data integrity -2-
Assuming that the online marketing data we recently accessed are at least accurate and original, our first blog on the Attributability of data within the ALCOA framework was well-received by our readers. Encouraged by this fact, we now move on to the next principle of Legibility. Even though this may appear to be the easiest condition to comply with, there is quite a list of considerations to take into account.
Within the scope of legibility, research data should also be traceable and permanent. Legible also implies that data are understandable and provide a clear picture of the sequencing of steps in the record. Therefore, it should be impossible to modify or restore records without an audit trail. As with all principles, a distinction is made between hand-written and digital records. Analogue data for instance are to be noted using permanent, indelible ink. The use of pencils or erasures is an absolute ‘no go’. Also, single-line cross-outs should be used to record changes with name, date and reason. It is highly recommended to use bound, paginated notebooks with sequentially numbered pages to allow detection of missing pages. For data to be permanent, archiving of paper records should be done by independent personnel in secure and (humidity) controlled paper archives.
In digital recording, the legibility of data itself generally poses no problems. The designing and configuration of computer systems with regard to traceability on the other hand requires some serious attention. It should allow for an adequate audit trail, quite like the track changes option in Office Word. A unique log-in is to be assigned to each user to avoid confusion as to who made the recording. A provision should be made to make sure (preliminary) data cannot be overwritten. In the event of an employee leaving the company, his or her log-on should never be redistributed but remain ‘silent’ for the years to come. Ever thought of an auto-lock system that temporarily shuts down a PC or laptop while inactive for a while? Maybe you should! Personalized tags as used in the banking industry would benefit our industry too.
Segregation of duties
Moreover, IT systems should enforce the saving of electronic data at the time of the activity and before proceeding to the next event. There should also be controls that prohibit generation and processing and deletion of data in temporary memory. And then there is what we call the ‘segregation of duties’. To avoid conflicts of interest, staff with system maintenance responsibilities should work and report independently from those operating the systems. In a lab, where one R&D member is conducting measurements while a colleague who has access permissions at system level is doing the recording, the latter should report in a different department, e.g. the IT department. Finally, as with handwritten data, digital data too need to be archived. With evolving technologies, data need to be transferred regularly to newer saving devices to stay in shape for decades and stored at an independent, designated archivist.