- OBJECTIVE:
To provide a procedure that assures that the data produced accurately reflects the outcomes of process/tests performed during manufacturing, testing, release and distribution of drug products and have been produced in bias free environment.
- SCOPE:
This procedure is applicable to all personnel involved directly or indirectly in manufacturing, testing, release and distribution of drug products and this procedure is also applicable to external service providers involved in manufacturing, testing, release and distribution of drug products.
- RESPONSIBILITY:
- QA: initiate and co-ordinate training on the ‘Data Integrity and Technical Ethics Monitoring’ procedure. Ensure “Data Integrity and Technical Ethics Agreement” is signed by applicable employees.
- QA, QC, WH, Production: Follow the procedure and endorse the Data Integrity and Technical Ethics Agreement. Report issues of suspected breach to data integrity to immediate supervisor and initiate the Process Non Conformance. Approve the summary of data integrity issues / non-conformances identified during the independent data review
- HR: Get the endorsement on “Data Integrity and Technical Ethics Agreement” from the employees at the time of joining and for existing employees on completion of training. Counsel and/or to take disciplinary action on employees responsible for BDI Issue.
- Head Quality Assurance/Designee: Ensure external service provider sign a Data Integrity Agreement. Investigate the non-conformances related to breach to data integrity. Confirm the suspected breach to Data Integrity and propose actions/ disciplinary actions. Communicate the initial investigation outcome with In-charge of Independent Review Team. Review and approval of process non-conformance. Monitoring of Corrective and Preventive Actions (CAPA) related to breach to data integrity and its timely closure. Prepare a summary of data integrity issues / non-conformances. Periodically (as part of monthly QRM) escalate summary of BDI, Recurring BDI and status of actions to Data Integrity Steering Committee. Provide on-going Data Integrity training.
- ACCOUNTABILITY:
QA Head shall be Accountable for implementation of SOP.
- PROCEDURE:
- Data Integrity and Technical Ethics Training:
- The Training Coordinator shall provide training on data integrity to employees as part of initial training and refresher training.
- The training on data integrity shall focus on the organization’s response to breach to Data Integrity and Technical Ethics and the trainee shall be made understand that breach of data integrity shall be investigated and consequences of violation results in Warning letter, Temporary/permanent removal from cGMP position and/or Termination and Civil/Criminal Prosecution.
- Data Integrity and Technical Ethics Agreement:
- After completion of training, employee(s) shall acknowledge and adhere to Data Integrity and Technical Ethics requirements by signing the Data Integrity and Technical Ethics Agreement.
- Employees shall submit the signed agreement to the Human Resources Department.
- The Human Resources department shall file the agreement in the individual employee file.
- Employees shall submit a copy of the signed agreement to respective training coordinator for filing in the training file.
- Training Coordinator along with respective reporting supervisor/department in-charge shall ensure agreement is signed before assigning work.
- Head Quality Assurance shall ensure availability of Data Integrity Agreement for all external Service Providers involved in manufacturing, testing, release and distribution of drug products. This agreement shall be made as a part of Contract or Service Agreement or Technical Agreement, as applicable.
- The external service provider shall be briefed about Data Integrity Requirements. This shall include but not limited to;
- Data Integrity and Technical Ethics Training:
- The personnel deployed shall not engage in any unethical practices with respect to data integrity.
- Adherence to Data Integrity is imperative for business continuity.
- Data integrity monitoring shall consist of Identification of suspected breach to data integrity, Reporting, Containment, Investigation, CAPA (including Action and Disciplinary Action) and Continuous Monitoring of data integrity.
- Identification of Breach to Data Integrity:
- The suspected breach to data integrity shall be identified during the following:
- Routine Quality Review,
- Independent data review,
- Internal Audits,
- External Audits
- Quality Compliance Hotline.
- Routine Quality Reviews:
- The routine quality reviews shall comprise of Laboratory Data Reviews, Manufacturing and/or In-process Data Reviews and other associated data/record reviews (for e.g. Qualification/validation, Calibration, Preventive Maintenance records).
- Laboratory, manufacturing and/or in-process and other associated records shall be reviewed as per respective site procedures. Independent Data Reviews include:
- Review of Chromatographic Data/Non chromatographic Data by Independent Data Review Group shall be conducted as per SOP.
- Internal Audits:
- Internal audits shall be conducted as per the SOP.
- Report any observed breach to data integrity issues to QA In charge. Concerned QA personnel shall initiate the Process non conformances wherever required.
- Issues reported from Quality Compliance Hotline as per SOP and External Audit Findings shall be investigated for the potential breach to data integrity.
