INTRODUCTION:

With advances in computer and digitalization, the relevance of data integrity (DI) has increased tremendously¹. There is a constant need for reliable DI solutions in the pharmaceutical industry, hence the need for DI keeps on increasing. The most important aspect of DI is security. When DI is maintained, data and results are reliable thus belief in methods and results used in study/experiments increases by several folds². There are numerous advantages of implementing the DI in the organizations. The standard, potency and safety of the product can be verified with valid and exact data issued through DI. It helps to establish trust between the authoritative organization and the firms as a whole. It removes the necessity for examination of each and every step which is included in the manufacturing and supplying of the pharmaceuticals³.

Data is not easy to deal with because it has several steps all over in its entire life cycle. It is important not only to store but also to be secure through multiple means⁴. Data means all indigenous documents or validated exact versions and information from indigenous documents⁵. The word integrity means to be true and to have strong ethical principles. DI is known as the degree to which all the data throughout its life cycle are consistent, complete and accurate⁶. DI supports by supplying records that are entire, errorless, and accordant. It is useful in revoking the products, complying with regulatory guidance, and enhancing the image of the organization⁷.

DI is uniformly essential for both paper and electronic forms of data. Good documentation practices (GDP) is a DI verification solution and is a main quality management system (QMS) area. Quality and integrity of the data are key elements to ensure drug safety. Data integrity and data security are not the same. DI regards the accuracy of the data whereas data security regards securing data against destruction and misuse by both intentional and accidental ways. Data Privacy refers to protecting the privacy of data which is in a database⁷. The growth of DI and data security markets is forecasted to jump from USD 3.5 Billion to USD 9.8 Billion by 2026 at a CAGR of about 23%⁸.

Features of DI¹:

When the data is collected and documented, it should explain when, why and who generated the data for record along with that it should be

· Readable and saved in universal language.

· Current and should match with time zone of place.

· Errorless

· Absolute, contemplative, and trustworthy.

DIin Relation to Drug Discovery, Development and Manufacturing:

DI plays a very important role in the pharma industry. Beginning from the discovery of lead molecule to preclinical studies, in preformulation studies as well as the clinical trials, additionally a vital role in technology transfer. Most of the DI issues occur at technology transfer stage. Fig.1 represents DI issues during the whole drug development process.

Fig. 1: DI issues during the whole drug development process

Regulatory Requirements^2,3,9,10:

DI is a critical aspect of regulatory compliance for various industries, particularly in fields such as pharmaceuticals, healthcare, finance and food manufacturing. The specific regulatory requirements for DI can vary depending on the sector and region, but some common guidelines and principles are followed across industries.

Following are some key regulatory requirements

1. Good Manufacturing Practices (GMP): In the pharmaceutical and biotechnology industries, adherence to GMP is essential to ensure the quality, safety, and efficacy of drugs and medical devices. DI is a fundamental part of GMP, and regulatory authorities like the United States Food and Drug Administration (USFDA) and the European Medicines Agency (EMA) have issued guidance documents emphasizing the importance of DI in these industries.

2. 21 CFR Part 11^11,12,13: For organizations operating under the jurisdiction of the USFDA, Title 21 CFR Part 11 outlines the requirements for electronic records and electronic signatures. It sets the standards for maintaining DI, security, and authenticity in electronic records used in FDA-regulated industries.

3. European Union Annex 11^14,15: Similar to 21 CFR Part 11, Annex 11 of the European Union's Good Manufacturing Practice (EU GMP) guidelines provides requirements for electronic records and electronic signatures in the pharmaceutical industry within the European Union (EU).

4. Health Insurance Portability and Accountability Act (HIPAA): HIPAA regulations in the United States apply to the healthcare industry and establish standards for protecting the privacy and security of patient health information (PHI). DI is a crucial component of safeguarding PHI.

5. General Data Protection Regulation (GDPR):

GDPR is a comprehensive data protection regulation in the EU, applicable to all industries handling personal data of EU citizens. GDPR mandates strict data protection principles, including DI and accuracy.

6. International Conference on Harmonization (ICH) Guidelines¹⁶: The ICH provides guidelines on various aspects of pharmaceutical development, including DI. For instance, ICH Q7 and Q10 guidelines address DI and quality management.

7. Sarbanes-Oxley Act (SOX): SOX is a U.S. federal law primarily focused on financial reporting and corporate governance. Companies subject to SOX regulations are required to maintain accurate and reliable financial data, highlighting the importance of DI in financial reporting.

8. ISO 27001: The ISO 27001 standard outlines requirements for establishing, implementing, maintaining, and continually improving an information security management system (ISMS). DI is an integral part of information security and is covered within this standard.

