Regulatory Focus™ > News Articles > 2019 > 11 > WHO Drafts Guideline on Data Integrity for Pharmaceuticals

WHO Drafts Guideline on Data Integrity for Pharmaceuticals

Posted 19 November 2019 | By Zachary Brennan 

WHO Drafts Guideline on Data Integrity for Pharmaceuticals

The World Health Organization (WHO) recently drafted a new guideline on data integrity that explains the important elements to ensure the reliability of data and information in the production and control of pharmaceuticals.

WHO echoed similar concerns expressed by the US Food and Drug Administration (FDA) (even among some larger biopharma companies) in noting an uptick in recent years of the number of observations regarding the integrity of data, documentation and record management practices during inspections of good manufacturing practice (GMP), good clinical practice (GCP) and good laboratory practice (GLP).

“Possible causes for this may include (i) too much reliance on human practices; (ii) the use of computerized systems that are not appropriately managed and validated; and (iii) failure to adequately review and manage original data and records,” the 28-page guideline says.

While recommending companies use a written data integrity policy, the guideline outlines the principles of data integrity and good documentation practices before delving into quality risk management.

“Data integrity (DI) is the degree to which data are complete, consistent, accurate, trustworthy and reliable,” the guideline says. “Risk-based system design and controls should enable the detection of errors, lapses and omissions of results and data during the data life cycle. Controls may include procedural controls, organizational controls and functional controls.”

For data documented on paper, WHO cautions against the use of pencil, erasers or correction fluid. The guideline also says companies should ensure that paper records are archived properly by designated personnel in secure and controlled areas.

For data that’s input and accessed electronically, WHO recommends a documented system that defines the access and privileges of users of any computerized systems. FDA noted in one warning letter a company that inadequately handled data generated on portable drives that were not password-protected. Another FDA warning letter found batch records with information covered up by white-out, “unintelligible data” and information that was missing altogether.

“Audit trails should reflect, for example, users, dates, times, original data and results, changes and reasons for changes,” the WHO guideline says. It also offers examples of quality risk management and data integrity assessments, as well as 10 examples of good documentation practices in data integrity.

Comments on the guideline should be submitted to WHO’s Sabine Kopp ( and Claire Vogel ( by 15 January 2020.

WHO Guideline


© 2021 Regulatory Affairs Professionals Society.

Regulatory Focus newsletters

All the biggest regulatory news and happenings.