- Reporting of suspected breach to data Integrity:
- A suspected breach to data integrity issue observed shall be informed to immediate supervisor and initiate the Process Non Conformance as per SOP.
- Evaluation and containment of suspected breach to Data Integrity:
- Preliminary evaluation of suspected breach to data integrity shall be performed to identify the boundaries of the issue, and initiate containment of the impacted process/product, where applicable.
- Department In-charge shall notify the suspected BDI issues to In Charge Lab Compliance Group and initiate an investigation.
- Investigation and CAPA (including Action and Disciplinary Action):
- An investigation shall be initiated as per SOP.
- The investigation team (including Department Head and QA Head) shall evaluate the suspected BDI for any willful miss-statement, misrepresentation, manipulation, adulteration, rewriting, hiding, replacing of quality related documents, materials, activities or equipment in order to give an item the appearance of GMP compliance or negligence or work pressure or unintentional errors.
- The initial investigation outcome shall be reviewed by In-charge of Lab Compliance Group for independent evaluation and authentication of suspected breach to data integrity and proposed actions and/or disciplinary actions.
- The In-charge Lab Compliance Group shall immediately escalate the identified breach to data integrity issue to the Data Integrity Steering Committee.
- The breach to data integrity issues shall be categorized as below based on the investigation:
- Erroneous data entry/unintentional error and/or lack of awareness with minor consequences.
Action: Retraining
- Repeated issues of erroneous data entry/unintentional error and/or lack of awareness with minor consequences, unethical behavior. Disciplinary.
Action: Warning Letter
- Unintentional breach to data integrity with impact on quality.
Action: Retraining, Disciplinary Action: Temporary removal from cGMP position
- Intentional breach to data integrity with impact on quality.
Disciplinary Action: Permanent removal from the GMP operations/Termination and or Civil/Criminal prosecutions.
- The In-charge Lab Compliance Group shall inform Human Resource Department to initiate disciplinary actions, wherever necessary.
- Concurrently, a detailed investigation shall be conducted for identifying the root cause(s) and propose corrective action(s) to avoid reoccurrence of the issues by QA Head or designee, Impacted Department In charge, Independent Data Review Group and respective SME (wherever required).
- Follow the SOP for approval of process non-conformance.
- After final approval of process non-conformance, CAPA is automatically triggered in CAPA module as per SOP.
- Continuous monitoring of Data Integrity:
- Non conformances (related to Breach to Data Integrity) shall be trended on Quarterly by considering the following elements;
- Total number of processes non conformances initiated in the review period.
- Review of recurring cases during that review period.
- CAPA implementation status and effectiveness.
- Review of previous trends.
- Head Quality Assurance shall escalate the summary of breach to data integrity, recurring BDI and status of actions on breach to data integrity as a part of monthly quality review meetings to Data Integrity Steering Committee.
- Evaluate the effectiveness of CAPA and extend the Corrective and Preventive Actions/improvements to other sites/departments, wherever applicable.
- The Data Integrity Steering Committee shall review the summary of breach to data integrity as part of respective Quality Review Meetings and/ or periodic review meetings to assess the health of Data Integrity monitoring controls and tools.
- Data Integrity Steering Committee shall provide necessary support to initiate/develop the controls and measures to improve Data Integrity.
- Miscellaneous:
- Accurate: A qualitative assessment of correctness or freedom from error or magnitude of error.
- Trustworthy: Ensuring data trustworthiness and reliability, as related to security of the information/data.
- Data Integrity Steering Committee: A committee of Senior Management members including Directors, CQA Head and Respective Cluster Head.
- REFERENCES:
MHRA GMP Data Integrity Definitions and Guidance for Industry, March 2015
- ANNEXURES:
| ANNEXURE NO. | ANNEXURE TITLE |
| Annexure-I | Data Integrity and Technical Ethics Agreement |
| Annexure-II | Data Integrity Agreement (for External Service Provider) |
| Annexure-III | Disciplinary Action Initiation Form |
- DISTRIBUTION:
- Controlled Copy No. 01 : Head Quality Assurance
- Controlled Copy No. 02 : Head Production
- Controlled Copy No. 03 : Human Resources
- Controlled Copy No. 04 : Head Quality Control
- Controlled Copy No. 05 : Head Engineering
- Master Copy : Quality Assurance Department
- ABBREVIATIONS:
| GMP | : | Good Manufacturing Practices |
| No. | : | Number |
| SOP | : | Standard Operating Procedure |
| CAPA | : | Corrective And Preventive Actions |
| DI | : | Data Integrity |
| QRM | : | Quality Risk Management |
| BDI | : | Breach to Data Integrity |
| ADE | : | Acceptable Daily Exposure |
| PGH | : | Pharma Guide Hub |
- REVISION HISTORY:
CHANGE HISTORY LOG
| Revision No. | Details of Changes | Reason for Change | Effective Date |
| 00 | New SOP | Not Applicable | To Be Written Manual |
ANNEXURE-I
DATA INTEGRITY AND TECHNICAL ETHICS AGREEMENT
ANNEXURE-II
DATA INTEGRITY AGREEMENT (FOR EXTERNAL SERVICE PROVIDER)
ANNEXURE-III
DISCIPLINARY ACTION INITIATION FORM
Frequently Asked Questions?