Organizations operating in these regulated industries must have robust DI policies, procedures, and controls in place to comply with these regulatory requirements. Failure to meet these standards can lead to severe consequences, including fines, legal actions, loss of reputation, and other regulatory penalties. It is essential for companies to proactively address DI and ensure it is maintained throughout their operations.

Importance of DI³:

DI is crucial in various fields and industries, as it ensures the accuracy, reliability, and consistency of data throughout its lifecycle. Here are some key reasons why DI is of utmost importance:

1. Decision-making accuracy: Reliable data is essential for making informed and accurate decisions. Decision-makers rely on accurate information to strategize, plan, and implement actions that can affect an organization's success.

2. Business operations: DI is vital for the smooth functioning of daily business operations. Incorrect or corrupted data can lead to errors in processes, transactions, and customer interactions, causing financial losses and damaging the organization's reputation.

3. Compliance and regulations: Many industries have specific regulatory requirements that mandate DI to protect sensitive information and maintain transparency. Compliance with these regulations is not only a legal necessity but also essential for maintaining customer trust.

4. Customer trust: DI directly impacts customer trust. If customers doubt the accuracy and security of their personal information, they may be reluctant to engage with a business, affecting brand reputation and customer loyalty.

5. Data analysis and reporting: Accurate data is the foundation for meaningful data analysis and reporting. Analyzing flawed data can lead to incorrect insights, potentially leading to misguided business decisions.

6. Data integration: Organizations often need to integrate data from different sources to gain a comprehensive view of their operations. Without DI, integrating information can be challenging and result in data inconsistencies.

7. Preventing data loss: DI measures, such as data backups and redundancy, help prevent data loss due to hardware failures, cyberattacks, or other unexpected events.

8. Data security: Maintaining DI is closely linked to data security. A breach in DI can be an indicator of unauthorized access or malicious tampering, leading to potential data breaches and security threats.

9. Collaboration and data sharing: In collaborative environments or when sharing data with external partners, DI ensures that everyone is working with accurate and reliable information, leading to more effective collaboration.

10. Long-term sustainability: Ensuring DI contributes to the long-term sustainability of an organization. It helps establish a solid foundation for data-driven decision-making, fosters innovation, and supports continuous improvement.

11. Research and development: DI is crucial in pharmaceutical research and development (R and D) as it forms the basis for making informed decisions. Accurate and reliable data ensures that research findings are valid and reproducible, and can be used to support the development of new drugs, clinical trials, and scientific publications. DI also facilitates the sharing of research data among scientists and helps in advancing medical knowledge.

12. Manufacturing and quality control: The pharmaceutical manufacturing process involves numerous steps, including raw material testing, formulation, packaging, labeling, and quality control. DI is essential at each stage to ensure that the products meet the required quality standards and are safe for consumption. Inaccurate or incomplete data can lead to manufacturing errors, batch rejections, or even the production of substandard or counterfeit drugs.

13. Supply chain management: DI plays a vital role in the pharmaceutical supply chain, ensuring traceability and accountability of pharmaceutical products from manufacturing to distribution. Accurate data helps in tracking the movement of drugs, preventing counterfeiting, and identifying potential risks or issues within the supply chain. It also aids in product recalls, if necessary, to ensure patient safety.

14. Intellectual property protection: Pharmaceutical companies invest significant resources in research, development, and innovation. DI safeguards the integrity of intellectual property by ensuring that confidential information, research data, and trade secrets remain protected from unauthorized access, tampering, or manipulation. This helps to maintain the competitive advantage of pharmaceutical companies and encourages further innovation in the industry.

DI is fundamental for organizations seeking to achieve their objectives, maintain compliance, and build trust with their stakeholders. It forms the backbone of effective data management and empowers businesses to make well-informed decisions based on reliable data.

Types of Data²: The source of data or information, such as original paper records of manual observation or electronic raw data from a computerized system.

Raw Data: It means a true document, evidence maintained in the form as they were originating or as a true copy.

Metadata: It is data that report features of other data and gives circumstances and meaning. It also reports composition, data segment, correlations and other features of the data. For e.g., in measuring the weight the number 9 is illogical without the unit i.e., 9 mg which is metadata.

Static Data: It is a fixed data report. It either forbids or severely restricts user interaction with recorded content.

Dynamic Data: Transactional data is information that is periodically updated.Contact between the user and recorded content is made possible by this format.

Electronic Data: It means data that can be, or has been, distributed or stored by electronic, electrical or electro-mechanical equipment and includes programs,Electronic devices and computers. ERP software is utilized to manage laboratory electronic files and papers, as well as the quality control system.

