New WHO Guidance on Data Integrity

In recent years, the topic of data integrity has led to increased activity among international authorities, resulting in numerous guidelines issued by these institutions. Among others, the WHO (World Health Organization) published in the Technical Report Series, No. 996, 2016, as Annex 5 a "Guidance on good data and record management practices".

In 2021, the WHO replaced this guidance in the Technical Report Series, No. 1033, 2021, with the "Guideline on data integrity" with the following structure:

• Introduction an background 
• Scope 
• Glossary 
• Data governance 
• Quality risk management 
• Management review 
• Outsourcing 
• Training 
• Data, data transfer and data processing 
• Good documentation practices 
• Computerized systems 
• Data review and approval 
• Correctice and preventive actions 
• Preferences 
• Further reading 
• Appendix 1 - Examples in data integrity management

With this new version of the guideline, the WHO is attempting to harmonise the document with other international guidelines on data integrity, including the "MHRA GxP data integrity guidance and definitions, revision 1", the "FDA guidance for industry Data integrity and compliance with CGMP - questions and answers" and the "PIC/S Good practices for data management and integrity in GMP/GDP environments".

Focus on Data Governance

Data governance is dealt with very extensively. In particular the responsibility of senior management for the implementation of the system and the regulations is emphasised. The contents of such a data governance programme are described in detail:

• Management oversight and commitment 
• Application of the Ouality Risk Management 
• Compliance with data protection legislation and best practices 
• Qualification and validation policies and procedures 
• Change, incident and deviation management 
• Data classification, confidentiality and privacy 
• Security, cyber security, access and configuration control 
• Database build, data collection, data review, blindied data and randomisation 
• Tracking, trending and reporting of data integrity anomalies, lapses or failures for further action 
• Prevention of commercial, political, financial or organisational pressures 
• Adequate resources and systems 
• Workload and facilities to facilitate the right environment that supports data integrity and effective controls 
• Monitoring
• Record keeping 
• Training 
• Awareness of the importance of data integrity, product quality and patient safety

Ultimately, the document is another guideline that joins the various previous guidelines on data integrity.

Source: WHO Guideline on data integrity; WHO TRS 1033, 2021 starting on page 135