Data Integrity - Everyone's Responsibility
When it comes to personal data such as your bank details, any mistakes in your data may impact your savings, cash flow or even credit rating. Ultimately, it's just between you and the bank to sort out errors (providing you have been checking).
How often do we look at POS (Point of Sale) transaction receipts?
And now that we are buying more on-line has our diligence gone down but our purchasing up?
And for the retailer who more and more asks for email addresses during POS transactions - how often is their email data flawed impacting future potential sales and marketing opportunities
When it comes to organisational or company data and for this example I have taken Life Sciences data which supports development or production of high quality products, patients rely on manufacturers to do the right thing, make the checks, establish internal oversight controls and follow clear documented processes to generate data with integrity.
As consumers we depend on our national regulators such HPRA, EMA and FDA to provide assurances (see examples below). These regulators have a well documented role to represent public interest and provide assurances that organisations are manufacturing products to required quality standards and complying with required regulations such as cGxPs. However, they are not at manufacturing sites everyday, and they cannot check every record during site or more recently virtual inspections
Some consumers also look at websites and try to figure out how product quality is ensured.
However, it's a company's internal day to day processes and management of data across the data lifecycle that gives patients and consumers assurance of a quality product with data integrity.
Data Integrity is often considered the responsibility of the QC department as the laboratory is where the majority of testing records originate and data integrity gaps are sometimes observed.
But, by mapping out business processes and looking at the full data lifecycle associated with GxP records (Data Flow Maps) it becomes clear that data integrity is way bigger than the lab. It is clear that Data Integrity compliance is a multi stakeholder, cross company assurance activity.
Guidance on Data Integrity (picscheme.org) - 'Data integrity breaches can occur at any time, by any employee, so management needs to be vigilant in detecting issues'
Data may have many owners across the overall data lifecycle including External Vendors, Supply Chain and Warehouse, Manufacturing, Micro Laboratories, QC Laboratories, Product Support Laboratories, Engineering. I'm sure I have missed loads and you're calling them out in your head but this is where 'Everyone's Responsibility' comes in - by having a Data Integrity Culture of Excellence and getting everyone involved in the journey no matter how small their involvement you are building more robust data integrity compliance assurance for patients and consumers.
Poor data integrity can impact not just what you produce but what you plan to produce with forecasting taking a significant hit.
Did I purposely leave out IT from the list above? - maybe I did! Frequently DI is considered the IT departments responsibility because they provide the infrastructure, the IT tools to manage data, and implement IT solutions on the business's behalf. They is no doubt they are DI stakeholders as they provide key tools and play a key role but the buck doesn't stop with them - the data is ultimately owned by the business.
Having conducted Data Integrity assessments at many companies some of the best 'DI' catches have come from the most unexpected places, particularly at companies where everyone was engaged or informed about DI. For example - canteen staff who saw pages left on a restaurant window ledge that contained support data and contacted a site quality representative or DI champion. A cleaner who found results had fallen behind a radiator. and alerted her boss.
A contractor commented that the Server Room door was often left unlocked. As they were not directly employed they were reluctant to comment but did so because the openness DI culture was part of a site vendor induction module. Doing the right thing can be difficult if the open culture isn't encouraged and communicated.
For Data Integrity to be Everyone's Responsibility we need a common language and shared understanding
- an awareness, an informed understanding of what is required - this is often known as a 'Data Integrity Culture' and no matter how big or small the organisation getting the culture right will pay dividends and everyone will get a voice to speak up, speak out and be involved.
The images shown here sum up where we need to be - shared vision and everyone gets a voice
Watch out for our next blog in Data Integrity Everyone's responsibility series - Successful feedback forums for Data Integrity