Quality Risk Management (QRM): It is a systematic process for the analysis, check, transmission and evaluation of risks to the quality of the drug product across the life cycle of the product.

True Copy: It is an exact validated copy of an original document which includes analytical summary reports, validation reports, etc. of the data.

Data Lifecycle^4,¹⁷:

This is the process which defines how data will flow throughout its lifecycle. Data is taken in various forms such as PDFs, images, word files, etc. This collected data needs to be preserved and secured with a significant level of security administered.A robust backup and recovery procedure must be applied to ensure the preservation of the data life cycle.This preserved data is used to carry out various operations in the firm. The data may be made accessible to share with others with external firms. A site where data is preserved, but there is no use/maintenance of data is carried out is the data archive process.Removal of each copy of data from the organization is the data destruction process and it is carried out from an archive storage location.

The various steps involved in the data life cycle are shown in Fig .2

Fig. 2: Data Lifecycle

How to Integrate Data¹:

Data can be integrated by doing the following operations-

· Should be protected and should not be updated, removed or changed by anyone.

· should be saved safely to prevent any kind of loss, worsening and thievery.

· should be maintained in the original format.

Types of DI¹⁸^,¹⁹:

Physical and logical integrity are the two types of DI. Both type of DI are in the accumulation of various operations and techniques that executes DI in hierarchical and relational databases.

1. Physical integrity- Wholeness and correctness of the stored data are protected.

2. Logical integrity- Save data from human miscalculation and hacking. The following are the types of logical integrity:

i. Entity integrity- Relies on the creation of a notable principle that determines the primary key to make sure that the data is entered only once and the table is not vacant.

ii. Referential integrity- Refers to the sequence of operations that make sure the data is reserved and used uniformly.

iii. Domain integrity- Collections of operations which make sure the correctness of each part of data.

iv. User-defined integrity- Involves the order and limitations created by the user.

Principle: ALCOA+++(Attributable, Legible, Contemporaneous, Original, Accurate)²⁰^,2¹^,2²^,2³:

ALCOA stands for Attributable, Legible, Contemporaneous, Original, Accurate and the Plus (+) sign in ALCOA+ represents Complete, Consistent, Enduring, and Available. ALCOA+++ is the updated form of the ALCOA. It is the same like the conversion of GMP to cGMP (current good manufacturing practices).

Before the pharmaceutical products are available for general use in a market, the manufacturing organizations must submit the confirmation of their safety and efficacy. To do the same they have to conduct trial studies and various lab testing. ALCOA in pharmaceuticals is applied to check whether the given confirmation of safety and efficacy of the product is as per the regulatory guidelines or not? Many regulatory bodies such as the FDA, EMEA and Health Canada suggest to applying ALCOA in their organizations.

The goal and need of each component of ALCOA+++ are given in Table 1.

Table 1: ALCOA+++ Principle

*ALCOA+++***	Goal	*Why to do it?*
A Attributable	Determine the individual who is accountable for the operation.	To check whether the individual is trained for the activity or not?
L Legible	Create readable and understandable data.	To check what is recorded?
C Contemporaneous	Record the data whenever the operation is done.	To obtain the actual time of the operation.
O Original	Whatever the operation is done it must be recorded as it is.	To ensure the originality of the operation.
A Accurate	Whatever the data/ outcomes are obtained must be recorded as it is.	To ensure the originality of the operation.
+ Complete	The operation/ data must be analytical to regenerate the development.	To make sure that nothing has been lost/ deleted.
+ Consistent	The data must have a date and time label in the required order.	To make sure sequential arrangement of the operation.
+ Enduring	The data must be accessible long after it is documented.	To ensure the accessibility of older data even after prolonged time.
+ Available	The data must be accessible for the evaluation at any time within the storage of the data.	To ensure the accessibility of the data.

DI Risk Factors^3,4,22:

DI risk factor refers to any factor or condition that may compromise the accuracy, completeness, consistency, and reliability of data. These risks can lead to data errors, inconsistencies, or unauthorized modifications, which can have significant consequences for businesses, organizations, and individuals. As quoted by Clive Humby “Data is the new oil” which proves how valuable of an asset is data to any company. Thus, companies do their best to protect and preserve the integrity of data from hackers, rival companies, etc. It is important to know that DI is vulnerable to various activities such as purposeful manipulation, data theft, bugs and viruses. While we can attempt to reduce risk factors to a minimum, we cannot eliminate them. Following are the risk factors:

1. Personnel- DI occurs when the person working is not aware, not well trained, enters wrong information, deletes/make duplication of the data.

