The corporate and quality culture has a significant effect on the maturity level of Data Integrity within a regulated company and should, therefore, be assessed and understood. To achieve the level of maturity in data integrity needed, this blog demonstrates five steps to improve the data integrity culture.
In the last years, agencies (e.g., FDA, ISPE, MHRA) have released guidance on Data Integrity, describing how the foundational pillar captured in company culture needs to be used to comply with the data integrity processes as required by the regulatory agencies.
The GxP regulated industries depend on their data to ensure the quality of medicines and their related products. The quality of the data, through the full data lifecycle, is directly related to the quality of the decisions made to release products. Data Integrity regulations assure that the quality of the data and the processes in which data is generated are regulated to guarantee the required quality.
Data Integrity failures can lead to negative consequences, for example:
Data Integrity is all about the trustworthiness of the data and the quality of the final decisions taken on the data. Good Data Integrity practice means all controls are in place to prove the trust of data used for quality, efficacy, or safety decisions. Data Integrity issues may break trust between regulators and industries as well as with the customers. According to the FDA, Data Integrity is one of the most critical points of observation during audits nowadays (Figure 01).
FDA findings – Data Integrity (pharma, cosmetic and device firms)
Data Integrity subject encompasses not only purely administrative concepts but also personal and cultural behavioral standards, which makes this task even more exciting and challenging.
Ensuring the trustworthiness of your data as expected by the regulators does not only affect the quality of the data, it also affects streamlining production processes, fewer events and deviations, and streamlines working methods in general.
Cultural and organizational strategies create the basis for generating benefits, for example:
These strategies lead to:
How do you get everyone involved according to the importance of this subject, even with all the cultural differences, and how do you start this cultural process improvement and manage it?
Step 1 – Don’t panic
Maintaining data integrity is a topic that all companies in the regulated industry are dealing with. Although the regulators did not release any regulations on Data Integrity, the published guidance will help you to understand the principles and give the overview you need to start.
Step 2 – Perform an assessment
An internal analysis will be necessary (e.g., inspections or surveys, risk analysis evaluation), this assessment will give direction to the whole project, and the involvement from all areas.
Identifying the level of where the business and company “is” and “where” it wants to go is elemental in this pre-stage data integrity process, as this is where all strategy will be defined.
After evaluating findings from the internal analysis and identifying the maturity level of the company, the entire process improvement plan should be created so that the next desired level of maturity can be reached.
Step 3 – Align with the culture
Check the Mission and Values of your company; they will be the basis for the unification of the concepts of ethics and social responsibility to be understood by all leaders and users, which have direct and indirect process impact.
Execute this step by clearly knowing which pillar(s) Data Integrity is linked to. Refer to the model and explain that Data Integrity is carried out by management.
Step 4 – Write a strategic plan
Based on this survey, along with the mission and values of your company, the strategy for implementing changes and process improvements can be carried out. For example:
Step 5 – Environment of openness and continuous improvement
At this point, it is essential to emphasize that everyone is free to add their points of view to achieve common goals, as follows:
It is worth remembering that Data Integrity factors are fundamental to assess regularly. They are part of a vast chain of actions to reach the maturity level requested by the regulators.
To conclude, please note there is no perfect “recipe”. Beginning a program for cultural awareness, data chain of custody analysis, and identifying remediation to gaps will provide a strong start to ensuring your company is aware of the need to demonstrate the trustworthiness of GxP data. In future articles, we will address the other factors that are directly related to a company’s Data Integrity maturity.