Viewpoint: Data Integrity and Its Ties with Personal Integrity

Published on: 

The root cause of the most serious integrity issues has generally been a lapse of ethical behavior on the part of an individual.

Over the past few years, the news has been full of reports about data integrity breaches in the bio/pharmaceutical industry. How often do such breaches stem from personal integrity issues, when a professional who knows better decides to take a shortcut and fails to see the potential ramifications of an action (or failure to act)? When people act with integrity, the data they generate will usually follow suit.

The term data integrity wasn't invented by the regulators, but its language gives regulators the ability to enforce rules. Through the data integrity rules, regulators are trying to assure the integrity of the data in large part by assuring the integrity of the people who make the products. The root cause of the most serious integrity issues has generally been a lapse of ethical behavior on the part of an individual.

In its April 2016, Draft Guidance to Industry, Data Integrity and Compliance with CGMP, FDA defined Data Integrity as, “... the completeness, consistency, and accuracy of data. Complete, consistent, and accurate data should be Attributable, Legible, Contemporaneously recorded, Original or a true copy, and Accurate (ALCOA).” The data integrity requirements from Title 21, Code of Federal Regulations for drugs (Part 211) and positron emission tomography drugs (Part 212), are found as follows:

  • §211.68–requiring that “backup data are exact and complete,” and “secure from alteration, inadvertent erasures, or loss”;
  • §212.110(b)–requiring that data be “stored to prevent deterioration or loss”;
  • §211.100 and §211.160–requiring that certain activities be “documented at the time of performance” and that laboratory controls be “scientifically sound”;
  • §211.180–requiring that records be retained as “original records,” “true copies,” or other “accurate reproductions of the original records”; and
  • §211.§188, §211.194, and §212.60(g)–requiring “complete information,” “complete data derived from all tests,” “complete record of all data,” and “complete records of all tests performed”.

In its July 2016 Draft Guidance to Industry, Data Integrity Definitions, the United Kingdom’s Medicines and Healthcare products Regulatory Agency (MHRA) also refers to ALCOA and defines data integrity as, “The extent to which all data are complete, consistent and accurate throughout the data lifecycle.” Of note, they also explain in the Introduction, that, “Organisations are not expected to implement a forensic approach to data checking on a routine basis, but instead design and operate a fully documented system that provides an acceptable state of control based on the data integrity risk with supporting rationale.” The document goes on to describe the expectation for routine data review within a wider data governance system.

In its Draft Guidance from August 2016, the Pharmaceutical Inspection Convention and Pharmaceutical (PIC/S) explains that, “Poor data integrity practices and vulnerabilities undermine the quality of records and evidence and may ultimately undermine the quality of medicinal products.” PIC/S also goes on to discuss the impact of open versus closed corporate cultures on data integrity reporting and control.

Regulators are delivering a message that should be clear to all people with good intentions: , that data recorded should reflect all of the things that were done, and all of the rationale used for the decisions made.

Data integrity in the era of CGMPs

The authors met for the first time around 1980, shortly after major revisions to the US current good manufacturing practices (CGMPs) had gone into effect in 1978. This might be considered the beginning of modern drug regulation. At that time, the world was a bigger place; shipping was relatively more expensive, and we relied to a great degree on locally supplied drug products. If you were part of a US company you generally received your raw materials and packaging components from locations in the US including, of course, Puerto Rico. You probably performed your final manufacturing, and development studies mostly on the US mainland.

Computerized equipment was available, but in its infancy. You were fortunate if you had chromatographic instruments capable of integrating their own peaks and calculating concentrations. Many measured peaks with a ruler and calculated relative areas with a hand-held calculator. There was little computerized recordkeeping and even the chromatograms may have been printed on a wax-like paper that faded with time. Much of the data could easily be overwritten without a computerized audit trail. It wasn’t uncommon for all password-protected equipment to use the same password.