2. Process-DI occurs when the process is not validated for its intended use.

3. Transfer error- It happens when the data is not completely moved from one databaseto another.

4. Bugs and Viruses-Malware, Spyware and viruses are the parts of the software which can capture a computer and may alter, remove or take the records.

5. Software bugs or glitches- Errors in software programs or applications can cause unintended alterations to data or lead to data corruption.

6. Hardware failure- Malfunctioning or failing hardware components can result in data loss or corruption.

7. Lack of data validation and verification- If data is not adequately validated and verified before storage or processing, inaccurate or incomplete data can enter the system.

8. Environmental factors- Natural disasters, power outages, or other environmental events can disrupt data storage and processing, potentially affecting DI.

9. Improper access controls- Weak access controls or inadequate user permissions can allow unauthorized individuals to modify or delete data, leading to integrity issues.

10. Data tampering or unauthorized changes- Deliberate alteration of data by unauthorized users or hackers can lead to DI violations.

11. Data integration and synchronization issues- When integrating data from various sources or synchronizing data across multiple systems, inconsistencies may arise, affecting DI.

To address DI risks, organizations typically implement robust security measures, access controls, encryption, data validation protocols, and regular data backups. Auditing and monitoring mechanisms are also essential to detect and respond promptly to any potential DI threats.

Ways to reduce or remove risk of DI^24,25

1. Securing records- Records are secured by applying limitations to documents. Dealers like Microsoft and Adobe have the capability to restrict the action that can be taken on files from readable to make only specific changes. Also, we can encode our files and PDFs by pin.

2. Applying the backup and recovery policy- Periodic backups of records are overcritical to conserve DI and avoid the precious losing of records. Data that is regularly backed up can be replaced in its indigenous form in case of a contravention.

3. Taking audit trails- Time-stamped, computer-generated audit trail follows the name, time and date of data recording, moderating and removing.

4. Introducing access control programs- Without the authorized permission to use and with spiteful purpose, an individual can produce significant damage to records. Applying a minimal entitlement model, where access is accessible only to users who need access to the data, is a very popular form of access control.

5. By using a pin- Use a strong pin to block unauthorized entry to all storage devices where data is saved. Never keep a pin on place cards or desks.

6. By securing safety- Cyber-security actions like document encryption also help to lessen the loss of DI. Anti-malware software is also suggested to block attacks of malicious and documents from accessing your desktops and purposeful tampering of the records.

DI Issues^3,4,7,8,2⁶:

DI refers to the accuracy, consistency, and reliability of data throughout its lifecycle. It is a critical aspect of data management and ensures that data remains complete and unaltered during storage, processing, transmission, and retrieval. DI issues can arise from various sources and have significant consequences for businesses and organizations. Here are some common DI issues-

1. Human error- Mistakes made by users while managing or manipulating data can introduce integrity issues. For instance, accidental data deletions or updates can occur due to human errors.

2. Input errors- When data is entered manually or through automated processes, errors can occur, leading to inaccurate or incomplete data. This could be typos, missing information, or incorrect data entry.

3. Data loss- Unplanned data loss can happen due to system failures, disasters, or accidental deletions. Without proper backups or data recovery mechanisms, the lost data cannot be restored, leading to integrity issues.

4. Data corruption- Data corruption occurs when data becomes damaged or altered due to errors in storage or transmission. This can happen due to hardware failures, software bugs, or malicious activities like hacking or malware.

5. Data duplication- Duplication of data can occur when the same records are entered multiple times into a database or when data is copied without proper checks. It can lead to inconsistencies and confusion in data analysis.

6. Data decay- Over time, data might become outdated, leading to discrepancies and inaccuracies if not properly maintained and updated.

7. Data integration issues- When data is combined from multiple sources or systems, integration problems may arise, resulting in inconsistencies and inaccuracies.

8. Unauthorized access- When unauthorized individuals gain access to sensitive data, they might modify or delete information, compromising DI and security.

9. Software and system upgrades- Upgrading software or systems without proper data migration planning can lead to data compatibility issues and loss of DI.

10. Inconsistent business rules- Inconsistent application of business rules can lead to conflicts and contradictions in data, affecting its integrity.

To ensure DI, organizations employ various techniques, including data validation checks, data encryption, access controls, backup and disaster recovery plans, and regular audits. DI is vital for maintaining trust, making informed decisions, and meeting regulatory requirements.

