Over the past few years, regulators have frequently found fault with data integrity at manufacturers and CROs, which have been accused of everything from logging discrepancies in uncontrolled Excel files to the duplicating of electrocardiogram results. In response, PricewaterhouseCoopers is calling for adoption of technologies to identify and prevent fraudulent activities.
The recommendation follows a period in which the FDA, the World Health Organization and others have used the phrase "data integrity violation" more frequently than ever before, particularly with regard to production plants and research facilities in India. Citing an analysis by HRI, PwC puts the number of FDA warning letters relating to data integrity violations between 2013 and 2015 at 24. From 2010 to 2012, FDA issued 5 warning letters regarding data integrity violations. The rapid uptick in the number of companies that are falling short of FDA requirements has prompted PwC to propose a technological solution.
Specifically, PwC thinks companies should be looking to the experience of the financial services sector, which has developed technology to identify signals in data that are indicative of fraudulent or money laundering activity. Applied to life sciences, such a system could enable a company to spot suspicious behavior. For example, if the system detects that an employee always records the same result or that batch acceptance rates spike just before a shift change, it could alert management to potential data integrity violations.
By providing each user with a unique login and establishing a data audit trail, it should be possible to go back through the records to gather evidence of improper activities. Through such measures, PwC thinks technology can automate the prevention of some of the common data integrity failings. Given that technology can rarely prevent all forms of determined, malicious activity, the other plank of strategies to address data integrity violations is a change in the culture. If employees know it is unacceptable to interfere with the integrity of data, the IT safety net may remain unused.
- read the report (PDF)