FDA Talks About Importance of Data Integrity And Data Governance Plans
April 8th, 2022 // 1:58 pm @ jmpickett
At the recent PDA/FDA Joint Regulatory Conference, CDER’s Quallyna Porte talked about how FDA is focusing on data integrity and data governance plans in 2022 cGMP audits.
Porte noted that pharmaceutical companies need a solid data governance plan that is as well established as possible. This ensures across the plant that pharma data is handled well and that every ALCOA principle is adhered to. She said FDA is still discovering that some pharma employees share passwords for critical systems, which is something that should never happen.
CDER’s Tara Gooen-Bizjak also spoke at this roundtable event and agreed with Porte’s assessment. At CDER, they have seen an increase from 21% to 34% in the last five years regarding citations for unreliable data.
They noted that they are seeing another layer with the data. Not only is it unreliable during physical FDA inspections but it also is questionable in remote COVID inspections. They are seeing different data as well between inspections on site and remote inspections.
A related topic at the PDA roundtable was concerning analytical instrument audit trails. Someone asked if audit trails need to be reviewed after every test as part of the company assay review process. Or, can audit trails be reviewed periodically, such as weekly or monthly?
Porte said there is a relationship between data integrity and audit trails that should be remembered. She said that firms need to focus on developing a data governance plan if you don’t have it. She added that the PIC/S data integrity guidance is a good resource.
Porte said that when a pharmaceutical company establishes a governance program, it should look close at lab audit trials.
We know, she said, there are many audit trails and we cannot just say turn on every audit trail and review all data for every audit trail. That’s just too much information.
What FDA expects companies to do as part of a data governance program is to go over the audit trails and pinpoint the most critical ones, which are audit trails related to GDPs and GMPs. They should next perform a risk assessment to find out which should be reviewed and how often.
The reviews of audit trails should be based on the data governance plan. The company would look at evaluations from their risk assessment and should justify when there should be a review for every batch, or a certain timeframe.
FDA wants companies to review their data management systems and set up a data governance program if they don’t have one. Bas;ed on this program, you can determine which reviews to conduct and when.
Sandra Boyd from ORA said you can tie audit trail reviews to the release of a product to see if anything happened, that every sample was only injected once and there were no improper test inectsion. Before the product is released, FDA would expect a review to be completed.
The company would need to check which audit trails they should review and if the review happens when the product is released or less often.