The reasons for DI issues^3,4,26:

DI issues can occur for various reasons, and they can significantly impact the reliability and accuracy of data, some of the reasons are human error, work or time load, data entry mistakes, typos, and inadequate education and knowledge. Software bugs, hardware failures, network problems, software upgrades or migrations, malicious activities, lack of access controls, power outages, software glitches, data interdependencies, data transformation, lack of data validation, data aging and degradation can also cause the DI issue.

It may also include a load of performance, popularity of the firm, culture of the firm, money, as told by the manager of a firm to do the operations which are opposite as told in the cGMP, sharing the password, backdating, no availability of raw data to support documents or loss of the documents during the changes to the system, generating incorrect and insufficient documents, operations are not record contemporaneous, incomplete computer validation process, test results which are obtained for one batch is used to release other batches, deleting or manipulating the electronic records, turn-off the audit trail etc.

Master plans to avoid DI issues^3,4,2⁶:

Avoiding DI is not a good practice, as it undermines the trustworthiness and reliability of the data you are working with. Instead, you should focus on maintaining DI to ensure the accuracy and consistency of your data.

To mitigate DI issues, organizations implement various strategies such as regular backups, data validation routines, access controls, redundancy, error-checking mechanisms, and rigorous testing during software upgrades or migrations. It's essential to have data governance policies and best practices in place to ensure data accuracy, reliability, and security.

Here are some best practices to achieve and preserve DI:

A. Implement data validation- Validate incoming data at the point of entry to ensure it meets defined criteria and follows the expected format. This prevents erroneous data from corrupting your dataset.

B. Use data encryption- Encrypt sensitive data to protect it from unauthorized access and tampering. Encryption ensures DI during transmission and storage.

C. Regular backups- Regularly backup your data to avoid data loss due to accidental deletions, system failures, or cyber-attacks. This way, you can restore your data to a known good state if needed.

D. User access controls- Set up appropriate access controls to limit data modifications to authorized personnel only. This helps prevent intentional or accidental changes to critical data.

E. Audit trails- Maintain detailed logs of data modifications, access, and changes. Audit trails enable you to track who made changes and when, and help to detect any potential issues.

F. Data versioning- Keep track of different versions of your data to roll back to a previous state if needed. Version control helps maintain DI during collaborative work and data updates.

G. Regular maintenance and updates- Ensure that your software, databases, and systems are up to date with the latest security patches and bug fixes. This minimizes the risk of vulnerabilities that could compromise DI.

H. DI checks- Implement automated DI checks and validation routines to identify inconsistencies and errors in your dataset.

I. Data redundancy- Replicate data across multiple locations or servers to ensure data availability and integrity in case of hardware failures or disasters.

J. Training and awareness- Educate your staff about the importance of DI and the best practices to maintain it. Foster a culture of responsibility and diligence when handling data.

By adhering to these practices, you can significantly reduce the risk of DI issues and ensure the reliability and accuracy of your data. DI is an ongoing process that requires constant vigilance and regular review of your data management practices.

Consequences of DI issues^3,4,2⁶:

DI issues can have significant consequences for individuals, organizations, and society as a whole. These consequences can vary in severity depending on the nature of the data, the scale of the issue, and the context in which it occurs. Here are some potential consequences of DI issues-

Warning letters, statement of non-compliance and consent decrease: Regulatory authorities have issued numerous warning letters, notices of non-compliance, and consent decrease to pharmaceutical manufacturing facilities after identifying DI concerns. If regulatory authorities take such actions, the company's ability to obtain approval for a new drug product for sale would be harmed, as well as the regulatory authority's confidence in the company. In addition, the company can find itself in a situation where it needs to reduce production or keep products on hand. This would result in a shortage of prescription drugs as well as a loss of consumer confidence.

Loss of regulatory trust: When problems with DI occur, regulators are likely to lose faith in the business. This would lead to more frequent checks of the plant in the hopes of finding more facts to back up arguments, and it would be more difficult for a company to get approval for routine issues.

Financial losses: DI issues can result in financial losses for businesses and individuals. If data used for financial transactions or accounting purposes is compromised, it can lead to errors in billing, payments, and financial reporting.

Damage to public trust: In the case of government agencies or public institutions, DI issues can undermine public trust in those entities. This loss of trust can have long-term consequences, impacting citizen's willingness to engage with public services.

Reputational damage: When DI issues affect sensitive or personal information, it can erode trust and damage an organization's reputation. Customers, clients, and partners may lose confidence in the organization's ability to handle data responsibly and securely.

Legal and regulatory repercussions: DI issues may lead to violations of data protection and privacy regulations, resulting in legal penalties and fines. For example, the General Data Protection Regulation (GDPR) in Europe imposes significant fines for mishandling personal data.

