GMP Data Integrity

December 10, 2019, 9:31 838

In recent years the subject of Data Integrity has become important mainly because of the many deficiencies that have been discovered by pharmaceutical inspectors and auditors around the world. Although Data Integrity is an old and basic issue in all types of manufacturing, the results of inspections and audits have revealed inconsistencies in the way that the subject is interpreted and applied in different regions and countries around the world. Especially for the pharmaceutical industry, the subject is extremely important as it serves as the basis for judging the safety and quality of pharmaceutical products of all types and classes. The pharmacist, the caregiver, and the patient must depend on the integrity of the data that they are provided to judge the quality of the agents that are used in the treatment of the many different disease conditions. In addition, the manufacturer of the pharmaceutical is dependent on the integrity of the data that are used to judge the efficiency and safety of the manufacturing process.

Data Integrity is also a major issue for managing a manufacturer. It is critical for managers to have solid, reliable data to judge the efficiency of manufacturing processes and the quality of its products. The data are important in assessing the costs of production and planning for future company needs. Incorrect information has caused major problems for controlling processes and developing sound plans. For these reasons it would seem that management would be especially rigorous in insisting upon high quality data.

Considering how vital is Data Integrity nowadays, different international, regional and national organizations and authorities have already prepared new or revised already existing guidelines on this topic.

Organization / authority



Annex 5 – Guidance on good data and record management practices – WHO Technical Report Series No. 996, 2016

Guideline on Data Integrity – Working document QAS/19.819 October 2019 Draft for comments


Good Practices for Data Management and Integrity in Regulated GMP/GDP Environments – PI 041-1 (Draft 3) 30 November 2018


21 CFR Part 11 – Electronic Records; Electronic Signatures — Scope and Application – August 2003

Data Integrity and Compliance with CGMP Guidance for Industry – draft guidance – April 2016


EudraLex Volume 4 – Good Manufacturing Practice (GMP) guidelines – Annex 11: Computerised Systems – June 2011

Guidance on good manufacturing practice and good distribution practice: Questions and answers – Data Integrity – August 2016


‘GXP’ Data Integrity Guidance and Definitions - March 2018


Records and Data Integrity – March 2017


Before talking about what includes Data Integrity we need to clarify some basic definitions:

Data –  Facts, figures and statistics collected together for reference or analysis. Data can be Static – fixed data document (e.g., paper record or an electronic image) or Dynamic – record format allows interaction between the user and the record content (e.g., a chromatogram where the integration parameters can be modified)

Metadata – Contextual information required to understand data (i.e., data about the data). Structured information that describes, explains, or otherwise makes it easier to retrieve, use or manage data. Examples: date/time stamp, user ID, instrument ID, audit trails, etc. Relationships between data and their metadata should be preserved in a secure and traceable manner.

Audit Trail – Secure, computer-generated, time-stamped electronic record that allows for reconstruction of events relating to the creation, modification, or deletion of an electronic record.

Data integrity is the maintenance of, and the assurance of the accuracy and consistency of data over its entire life-cycle, and is a critical aspect to the design, implementation and usage of any system which stores, processes, or retrieves data.

Data should be Attributable, Legible, Contemporaneous, Original, and Accurate (ALCOA) and be Complete, Consistent, Enduring, and Available (ALCOA +). ALCOA is an acronym used by the FDA that stands for Attributable, Legible, Contemporaneous, Original, and Accurate. The concept behind ALCOA is that data quality directly impacts product quality, with focus placed on performing tasks correctly the first time and immediate reporting of results.

Image result for data integrity


Systems should be established and implemented to ensure that all data acquired, processed and reported are in accordance with the principles in this guideline. Data should be:

  • A = attributable - Attributable means information is captured in the record so that it is uniquely identified as executed by the originator of the data (e.g. a person, computer system).
  • L = legible and traceable and permanent - The terms legible and traceable and permanent refer to the requirements that data are readable, understandable and allow a clear picture of the sequencing of steps or events in the record so that all GxP activities conducted can be fully reconstructed by persons reviewing these records at any point during the records retention period set by the applicable GxP.
  • C = contemporaneous - Contemporaneous data are data recorded at the time they are generated or observed.
  • O = original record (or certified true copy) - Original data includes the first or source capture of data or information and all subsequent data required to fully reconstruct the conduct of the GxP activity. The GxP requirements for original data include:
  •  original data should be reviewed;
  • original data and/or certified true and exact copies that preserve the content and meaning of the original data should be retained;
  • as such, original records should be complete, enduring and readily retrievable and readable throughout the records retention period.
  • A = accurate - This means data are correct, truthful, valid and reliable. For both paper and electronic records, achieving the goal of accurate data requires adequate procedures, processes, systems and controls that comprise the quality management system. The quality management system should be appropriate to the scope of its activities and risk-based. Controls that assure the accuracy of data in paper records and electronic records include, but are not limited to:
  • qualification, calibration and maintenance of equipment, such as balances and pH meters, that generate printouts;
  • validation of computerized systems that generate, maintain, distribute or archive electronic records;
  • validation of analytical methods;
  • validation of production processes;
  • review of GxP records;
  • investigation of deviations and doubtful and out-of-specifications results;
  • and many other risk management controls within the quality management system.

Data governance measures should also ensure that data are complete, consistent, enduring and available throughout the life cycle, where:

  • C = complete – All information that would be critical to recreating an event is important when trying to understand the event. The level of detail required for an information set to be considered complete would depend on the criticality of the information. A complete record of data generated electronically includes relevant metadata.
  • C = consistent – Good Documentation Practices should be applied throughout any process, without exception, including deviations that may occur during the process. This includes capturing all changes made to data.
  • E = enduring / durable – Records must be kept in a manner such that they exist for the entire period during which they might be needed. This means they need to remain intact and accessible as an indelible/durable record throughout the record retention period.
  • A = available – Records must be available for review at any time during the required retention period, accessible in a readable format to all applicable personnel who are responsible for their review whether for routine release decisions, investigations, trending, annual reports, audits or inspections.

Original data should be reviewed, retained, complete, enduring and readily retrievable and readable throughout the records retention period.

Al in all, the definition Data Integrity is versatile and covers a wide range of data-related issues, for sure the topic is still open for the discussion. As expectations from the authorities in this regard are continuing to grow the Data Integrity concept is expected to expand in upcoming years and play a crucial role in GMP compliance of the manufacturer.



  2. Guideline on Data Integrity – Working document QAS/19.819 October 2019 Draft for comments
  3. Good Practices for Data Management and Integrity in Regulated GMP/GDP Environments – PI 041-1 (Draft 3) 30 November 2018
  4. Data Integrity and Compliance with CGMP Guidance for Industry – draft guidance – April 2016

By Afandiev R.