Quite a bit has been written about data integrity in recent years, and an embedded, effective quality culture remains a critical success factor for fully realizing strong data integrity. In recently published guidance on data integrity, the FDA (2018) even goes so far as to state very directly that “it is the role of management with executive responsibility to create a quality culture where employees understand that data integrity is an organizational core value and employees are encouraged to identify and promptly report data integrity issues.” The guidance document by its own admission “contains nonbinding recommendations” and states that “the use of the word ‘should’ in Agency guidances means that something is suggested or recommended, but not required,” yet the FDA makes explicit statements regarding “the role of management with executive responsibility to create a quality culture.” This would suggest (and inspection results confirm) that the FDA takes the relationship between quality culture and data integrity very seriously.
The Parenteral Drug Association’s (PDA) Elements of a Code of Conduct for Data Integrity in the Pharmaceutical Industry “is intended to reinforce a culture of quality and trust within the pharmaceutical industry.” The code of conduct further suggests that, in support of the code, “companies will establish programs that: (1) promote an organizational culture that encourages ethical coduct; (2) demonstrate the company's commitment to compliance with applicable laws; and (3) require the prevention and detection of data integrity lapses.”
For successful establishment and sustainability of a quality culture, Uydess and Meyers (2011) indicate appropriately that “the mindset and behavior... must start at the top and be emulated by individuals at all levels and in all functions within the company.” We find that where a topic of culture is articulated and addressed from top executives and reinforced throughout all levels of an organization, a very significant positive impact is had on the maturity of data integrity and the maturity of quality practices. We have seen clients enjoy terribly successful inspections with no 483 observations and receive very positive compliments by inspectors. Conversely, we have seen complete failures in quality culture that result in very rudimentary and preventable 483 observations and warning letters.
Figure 1: Number of U.S. FDA inspections where at least one 483 observation specifically cited data integrity issues.
A lagging indicator of maturity of the quality culture is repeat observations/violations of basic CGMP practices, which is very often the result of failure to adequately investigate, identify, and address root causes. In at least one example, the FDA specifically identified in a warning letter to an animal health company concerns “about quality practices and quality culture” at the facility near St. Louis, MO, a result of repeat observations and numerous repeat violations. The inspection that resulted in 483 observations occurred in 4Q 2014 and the warning letter was issued in December 2015 after continued failures to address repeat violations. The warning letter cited significant deviations that indicated very immature quality practices and quality culture, including but not limited to:
These are basic quality issues that resulted in adulterated product concerns for the customers and had direct material impact to the company. While data integrity was not a direct citation in the animal health company warning letter, the issues that were identified are consistent with an immature quality culture, which is correlated with data integrity issues for which the FDA makes very specific recommendations.
Figure 2: Stock price of animal health company receiving FDA warning letter, 2015 through 2019.
The animal health company has since made significant operational improvements, has been released from consent decree, and is now generally considered to be on the path to better financial performance.
In the recent guidance for data integrity, the FDA makes specific recommendations for addressing data integrity problems that, frankly, apply well to indicate a level of quality culture maturity. In other words, measuring these activities can indicate both lagging and leading indicators of quality culture maturity.
We find that an effective method for applying these recommendations includes robust quality systems and routine CGMP training, but we also find that data integrity training is only rarely a component of routine CGMP training. The FDA (2018) recommends that training to prevent and detect data integrity issues be a part of a routine CGMP training program, and adding it to the routine CGMP training that is required for all employees is a very effective method of ensuring that all levels of the organization understand the commitment to and responsibility for data integrity.
When prevention is not achieved and data integrity issues are identified, it is also an indication of quality culture maturity to see how the issue is addressed both within the documented CGMP quality system (e.g., field alerts or biological product deviation reports) and through real-time direct feedback (e.g., elevating it to internal supervisors and external authorities without repercussion). In addition to quality system processes and internal management notification, data integrity issues may be sent to the FDA by emailing DrugInfo@fda.hhs.gov with the subject line to include “CGMP data integrity.”
Executives are responsible for the quality culture that will either positively or negatively affect data integrity. By taking assessment of quality culture maturity and making intentional plans for improvement, companies can realize transformative effects on their organizations, product quality, and business value.
FDA (2018), Data Integrity and Compliance with Drug CGMP: Questions and Answers Guidance for Industry (U.S. FDA, December 2018).
About The Author:
Kip Wolf is a principal at Tunnell Consulting, where he leads the data integrity practice. Wolf has more than 25 years of experience as a management consultant, during which he has also temporarily held various leadership positions at some of the world’s top life sciences companies. Wolf temporarily worked inside Wyeth pre-Pfizer merger and inside Merck post-Schering merger. In both cases he led business process management (BPM) groups — in Wyeth’s manufacturing division and in Merck’s R&D division. At Tunnell, he uses his product development program management experience to improve the probability of successful regulatory filing and product launch. He also consults, teaches, speaks, and publishes on topics of data integrity and quality systems. Wolf can be reached at Kip.Wolf@tunnellconsulting.com.