Product recalls and quality issues: For manufacturing and supply chain industries, DI problems can lead to product recalls, reduced product quality, and safety concerns.

Need to appoint third-party consultants for DI:If the USFDA has issued a warning letter to the pharmaceutical plant, the FDA recommends hiring a third-party expert who is experienced in detecting DI issues to assist the organization with this evaluation and overall cGMP enforcement. Identifying data security problems and meeting regulatory requirements with the help of a consultant is usually time-consuming and costly.

Misinformed decision-making: Incorrect or corrupted data can lead to flawed analysis and decision-making. Businesses may make wrong investments, governments may implement ineffective policies, and individuals may make poor choices based on unreliable information.

Security breaches: DI problems can be exploited by malicious actors to gain unauthorized access to systems, alter data, or introduce malware, leading to security breaches and cyberattacks.

Loss of intellectual property: For research institutions, companies, or individuals working on innovative projects, DI issues can lead to the loss or theft of intellectual property, jeopardizing future developments and competitive advantage.

Health and safety risks: In sectors like healthcare and critical infrastructure, DI issues can lead to potential health and safety risks. For example, incorrect medical records could result in misdiagnoses or wrong treatments.

Operational inefficiencies: DI issues can disrupt day-to-day operations, causing delays and hampering productivity as employees need to resolve the problems and clean up data discrepancies.

To mitigate these consequences, organizations must prioritize DI, implement robust data governance practices, establish data quality checks, and invest in cybersecurity measures to protect against potential breaches. DI is crucial for ensuring the accuracy, reliability, and trustworthiness of information in today's data-driven world.

DI Constraints²⁷:

There are some limitations/ Constraints DI which are as follows:

· Required Data- Columns must contain the logical content of the data in all the rows.

· Validity Check- Columns must contain data within the domain, set of the content legal for a column-data type, CHECK, Domain

· Entity Integrity- The primary key must contain unique content in each of the rows

· Referential Integrity- Foreign key linking each row of sub table to match with primary key value in the main table

· Other data relationships- Additional limitation to govern legal data content

· Business rules

· Consistency- Multiple updates which involves many tables may make database incompatible.

How to Preserve DI²⁸^,²⁹:

The generation and preservation of DI is equally important, mainly there are 8 ways to preserve DI. These are

1. Carry out a risk-based validation method- Check the accuracy of the system which is part of GxP compliance. Secure agreement addresses the quality of data and authenticity. Make sure our quality management system determines frequency, tasks and responsibilities in system validation. Our validation master plan must underline the approach which we will use to analyze relevant metadata, including audit trails, etc. Plan regular re-evaluations after the initial validation.

2. Select a proper system and Service supplier- Arrangements must be appropriate and of a necessary standard. Get the proof of effectiveness of the software for the application it will be used in. Acquire knowledge about the organizational culture of suppliers and maturity related to data regulation. Inquire about what systems are used to make sure about DI and audit.

3. Inspect Audit Trails- The audit trails should be an enduring document of all the data present in a system, which includes any changes that have been made to a data or document case. An audit trail must answer: Who? What? When? and Why? Type of questions. Determine the data applicable to GxP and make sure that it is included in an audit trail. Allot duty and plan for testing the audit trail functionality. The depth of an audit trail evaluation must depend on the complication of the system and its purposeful use. Acknowledge what audit trails consist of distinct event logs, past records, data examination, statements or other systems which show the steps which are associated with the system.

4. Change Control- Make sure that the operating system’s updates are adapted to follow changing rules, mainly when applying current elements. Cooperate with contributors to stay knowledgeable related to changes and upgrade our systems correspondingly. Select the type of set-up that is easy to upgrade upon the addition of new appliances or further system inserts.

5. Certify IT and Verify System- Validated systems demand an IT domain that has been fully qualified.

6. Plan for Business Continuousness- Make sure that disaster recovery arrangements are in position. Plan of action must express how rapidly tasks can be restored, and the expected influence of any kind of data lost. Check the operating systems that can document and collect the data unnecessarily to save it during electric failure or network issues. Hire solutions like UPS, an electrically charged, free-standing apparatus that can switch to an alternative power source when required.

7. Be Errorless- Check the system inputs. For networked systems, make sure that data is arriving from the correct place. Choose the system which provides alarm alerts in case of miscommunication, device-related issues, or data interference.

8. Archive Routinely- Backup and preserve electronic records on a predetermined plan and to a protect site, includes metadata. Confirm the recovery of all of the data during the internal audits. Electronic archives must be certified, protected and preserved in a state of control right through the life cycle of the data.