The generic drug industry was growing quickly, and the US was supplied by generic drugs mostly from US manufacturing sites. New generic companies were aggressively trying to be the first to file a list of profitable products that were soon to be off patent. The US 180-day exclusivity was a tempting and highly profitable carrot being dangled in front of the industry and the generic industry responded aggressively. Fearful that the generics would erode their sales, many branded manufacturers went after the generic business by setting up separate marketing divisions and selling a combination of their own off-patent medications along with other generics that they often outsourced to abbreviated new drug application (ANDA) holders. While there was the clear understanding that the same regulations applied equally to both generic and branded products, the generic product margins were relatively thin and the generic manufacturers were aggressive about cost control.

There are several long stories about personal integrity that begin here, at the end of which individuals were disbarred from ever working again in the pharmaceutical industry and some went to jail. In the 1980s, we knew of or personally witnessed several interesting personal integrity issues in the US including the following:

  • A gun pulled from a desk drawer in response to a question from an auditor about site security. The gun wielder went to jail but not that day.
  • A warehouse supervisor physically assaulted by the plant manager in response to an audit question about an unlabeled container; in way of explanation the plant manager said, “He is my wife’s brother, he is an idiot.”
  • One quality assurance auditor was thrown out of a facility twice for asking to see a drug’s chemistry, manufacturing, and controls (CMC) section. It turned out the CMC section and the actual CMC process were not strongly related.
  • Individuals asked to re-sign a document with a prior date to correct a “minor typographical error.”
  • A “corrected” table provided to operators for delivery of a liquid excipient used for more than five years to avoid updating an error in the master batch record.
  • Raw data on endotoxin testing altered to change a positive result into a negative one.
  • Production supervisors deliberately allowing under-drying of a wet granulation to maximize the yield, even though it meant the resulting tablets were formulated at and averaged less than 100% potency.
  • Personnel allowed to work on two different lots at the same time with supervisory approval and falsifying both records; supervision approved their time sheets and “overtime” to compensate the operators and avoid disclosure.

Several of the perpetrators of these events can be found on FDA’s permanent debarment list. A few of them went to jail and at least one fled the country. Others avoided detection/suspicion and worked in the industry for years thereafter. In addition, the wrongdoings were not restricted to manufacturing sites.

During the 1980s an FDA reviewer of ANDAs was found guilty of accepting money and sex from a company’s head of industry regulatory affairs in exchange for fast approvals; he went to jail, while she fled the country.

Brand markings were found to have been erased from innovator drugs, substituted for the generic test articles, and then essentially tested for bioequivalence against itself.

The incidents described above took place in the US after a major revision to the drug CGMPs. They reflect the evolutionary beginnings of the expectations of personal integrity in the industry under cGMP.

Outsourcing does not change the truth

More recently, economic pressures and the globalization of the worlds’ economy have resulted in outsourcing of pharmaceutical production outside its longstanding European and American hubs. Much has been written and debated about the failure of low-cost manufacturing locations to meet the standards of global pharmaceuticals. The industry went to Asia after testing Eastern European in the 1990s and finding much the same situation described in the US in the 1980s and in Asia today. As each new region is exposed to the global regulation of drugs, they come to new understandings of the expectations of the customers outside of their own areas. Their customers, in this case, include the mature and experienced global regulators who are charged with protecting their country’s citizens.

In the 1980s and 1990s, the general population barely heard about any but the most blatant integrity lapses. Today, with the advent of 24-hour news and social media, news of persons lacking personal integrity in the bio/pharmaceutical industry spreads globally at the speed of the Internet. News of multimillion dollar fines and multimillion dollar awards to whistleblowers are fodder for the nightly news and news magazines.

There is a tacit understanding that the pharmaceutical industry is held to higher standards than most other industries. The authors have often been asked why we need to take the extraordinary measures we take to assure sterility, uniformity, dissolution, validation, or any of hundreds of other aspects of our products. The simple answer is that we are making important products that people rely upon to assure the health and well being of themselves and their loved ones. Simply stated, we aren’t making paper clips. Our products aren’t cheap or easily replaceable. We ask a good price and are obliged to deliver a good product.

