You can’t claim IP on dodgy data
In life sciences we are all looking for brilliant solutions to improve the well-being of mankind. And to finally claim Intellectual Property. The integrity – and thus reliability – of data is the first requirement to reach this goal. For many companies however, the daily practice is not always equally compatible with current data integrity regulations. In numerous laboratories, ‘home-made’ spreadsheets are still the standard for processing data. They may work for the researcher in question, but certainly not for the inspectors of the FDA and other prominent audit organizations.
To professionalize the recording, storage and processing of data we first have to analyze the procedures and technologies in use. Documentation and configuration are also part of the investigation. One of the priorities is to make sure that no record can be altered unnoticed. Any change to a record must be logged in an audit trail and reviewed regularly. Some data, such as time and date, should not be changeable at all. In order to safeguard the retrieval of data in the long run, all relevant data should be stored centrally and backed-up automatically at fixed intervals.
Documentation issues include determining and clearly defining the different roles that are assigned to specific users. These specific roles must then be configured adequately and transparently to establish a segregation of duties and avoid conflicts of interest. To enhance transparency even more, we advise to limit user options to an absolute minimum. This particularly applies to supervisors who are authorized to change parts of the production processes or even change the recipe. Last but not least, we implement improvements in reporting. This is, in some cases, too general in nature. Producing more specific reports allows for easier and faster retrieval and analysis of the modified records.
Additionally of this procedural approach it may be necessary to choose a more system-driven approach. The task then is to start with assessing all automated lab systems with regards to data integrity, using a comprehensive checklist covering all data integrity requirements. Based on the outcome, we draw up an action plan for each individual system in order to make it 100% data integrity proof. Because in recent years vendors of lab systems have started to improve 21 CFR Part 11, EU Annex 11 and data integrity compliance of their software, upgrading hardware and software is often part of the solution. Alternatively a protective software shell and/or procedural solutions can be implemented to further strengthen data integrity performance.
New ways of working
When building on an already well-developed data integrity culture, we can also ‘educate’ users on how to further improve the handling of raw, electronic data for data integrity purposes. As some lab staff are still used to working with paper records, execution of the data integrity remediation program also entails changes in their way of working. They should for instance start reviewing electronic data, including audit trails, directly on the system. If possible, this should be done remotely. Obviously, in these cases change management skills have to be applied to overcome some understandable apprehension.
It goes without saying that both procedures and systems must be compatible with the data integrity regulations. An analysis of the situation and practices in your organization will tell us where to start.