Data integrity PIC S
good practices for data management and integrity in regulatory GMP/GDP environments
good practices for data management and integrity in regulatory GMP/GDP environments
You also want an ePaper? Increase the reach of your titles
YUMPU automatically turns print PDFs into web optimized ePapers that Google loves.
should clearly demonstrate that reporting is actively supported and
encouraged by senior management.
6.1.5 The extent of Management’s knowledge and understanding of data integrity
can influence the organisation’s success of data integrity management.
Management should know their legal and moral obligation (i.e. duty and
power) to prevent data integrity lapses from occurring and to detect them, if
they should occur. Management should have sufficient visibility and
understanding of data integrity risks for paper and computerised (both hybrid
and electronic) workflows.
6.1.6 Lapses in data integrity are not limited to fraud or falsification; they can be
unintentional and still pose risk. Any potential for compromising the reliability
of data is a risk that should be identified and understood in order for
appropriate controls to be put in place (refer sections 5.3 - 5.5). Direct
controls usually take the form of written policies and procedures, but indirect
influences on employee behaviour (such as undue pressure, incentives for
productivity in excess of process capability, opportunities for compromising
data and employee rationalisation of negative behaviours) should be
understood and addressed as well.
6.1.7 Data integrity breaches can occur at any time, by any employee, so
management needs to be vigilant in detecting issues and understand reasons
behind lapses, when found, to enable investigation of the issue and
implementation of corrective and preventive actions.
6.1.8 There are consequences of data integrity lapses that affect the various
stakeholders (patients, regulators, customers) including directly impacting
patient safety and undermining confidence in the organisation and its
products. Employee awareness and understanding of these consequences
can be helpful in fostering an environment in which quality is a priority.
6.1.9 Management should establish controls to prevent, detect, assess and correct
data integrity breaches, as well as verify those controls are performing as
intended to assure data integrity. Sections 6.2 to 6.7 outline the key items
that Management should address to achieve success with data integrity.
6.1.10 Senior Management should have an appropriate level of understanding and
commitment to effective data governance practices including the necessity
for a combination of appropriate organisational culture and behaviours
(section 6) and an understanding of data criticality, data risk and data
lifecycle. There should also be evidence of communication of expectations to
personnel at all levels within the organisation in a manner which ensures
empowerment to report failures and opportunities for improvement. This
reduces the incentive to falsify, alter or delete data.
6.2 Policies related to organisational values, quality, staff conduct and ethics
6.2.1 Appropriate expectations for staff conduct, commitment to quality,
organisational values and ethics should clearly communicated throughout the
organisation and policies should be available to support the implementation
and maintenance of an appropriate quality culture. Policies should reflect
Management’s philosophy on quality, and should be written with the intent of
developing an environment of trust, where all individuals are responsible and
accountable for ensuring patient safety and product quality.
PI 041-1 11 of 63 1 July 2021