Pharmaceutical companies are on notice from the FDA that its regulators are increasingly focusing attention on data fraud and deficiencies during manufacturing facility inspections, and that companies can and should do more to proactively correct those deficiencies. At issue is what is known as “data integrity”—the idea that company staff must observe and record accurate drug quality testing and production data, and that regulators must be able to check these data.
A new guidance from the FDA posted late last month emphasizes the requirements for data integrity— that data are exact, complete, unaltered, secure, original and documented at the time of performance. The guidance also includes several checklists companies can use to audit themselves. For example, inspectors have frequently noted issues in which company employees share the same password for logging or altering data. Companies are expected to ensure that all data have audit trails enabling an inspector to determine the origin of the data and the date of creation.
HRI impact analysis
In fiscal year 2017, FDA cited 62 companies for “insufficient control of computers or systems,” largely related to data integrity issues. For companies, the stakes of noncompliance are high. Data integrity issues have resulted in costly remediation efforts required by the FDA, import restrictions and even civil monetary penalties, and the FDA said it is focusing “additional resources on efforts to prevent, uncover and combat data integrity lapses.” As the FDA increasingly focuses on this area, companies may need to audit their own businesses and suppliers for compliance to ensure their next inspection goes smoothly.