In extreme cases, staff can be motivated to commit fraud for economic gain. A more insidious problem is when individual analysts feel pressure to “polish” the data, perhaps driven by a desire to meet performance metrics or deadlines, earn recognition, or reduce stress.
It is important to note, though, that the reasons and motivation for adjusting or excluding test results do not automatically indicate fraud. Laboratory procedures must allow for the correction of errors, or for the investigation of incorrect results. Unusable, unreported, or orphan data may be caused by overly simplistic or lax documentation practices, staff inexperience, or particularly challenging analytical techniques. Waters Corp. is partnering with government agencies and universities to combat these problems by creating training centers to educate analysts on how to properly prepare samples, run the instrumentation, and interpret test results and other skills.
Still, it’s known that fraud and data polishing is happening in multiple fields. Analytical test fraud has been uncovered in forensic drug laboratories in the U.S. In the academic world, laboratory testing has been found to be intermittently falsified, driven by the motivation to “publish or perish.” In the pharmaceutical field, the FDA and other global pharmaceutical regulatory agencies are increasingly looking for signs that laboratory analysts may have corrected or hidden results that indicate a study or quality test failure. They are increasing scrutiny of analytical records created by testing laboratories, both those supporting new drug development (GLP and GCP) and quality manufacturing (GMP) monitoring.
These examples show why it’s crucial to bring a new level of attention to the accuracy and trustworthiness of data supporting product or test quality, a concept usually referred to as “data integrity.”
Regulators have lost trust in paper records. Evidence found in “compliance ready” electronic applications (specifically in the area of laboratory automation) have shown the paper records relied on for quality decisions, criminal prosecution, or academic publication do not always constitute a complete and transparent record of the sample tested.
Computerized systems can help by making it much more difficult to tamper with data. Unique login requirements, privileges, and permissions can technically control what users are allowed to create, delete, or change, and comprehensive audit trails can record any activity attributed to those users. Regulators recently acknowledged the value of computerized systems in data integrity. The November 2017 release of ISO/IEC 17025:2017, in sections 7.5 and 7.11, describes the technical expectations for either computerized or non-computerized information management systems that are designed to ensure the “integrity of data and information.”
In 1997, the FDA outlined requirements for technical controls very similar to those described in ISO 17025. The FDA’s 21 CFR Part 11 (known as the Electronic Records and Signature Rule) also includes administrative and procedural controls for ensuring that electronic data is trustworthy. It’s worth noting that the European Union (EU) has a similar regulation, Annex 11. But while the EU regulation specifically covers only data supporting pharmaceutical manufacturing, the FDA regulation applies to data from all predicate recordkeeping requirements across all good practices, including human food manufacturing, packing and holding (Part 110), cosmetics, and GLPs for Protection of the Environment (40 CFR Part 160).
All three regulations discussed above support commonly applied practices of good documentation, which map closely to the more recent ALCOA principles of data integrity: Attributable, Legible, Contemporaneous, Original, and Accurate.
These principles were established by Stan W. Wollen, senior compliance advisor at FDA. In 2010, a European Medicines Agency reflection paper on electronic data in clinical trials added four complementary terms: Complete, Consistent, Enduring, and Available. All of these terms, like the good documentation practice principles, should apply equally to both paper and electronic records and are cited in almost every data integrity guidance or training.