Data Integrity / Audit Trail according to ALCOA

Alongside a rising number of warning letters from regulators that address the topic of data integrity, a whole series of new regulations were also published last year by the FDA, EMA, WHO, PIC/S and others. Many of these regulations are still at the draft stage, and they show that the concept of data integrity and its associated requirements are still in flux. In the future, data integrity is likely to represent a new focal point for regulatory inspections. In all likelihood, the new regulations will be published in their final form by the end of this year or early next year.

Basic principles of data integrity

The keyword and acronym ‘ALCOA’ is commonly used as a mnemonic for the basic requirements for data integrity:

A = attributable
L = legible
C = contemporaneous
O = original
A = accurate

These attributes relate both to the actual data itself and to the metadata with which these data items are associated. Of particular importance is the process of making verified copies, where there is a key distinction to be made between static and dynamic data. These requirements should be implemented by using a Data Governance system as part of the Quality Management system.

Some of the measures that are required here include:

Assumption of responsibility by company management
Training
A risk- and lifecycle-based approach for handling data
Deployment of an audit trail and its routine monitoring as part of data releases
Periodical audits including self-audits and functional audits of the audit trail
Validation and safeguarding of computerised systems

Consulting

Data integrity check:

We help you to prepare for self-audits or vendor audits by providing you with a tailor-made strategy for your business (including training, audit checklists and final reports).
We are also happy to perform a friendly audit for your company so as to analyse your strengths and weaknesses when handling data.

Implementation

We provide you with support as follows:

Setup of your Data Governance system as part of the QMS, including process description and optimisation
Installation of suitable audit trail systems
Upgrading of your existing QMS to ensure conformity with ISO 9001:2015 and the latest data integrity guidelines
Generation and optimisation of your standard operating procedures (SOPs)

Services & Support

Data integrity training:

Our training portfolio comprises the topics of data integrity, audit trail auditing, quality assurance and qualification/validation – either on-premise at your business or remotely.
We are happy to show you the key areas in software validation/computer system validation and equipment qualification that you need to address in order to ensure data integrity.