Q: What is the purpose of Data Integrity and Technical Ethics Training in the pharmaceutical setting?
A: The purpose of Data Integrity and Technical Ethics Training is to provide employees with comprehensive knowledge about data integrity principles. This training, conducted during both initial and refresher sessions, emphasizes the organization’s response to breaches in Data Integrity and Technical Ethics. Trainees are informed about potential consequences, including warning letters, temporary or permanent removal from cGMP positions, termination, and the possibility of civil or criminal prosecution for violating data integrity.
Q: How does the pharmaceutical company ensure employee adherence to Data Integrity and Technical Ethics requirements after training?
A: After completing the training, employees are required to acknowledge and adhere to Data Integrity and Technical Ethics requirements by signing the Data Integrity and Technical Ethics Agreement. This signed agreement is then submitted to the Human Resources Department for filing in the individual employee file. Additionally, a copy of the agreement is submitted to the respective training coordinator for filing in the training file. The agreement must be confirmed as signed before assigning any work, as monitored by the Training Coordinator and respective reporting supervisor/department in-charge.
Q: What role does the Head of Quality Assurance play in ensuring Data Integrity Agreements for external Service Providers?
A: The Head of Quality Assurance ensures the availability of Data Integrity Agreements for all external service providers involved in manufacturing, testing, release, and distribution of drug products. These agreements are integrated into contracts, service agreements, or technical agreements as applicable. The external service providers are briefed on Data Integrity Requirements, emphasizing the prohibition of unethical practices, the importance of adherence for business continuity, and the necessity of continuous monitoring of data integrity.
Q: How does the pharmaceutical company identify breaches to Data Integrity?
A: Breaches to Data Integrity are identified through various means, including routine quality reviews, independent data reviews, internal audits, external audits, and the Quality Compliance Hotline. Routine quality reviews encompass laboratory data reviews, manufacturing and/or in-process data reviews, and other associated data/record reviews. Independent data reviews involve the evaluation of chromatographic and non-chromatographic data by an independent data review group. Internal audits, external audit findings, and reports from the Quality Compliance Hotline are also sources for identifying suspected breaches to Data Integrity.
Q: What steps are taken once a suspected breach to Data Integrity is identified?
A: When a suspected breach to Data Integrity is identified, the immediate supervisor is informed, and the Process Non-Conformance is initiated as per the Standard Operating Procedure (SOP). Following this, a preliminary evaluation is performed to identify the boundaries of the issue, and containment measures are initiated where applicable. The Department In-charge notifies the suspected BDI issues to the In-Charge Lab Compliance Group, initiating an investigation.
Q: How does the pharmaceutical company categorize breaches to Data Integrity based on the investigation?
A: Breaches to Data Integrity are categorized based on the investigation outcomes:
- Erroneous data entry/unintentional error and/or lack of awareness with minor consequences: Action – Retraining.
- Repeated issues of erroneous data entry/unintentional error and/or lack of awareness with minor consequences, unethical behavior: Action – Warning Letter.
- Unintentional breach to Data Integrity with impact on quality: Action – Retraining, Disciplinary Action – Temporary removal from cGMP position.
- Intentional breach to Data Integrity with impact on quality: Disciplinary Action – Permanent removal from GMP operations/Termination and/or Civil/Criminal prosecutions.
Q: How is continuous monitoring of Data Integrity implemented in the pharmaceutical company?
A: Continuous monitoring of Data Integrity involves trending non-conformances related to Breach to Data Integrity on a quarterly basis. Elements considered include the total number of process non-conformances initiated, review of recurring cases, CAPA implementation status and effectiveness, and the review of previous trends. The Head of Quality Assurance escalates the summary of breach to Data Integrity, recurring BDI cases, and action status to the Data Integrity Steering Committee in monthly quality review meetings. The Data Integrity Steering Committee assesses the health of Data Integrity monitoring controls and tools during periodic review meetings.
