In recent years, the topic of data integrity has led to increased activity among international authorities, resulting in numerous guidelines issued by these institutions. Among others, the WHO (World Health Organization) published in the Technical Report Series, No. 996, 2016, as Annex 5 a "Guidance on good data and record management practices".
In 2021, the WHO replaced this guidance in the Technical Report Series, No. 1033, 2021, with the "Guideline on data integrity" with the following structure:
Introduction an background
Scope
Glossary
Data governance
Quality risk management
Management review
Outsourcing
Training
Data, data transfer and data processing
Good documentation practices
Computerized systems
Data review and approval
Correctice and preventive actions
Preferences
Further reading
Appendix 1 - Examples in data integrity management
With this new version of the guideline, the WHO is attempting to harmonise the document with other international guidelines on data integrity, including the "MHRA GxP data integrity guidance and definitions, revision 1", the "FDA guidance for industry Data integrity and compliance with CGMP - questions and answers" and the "PIC/S Good practices for data management and integrity in GMP/GDP environments".
Focus on Data Governance
Data governance is dealt with very extensively. In particular the responsibility of senior management for the implementation of the system and the regulations is emphasised. The contents of such a data governance programme are described in detail:
Management oversight and commitment
Application of the Ouality Risk Management
Compliance with data protection legislation and best practices
Qualification and validation policies and procedures
Change, incident and deviation management
Data classification, confidentiality and privacy
Security, cyber security, access and configuration control
Database build, data collection, data review, blindied data and randomisation
Tracking, trending and reporting of data integrity anomalies, lapses or failures for further action
Prevention of commercial, political, financial or organisational pressures
Adequate resources and systems
Workload and facilities to facilitate the right environment that supports data integrity and effective controls
Monitoring
Record keeping
Training
Awareness of the importance of data integrity, product quality and patient safety
Ultimately, the document is another guideline that joins the various previous guidelines on data integrity.