Clarkston Consulting
Skip to content

New Risks of Data Integrity in Consumer Healthcare

While business news has been dominated by phrases like big data, data analytics, and data mining, there is one “data” phrase that did not garner the viral attention it deserved. – data integrity. A review of FDA warning letters from 2013 to 2017 show that data integrity has come under more and more scrutiny from the FDA. You can see this shift in policy just by looking at the numbers.

In 2017 there were nearly five times as many warning letters citing data integrity deficiencies than in 2013. An astounding 65% of all warning letters issued to drug manufacturers in 2017 cited data integrity deficiencies. Looking forward, there’s no indication that the FDA has any intention of taking data integrity practices out of its crosshairs. Meanwhile companies have two options; address their data integrity deficiencies or end up with a headline like the one below.

While data integrity is a frequent problem for the prescription drug pharmaceutical industry, the consumer healthcare industry is facing the same scrutiny. Due to the nature of the consumer healthcare industry, managing data integrity has difficulties and risks not seen by their prescription drug counterparts.

The first challenge faced with data integrity in consumer healthcare companies stems from their manufacturing practices. To meet the demand for over-the-counter (OTC) products, consumer healthcare manufacturers need to produce their products in large volumes as fast as possible. Manufacturers have turned to producing their products in larger batches through continuous manufacturing, which inherently creates data integrity risks. With a larger output volume and quicker turnaround time, there are more opportunities for data integrity errors. Additionally, any fundamental system or procedural flaw affecting data integrity can have downstream effects on hundreds to potentially thousands of products.

Data integrity in consumer healthcare can also pose a risk to brand and reputation. Consumers have a powerful sense of trust in OTC drugs. According to the Consumer Healthcare Products Association (CHPA), 89% of consumers believe OTC drugs are vital to their family’s health. 8 out of 10 of those consumers will use an OTC drug prior to consulting with a healthcare professional.

The trust in consumer healthcare companies has led to fierce competition in the market, as brands vie for loyalty from consumers. This is where data integrity comes in. If a company were to receive bad press and headlines via a FDA warning letter, consumers may abandon that company brand and move to a competitor’s. This is a similar idea to what we see when products are recalled.

From Clarkston’s experience, we know that consumer healthcare manufacturers are not intentionally creating or ignoring their data integrity risks, however the trend we are seeing from the FDA is undeniable. With that in mind, we asked our data integrity experts what they think is the key driver to this trend. Their answer – the problem is that organizations are unclear of their areas of exposure. Likely, this is because there is no one regulation or guidance for data integrity.

In fact, there are over 60 regulations related to data integrity and in recent years inspection findings are increasingly related to the many regulations that make up data integrity. Even with the guidance released last year that addressed data integrity, it is essential for consumer healthcare manufacturers to have a conversation on data integrity. With the help of our experts we have come up with four essential questions to help facilitate that conversation.

Does your organization have a risk-based approach to determine the frequency of review of audit trails?

This is one of the most common areas where organizations are not quite meeting expectations. Aside from the risk-based approach, this regulation implies that companies are actively reviewing audit trails. While most organizations are aware of the importance of having an audit trail and confirming during validation that the audit trail works, audit trails are rarely reviewed on a regular basis following implementation. Generally, audit trails are examined only when a specific piece of information is needed.

Do risk reviews include a data integrity component?

Risk assessments are a part of almost all quality processes. Using them, organizations evaluate the risk of an event or change to the organization, manufacturing, quality systems and more. Rarely, however, do these risk assessments include a component that evaluates the risk to data integrity. Imagine if every change management or exceptions management process also included a component for evaluating the potential risk(s) to data integrity. This would enable organizations to focus more on preventing data integrity risks upfront and would help to embed data integrity into the day-to-day operations of an organization.

Is every electronic signature accompanied with an explanation of what that individual signature means?

As electronic systems have become standard in the industry, rules and regulations around electronic signatures are generally well known and practiced by manufacturers of regulated products. However, one area we see a frequent data integrity issue with electronic signatures is in how each signature is described. For example, if a manager signs off on a record indicating that the record is approved, does the signature stamp include that person’s name, date and time of signature, and something like “indicating that the sample has been authorized by the lab manager” or some text that provides an explanation of exactly what that signature means? This is a place where Clarkston consultants still see organizations have data integrity exposure.

Are internal quality audits evaluating data integrity?

Organizations that are not evaluating data integrity as part of an internal audit are missing out on an opportunity to identify areas of risk and help their organization focus on data integrity as part of everything they do. It is important to note that this would not be something a regulatory agency would be likely to expect, but that this is a place where organizations can check themselves. Using findings from these audits, your organization can challenge itself to weave data integrity into all parts of its organization and continue to improve the practices in place to raise the quality expectation internally.

Moving forward, the FDA is clearly targeting data integrity in consumer healthcare as a focus area. Consumer healthcare companies can mitigate risks to both regulatory standing and brand integrity with a concerted and proactive approach to data integrity. To learn more about Clarkston’s approach to data integrity, subscribe to our insights below or contact us to hear about our data integrity experience.


Tags: Data Integrity