Case Study³⁰:

The following case studies were compiled from the FDA's Warning Letter Reading Room. Considering the fact that the information is public, no names of companies or locations will be disclosed.

Both companies got FDA 483s, which included numerous observations related to DI issues, among others.

Regardless of the fact that both companies responded, the FDA issued Warning Letters to them because their responses to FDA 483 "lacked sufficient corrective action”.

Case Study I- Failure to investigate and document out-of-specification results obtained for (b)(4), API.

If we consider, for eg, on monthly/ yearly/ daily r (b)(4) lot #(b)(4) assay test could not pass and failed an average of out-of-specification (OOS) of (b)(4) % (the specification is (b)(4) %). In spite of this, the batch was released using a passing retest result without conducting a proper investigation.

In response to this, you stated that OOS could not be related to the quality of the product because of the individual values obtained ((b)(4) % and (b)(4) %). Your provided response is inadequate there is no scientific justification which supports the conclusion.

All out-of-specification results must be well-investigated and properly documented. The main concern is that the batch was released without conducting a well-performed investigation.

The FDA demands a retrospective review of all batches that yielded OOS results including

· Lot number

· All reported test values (involving OOS original result)

· For each OOS investigation, provide the information including evaluation and conclusion along with established CAPA’s.

Case Study II- Failure of your quality unit to review and approve all appropriate quality-related documents.

Production batch record does not contain the dates, amounts and identity of the person who is weighing the material. Also the batch records lack the weigh tickets or printouts of raw materials, in-process materials, or finished APIs.

We are worried that your quality unit is not carrying out its responsibilities during the assessment of production batch records to ensure the necessary information is accessible before releasing your products.

Provide specifics on the global improvements that Company X is implementing to its production and quality systems in order to solve these concerns.

DI Warning Letters Issued by FDA⁴:

Warning letters are mainly given when major defects are discovered but may also be given if the response to Form 483 is categorized as incomplete. It is released after a review by the answered responsible center/ district office, not the inspector. The organization must answer within 15 working days and explain in depth how to correct the deficiencies on the one hand and prevent them from recurring. The percentage of FDA warning letters from 2008-2018 is shown in Fig 3 and Fig 4 shows the percentage of letters in the same duration period.Fig .3 depicts warning letters delivered to pharmaceutical production plants and other facilities, including contract testing laboratories, packaging, and industry of labelling and others. Fig. 4 presents a graphic representation of warning letters received to the pharmaceutical company and the active pharmaceutical ingredient (API) manufacturing industry.

Fig. 3: FDA Warning Letters from 2008-2018

Fig. 4: FDA Warning Letters from 2008-2018 in %

CONCLUSION:

DI plays a major role in maintaining Standards in the pharma industry. Integrity and data confidentiality provide a baseline of information that is important to the opinion of regulators. It is a key activity that requires extensive changes to documents and systems of quality.In some cases, companies fail to carefully look over any unexplainable difference or error in the lot or any of their components to fulfill any instructions, irrespective of whether or not their lot has been dispensed (21 CFR 211.192). Sometimes the companies are unsuccessful in cleaning, maintaining and suitable for the characteristics of drug, sanitization, and/or sterilization of various equipment devices and apparatus at intervals of time to avoid contamination which leads to altered safety, identity, strength, quality or purity of drug above its limits (21 CFR 211. 67 (a)). The companies neglect to set up enough written authorities and standard operation procedures (SOPs) that are appropriate for quality control (QC) units. Hence enhancing the regulatory focus in DI is the need of the hour. DI problems are not new and can continue until the core culture inside the pharmaceutical industry is changed. DI develops a culture of quality and faster regulation of pharmaceuticals and drug products.

CONFLICT OF INTEREST:

No conflict of interest.

REFERENCES:

1. Choudhary A. Importance of Data Integrity in Pharmaceuticals. Available on https://www.pharmaguideline.com/2018/09/importance-of-data-integrity-inpharmaceuticals.html(accessed on 14 May 2021).

2. Ahmad S., et al. Importance of DI and its Regulation in Pharmaceutical Industry. The Pharma Innovation Journal. 2019; 8(1): 306-13.

3. Velimirovic A. What Is Data Integrity? Available on https://phoenixnap.com/blog/what-data-integrity(accessed on 10 May 2021).

4. Bhadrashette MS. Overview of DI Issue in the Pharmaceutical Industry. International Journal of Pharmaceutical Sciences Review and Research. 2018; 50(2): 95-101.

