MHRA revises its Guideline on Data Integrity in the short Term

Recommendation
10-12 February 2025
The Impact of EU Legislation on the Supply Chain
The topic "Data Integrity" (electronically generated data as well as data on paper) has moved up recently in the ranking of the most important "hot GMP topics" - not least due to the fact that insufficient or missing data integrity have increasingly been cited as a GMP violation in FDA warning letters.
Just this past January the British authority MHRA has already published a "Data Integrity Guidance" which industry and associations commented on extensively. Already in March a revised version of this guidance was published. This revision is more accurate in some places and partially appears more rigorous with regard to the authority's expectations. Here are some examples:
- Primary Record: In the event that primary data are recorded simultaneously by multiple systems, the system that generates and stores the data has to be defined. A risk assessment respectively a risk management has to ensure that the so-defined primary records have the maximum possible accuracy, completeness and relevance. It is not allowed to define so-called static data (prints or manual records), if there are dynamic (electronic) data as primary records. If there are data anomalies (e.g. OOS results), all data (static and dynamic) will have to be included in a risk-based investigation.
- True Copy: The new guidance defines a "true copy" as a precise and verified copy of an original recording. This record can either be static (pure paper records or a non-editable electronic file in pdf-format) or dynamic (editable electronic file in which, for instance, certain sections of a diagram can be enlarged or expanded). The MHRA expects critical data to be stored in dynamic form to make sure that in inspections they can get to detailed information, which cannot be retrieved with static data.
- System Administrator Access: According to the new guidance, the authority expects that the generic system administrator access is not used. Instead every employee with administrative privileges is supposed to log in only with his individual password, to ensure that the actions recorded in the audit trail can be associated with the respective person.
For further information please see the guideline entitled "MHRA GMP data integrity definitions and guidance for industry March 2015".
Related GMP News
05.02.2025European Shortages Monitoring Platform (ESMP) goes live
05.02.2025The ICH Q9 Briefing Package - a Forgotten Document?
23.01.2025FDA proposes Standardized Testing for Asbestos in Talc-Containing Cosmetic Products
16.01.20252nd Version of the Union list of Critical Medicines published
16.01.2025Securing Europe's Drug Supply: How EDSForm is Addressing Medicine Shortages