Monitor with data integrity checklist

Consistency is a trademark of both validation and data integrity. In fact, without validation and the consistency for which it strives, forget data integrity. It’s like there is no data at all.

What Is Validation?

To be clear, validation is defined as, “evidence that provides a high degree of assurance that a specific process will consistently produce a product meeting its pre-determined specifications and quality attributes.” The “consistently” is key. There is no good use for a system that cannot do what it promises every single time.

Think along the lines of a phone that only dials the right number four out of five times. Eighty percent is a good mark on a test, but not so much in case of an emergency when you need to call 9-1-1 and you get the local pizza place instead. That’s in large part why system validation is so thorough, with Installation, Operational, and Performance Qualification processes entering into the equation.

For its part, data must be consistent throughout its entire lifecycle for it to have integrity. It plays into the need for data to also be accurate, which is one of the Food and Drug Administration’s expectations for Good Manufacturing Practices. Altogether, data is expected to be “Attributable,” “Legible,” “Contemporaneous,” “Original,” and, of course, “Accurate,” or “ALCOA” for short.

Data itself can be validated too. For example, to achieve compliance with the FDA (21 CFR Part 11, specifically) in pharma and life sciences, companies must ensure integrity is maintained with regard to drug safety data as it is collected, stored, and transmitted. This is done through preliminary planning, risk identification, and testing. After the fact, everything is regularly verified as working as expected, while regular audits and reports are made to improve processes after the fact.

What Must Be Validated?

In essence, while validation is an admittedly and justifiably complex process, it boils down to that same simple premise: It all has to be verified as working as expected. Anything less and resulting data can’t be trusted. It would be useless and just as good as if it were non-existent.

Now, confusion may admittedly arise over what exactly is being validated. In a word almost “everything.” For example, in pharma, every piece of equipment that touches or impacts the development of a drug during the manufacturing process must be validated.

While equipment validation is nothing specific to pharma and is important in other industries, IT systems and processes also qualify as requiring validation here. Even proofreading software like GlobalVision, which helps to verify packaging as being accurate but may not actually come into physical contact with the product itself, would fall into this category.

Audit trails and the like within applications are generally designed to keep excellent records. And, if they are validated as being reliable without fail, it’s safe to operate under the assumption the data they keep is as well. And, as mentioned earlier, the data must be validated too.

Data Integrity vs. Data Validation

Data integrity and data validation are two separate concepts, but they effectively have the same end goal. Data validation covers the testing and processes that lead to data complying with regulations put in place by the FDA (for example). Data integrity is what you get once it has been deemed to be secure as a result, along with several other qualifications.

In other words, much like data security is a basic tenet of data integrity and not vice versa, the same goes for data validation. If your data has been validated and/ or you have proper security precautions in place, the threat of a breach or malicious attack has been mitigated. There has been no such breach with regard to data that has integrity. It has to be kept that way.

It’s similar to how a ship’s hull has integrity until it hits an iceberg. Steps are taken to avoid contact or keep water from breaching. Since there are measures in place and the ship is afloat to begin with, it means the ship is secure. Meanwhile, validation determines how effective those measures are. If they aren’t with any consistency, the ship shouldn’t have even made it out of the shipyard.

In that sense, the ship is like any other manufactured product. Only its best possible, viable version should be made available. Validation helps ensure that is the case. Consistently.