5. Charoo NA., et. al. DI Issues in Pharmaceutical Industry: Common Observations, Challenges and Mitigations Strategies. International Journal of Pharmaceutics. 2023; 631: 122503. doi:10.1016/j.ijpharm.2022.122503

6. Rattan AK. Rattan A. K. (2018). Data Integrity: History, Issues, and Remediation of Issues. PDA Journal of Pharmaceutical Science and Technology. 2018; 72(2): 105-16. doi: https://doi.org/10.5731/pdajpst.2017.007765

7. What Is Data Integrity and Why Is It Important? Available on https://www.talend.com/resources/what-is-data-integrity/ (accessed on 20 March 2021).

8. What Is Data Integrity? Available on https://database.guide/what-is-data-integrity/ (accessed on 20 March 2021).

9. Data Integrity: The whole Story. Available on https://redica.com/data-integrity-the-whole-story/ (accessed on 20 March 2021).

10. USP (2015) Good Documentation Guidelines. US Pharmacopeial Convention, USA.

11. FDA (2016) Guidance to Industry “DI and Compliance with cGMP”. Food and Drug Administration, Rockville, USA, p. 1-13.

12. Code of Federal Regulations- Title 21- Food and Drugs. Available on https://www.fda.gov/MedicalDevices/DeviceRegulationandGuidance/Databases/ucm135680.htm

13. The Electronic Code of Federal Regulations (eCFR). Available on https://www.accessdata.fda.gov/scripts/cdrh/cfdocs/cfcfr/CFRSearch.cfm?

14. European Commission (2011) Good Manufacturing Practice Medicinal Products for Human and Veterinary Use. European Commission Health and Consumers Directorate-General, Chapter 4, Belgium 4: 1-9.

15. Data Integrity: Key to Public Health Protection. Available on http://www.ema.europa.eu/ema/index.jsp?curl=pages/news_and_events/news/2016/08/news_detail_002589.jspandmid=WC0b01ac058004d5c1.

16. ICH (2000) Good Manufacturing Practice Guide for Active Pharmaceutical Ingredients Q7. International Conference on Harmonization, USA, 1-49.

17. Agarwal P, Mishra A. Pharmaceutical Quality Audits: a Review. International Journal of Applied Pharmaceutics 2019;11(1):14-22.

18. Jain SK. Strategy to Avoid DI Issues in the Pharmaceutical Industry. The Pharma Innovation Journal. 2017; 6(2): 110-5.

19. Integrity in the Data Lifecycle. https://www.dataworks.ie/5-stages-in-the-data-management-lifecycle-process/ (accessed on 20 March 2021).

20. Nikam NR, et. al. Data Integrity: An Overview. International Journal of Recent Scientific Research. 2020; 11(06A): 38762-7.

21. Review of Good Data Integrity Principles. Available on https://www.ofnisystems.com/review-of-good-data-integrity-principles/ (accessed on 21 March 2021).

22. Choudhary A. ALCOA in Pharmaceuticals: A Necessary Tool for Quality. Available on https://www.pharmaguideline.com/2017/05/alcoa-in-pharmaceuticals-necessary- tool.html?m=1 (accessed on 20 March 2021)

23. How to Meet All 9 ALCOA Principles With Our Document Module. https://www.ideagen.com/thought-leadership/blog/how-to-meet-all-9-alcoa principles-with- our-document-module (accessed on 21 March 2021).

24. Buckbee M. What Is Data Integrity and How Can You Maintain It? https://www.varonis.com/blog/data-integrity/ (accessed on 21 March 2021)

25. DI in the Analytical Laboratory https://www.pharmtech.com/view/data-integrity-analytical-laboratory (accessed on 21 March 2021).

26. Alosert H, et. al. Data Integrity Within the Biopharmaceutical Sector in the Era of Industry 4.0. Biotechnology Journal 2022;12:2100609. doi: 10.1002/biot.202100609

27. Exploring Validation and Data Integrity in Pharma.http://www.pharmatimes.com/web_exclusives/exploring_validation_and_data_integrity_in_pharma_1246876#:~:text=Data%20integrity%20is%20absolutely%20critical,over%20its%20entire%20life%20cycle (accessed on 21 March 2021)

28. Ways to Ensure Data Integrity. https://www.vaisala.com/en/8-ways-ensure-data-integrity (accessed on 21 March 2021).

29. https://redica.com/pharma-fda-sent-these-warning-letters-for-pharma-companies-august-2017/ (accessed on 25 March 2021)

30. www.fda.gov; FDA’s Electronic Reading Room – Warning Letters

Received on 15.08.2023 Modified on 03.10.2023

Research J. Pharm. and Tech 2024; 17(5):2431-2440.

DOI: 10.52711/0974-360X.2024.00381