You are here

TGA Internet site archive

The content on this page and other TGA archive pages is provided to assist research and may contain references to activities or policies that have no current application. See the full archive disclaimer.

Presentation: Data integrity - an international regulatory perspective

TGA presentations: ARCS Scientific Congress Canberra, 10-11 August 2016

15 August 2016


These presentation papers are provided on the TGA's website solely for the purpose of indicating or suggesting what TGA representatives spoke about to the various conferences and seminars to which it relates. The papers are not legislative in nature and should not be taken to be statements of any law or policy in any way.

The Australian Government Department of Health (of which the TGA is a part) advises that (a) the presentation papers should not be relied upon in any way as representing a comprehensive description of regulatory requirements, and (b) cannot guarantee, and assumes no legal liability or responsibility for, the accuracy, currency or completeness of the information contained in the presentation paper.


  • Presented by: Gaye Camm
  • Presented at: ARCS Scientific Congress Canberra
  • Presentation date: 10-11 August 2016
  • Presentation summary: This presentation will provide an overview of the international regulatory perspective on data integrity and discuss some of the key points highlighted in recently released guidance documents from across the globe.


Data integrity - an international regulatory perspective

Gaye Camm
Senior Inspector, Manufacturing Quality Branch
Medical Devices and Product Quality Division, TGA

ARCS Scientific Congress, 10-11 August 2016

Slide 1 - Presentation overview

  • What is data integrity?
  • International regulatory perspective
  • Highlights of recent guidance documents
  • Common misconceptions
  • In summary

Slide 2 - What is data integrity?

  • The extent to which all data are complete, consistent and accurate throughout the data lifecycle
  • From initial data generation and recording through processing (including transformation or migration), use, retention, archiving, retrieval and destruction

(MHRA Guidance March 2015)

Slide 3 - Data integrity - International regulatory perspective

  • Increased regulatory oversight:
    • MHRA guidance document
    • FDA Guidance
    • Health Canada policy
    • WHO guidance
    • PIC/S Guidance (anticipated soon)
  • Widespread inspectorate training in DI principles and techniques

Slide 4 - Data integrity - International regulatory perspective

  • Outcomes:
    • Increased focus and scrutiny of data management practices within industry.
    • Increased expectations upon inspectorates
  • Leading to:
    • Collaboration

Slide 5 - Data integrity - International regulatory perspective

  • International convergence in data integrity guidance
  • Cooperation between regulators
    • Exchange of information
    • Joint inspections
    • Coordinated market actions
  • Inspectorates better equipped to
    • Identify data integrity failures
    • Manage post-inspection actions and remediation plans

Slide 6 - Regulatory guidance: Common themes

  • Guidance promotes quality risk management & lifecycle approach
  • 'Designing systems to comply' with existing GMP norms
  • Integration of behaviour with organisational and technical measures
  • Describes common bad practices, and methods of prevention

Slide 7 - ALCOA principles

A - Attributable

  • Clearly indicates who recorded the data or performed the activity
  • Signed / dated
  • Who wrote it / when

L - Legible

  • It must be possible to read or interpret the data after it is recorded
  • Permanent
  • No unexplained hieroglyphics
  • Properly corrected if necessary

C - Contemporaneous

  • Data must be recorded at the time it was generated
  • Close proximity to occurrence

O - Original

  • Data must be preserved in its unaltered state
  • If not, why not
  • Certified copies

A - Accurate

  • Data must correctly reflect the action / observation made
  • Data checked where necessary
  • Modifications explained if not self-evident

Slide 8 - Common misconceptions about Data Integrity

# 1 - Data integrity is a new requirement

Slide 9 - Common misconceptions about Data Integrity

# 1 - Data integrity is a new requirement

Basic data integrity expectations from the manufacturing principles

  • PIC/S Guide PE009-8: Chapter 4 & Annex 11
  • Australian Code GMP human blood, blood components, human tissues and human cellular therapy products: Sections 400 - 415
  • ISO 13485: Sections 4.2.3, 4.2.4

Slide 10 - Common misconceptions about data integrity

# 2 - Data integrity issues are restricted to certain countries

# 2a - We don't have these problems in Australia

Slide 11 - Common misconceptions about data integrity

# 2 - Data integrity issues are restricted to certain countries

  • Data integrity issues have been reported by every Regulator, in every country inspected

Slide 12 - Common misconceptions about data integrity

# 3 - Data integrity is all about fraudulent data

Slide 13 - Common misconceptions about data integrity

# 3 - Data integrity is all about fraudulent data

Data integrity is the extent to which data is:

  • Complete
  • Consistent
  • Accurate

Throughout the data lifecycle

Slide 14

  • There was no written description for the site's computer system that detailed the objectives, security measures and scope of the system/s, and the main features of the way in which the systems/s were used and how they interact with other systems (both computerised and non computerised) and procedures.
  • There was no defined procedure for the issue, cancellation and alteration of authorisation to enter and amend data (i.e. computer systems access).
  • No system had been implemented in the QC laboratory to record the identity of operators entering or confirming critical data as staff in the laboratory used a shared account for each of the individual computerised data acquisition systems (HPLC, GC, FTIR, and UV/Vis).
  • Data associated with QC laboratory data acquisition systems was not adequately secured by physical or electronic means against willful or accidental damage.
  • Data back up frequency for laboratory data acquisition systems was not adequate. The monthly back up did not ensure that data used to support the release of product for supply would be readily available throughout the required period of data retention.

Slide 15 - Common misconceptions about data integrity

# 4 - It's difficult to comply with data integrity expectations

Slide 16 - Data integrity: Risk reducing strategies

Hierarchical diagram displaying the Data integrity risk reducing strategies: 1. Culture: a.	Behaviour, connects to 2a and 2b. 2. Risk identification: a. Risk, connects to 3a b. Lifecycle, connects to 3b. 3. Governance: a. Organisational, connects to 4a, 4b and 4c b. Technical, connects to 4d and 4e 4. Operational: a. Procedures, System design b. System surveillance c. Data checking d. Computerised system control e. Automation

Slide 17 - Understand vulnerabilities

  • Design systems to prevent DI issues
  • Ensure the data is authentic and retrievable
  • Train staff and encourage correct behaviours and practices
  • Open communication
  • Encourage feedback
  • System for ongoing review
  • Not just about your site

A diagram with a triangle of Fraud Risk:
Incentive/Pressure at the top point, Opportunity at the bottom left point, Attitude/Rationalisation at the bottom right point.

Slide 18 - Summary

  • Data integrity is not a new requirement
  • We are all learning & can learn from each other
  • Get started
  • TGA data integrity policy under development

Slide 19 - Acknowledgements

  • Matthew Davis, Senior Inspector, TGA
  • Stephen Hart, Senior Inspector, TGA
  • Alicia Mozzachio, Senior Advisor for International Activities US FDA
  • David Churchward, Expert GMDP Inspector, MHRA

Print version

How to access a pdf document

*Large file warning: Attempting to open large files over the Internet within the browser window may cause problems. It is strongly recommended you download this document to your own computer and open from there.