Much, if not all the information generated for product disposition or submission to support a NDA or an ANDA has redundant checks to verify their veracity. The so-called four-eyes check (or two-person rule) is to provide assurance that all operations are performed and recorded accurately. For instance, when weighing materials there is a witness who signs the record to attest that it was done and recorded correctly. When test results are generated in the lab, there is a review of the data to assure that all calculations were done correctly and the records accurately reflect the testing that occurred. Extensive validation testing supports the security and accuracy of the data for its intended lifecycle.

The reason for the redundant checks and the insistence on total transparency is that we are selling a product that is essentially supported by our personal integrity. The consumer can see the end product, the tablets, creams or ointments, but has no way to measure its potency or impurities. They take our word for the fact that the medications are made and tested in a manner that that produces reliably safe and effective drugs. That includes that there is data to support the drug’s safety and effectiveness. They depend on us and our regulators to work on their behalf to assure that the drug they take is the medication they expect.

Personal integrity, or the lack of it, is obviously not a new story. There are those who claim that FDA in particular has overstepped its bounds by imposing harsh penalties for some wrongdoing that seems on the surface to be minor. We disagree. Once we have lost trust we have lost everything. In the end we have only our word to justify our product in the marketplace. The US government's whistleblower program has added an entirely new dimension to the detection and enforcement of personal integrity issues, including fraud.

Quality assurance and compliance professionals must know when and how to say “no.” We have spent a lot of time in Asia over the course of our careers and rarely heard the word “no” used. What we have heard in place of a clear “no” has to be interpreted from “maybe,” or “we will try”. While the communication might be clear among native speakers, others might have a learning curve.

The PIC/S Guidance recognized this as the “social barrier of communicating undesirable information.” This probably exists in some manner in all cultures, but in Asia the social barriers are more formal. The company might overcome this reluctance over time by establishing clear direction from the most senior management to set the expectation that all information, pleasant or not will be reported and setting up formal programs to do so.

The use of quality metrics programs has helped establish the information flow as such programs create a company-sanctioned and expected routine flow of information from all levels of the company to senior management. Over some period of time, this routine reporting provides employees with confidence that negative reporting will be not only accepted without repercussion, it is to be expected. In addition to quality metrics, company hotlines should be used to allow for internal employee reporting including anonymous reporting.

The internal communication routes and expectations must be managed, and expectations for reporting need to be established. The data should be compared not only over time within the same location, but between sites. Such measures as rejection rates, personnel productivity, investigation closeout times, etc., may be indicative of an underlying issue.

Lapses in data integrity are not limited to fraud or falsification. They can be unintentional and still pose risk. Any potential for compromising the reliability of data is a risk that should be identified and understood so that appropriate controls, including validation, can be put in place. Direct controls usually take the form of written policies and procedures, but indirect influences on employee behavior (such as incentives for productivity in excess of process capability) should be understood and addressed.

A company’s quality management system should be able to prevent, detect, and correct weaknesses in the processes that could lead to personal and data integrity lapses. The company should know its data life cycle and integrate the appropriate controls and procedures such that the data generated will be valid, complete, and reliable. When an outside agency eventually detects potential integrity issues the company must react quickly and globally to find and correct the issues. Specifically, such control and procedural changes may be in the following areas:

  • risk assessment and management
  • investigation programs
  • data review practices
  • computer software validation
  • vendor/contractor management
  • training program to include company’s data integrity policy and data integrity SOPs
  • self-inspection program to include data integrity
  • quality metrics and reporting to senior management.

Often over the course of our careers we have been faced with processes that are broken. We know we can fix a broken process, because we have been doing it for many years. After all, the process is broken, the company is not broken. When lack of personal integrity is involved it must be vigorously rooted out and eliminated. We’ve heard it said that you can’t fix stupid, and you certainly can’t count on fixing it before your company is irreparably damaged. Similarly, you can't fix dishonest or ethically bankrupt employees. They must be weeded out.