With a new guidance on Data Integrity (DI) being prepared by the World Health Organization (WHO) to replace its previous one, this is a good time to look at Data Integrity in Healthcare!

On that note, keep in mind that regulatory agencies also have their own guidelines:

When you follow these guidelines, you will be following the requirements for a compliant data governance system. This system works across Regulatory Submissions as well as all GxP pharmaceutical activities such as:

  • Good Laboratory Practice
  • Good Manufacturing Practice
  • Good Distribution Practice
  • Good Pharmacovigilance Practices

The bottom line is: DI compliance is required for active pharmaceutical ingredients and finished products drugs (including biologics).

Ok but, what is Data Integrity?

Data Integrity is the “degree to which data are complete, consistent, accurate, trustworthy, reliable and that these characteristics of the data are maintained throughout the data lifecycle”.

Data integrity is crucial throughout the data lifecycle for two reasons:

  • It covers many activities that go from data creation to data disposal.
  • It applies equally to manual (paper-based) and electronic systems (including data records such as photographs, microfilm, audio, or video files).

Keep in mind that, under the DI framework, you should consider both data lifecycle and systems lifecycle together.

Ensuring DI is a shared cross-level responsibility within the organization: it includes senior management, shop floor personnel, and company’s suppliers and distributors.

If you are wondering what Data Lifecycle or Data Governance imply, let us help you:

  • Data Lifecycle includes all the phases in the life of the data from generation and recording through processing (including analysis, transformation, or migration), utilisation, data retention, archive/retrieval until retirement and disposal.
  • Data Governance gathers all the procedures and measures that ensure that the data follows the ALCOA+ principles throughout the data lifecycle.


ALCOA+ defines the attributes of data quality required for regulatory purposes. It defines that data should be:


Out of curiosity, the “+” was added later to the ALCOA definition to put emphasis on the data quality requirements for regulatory purposes. But formally, expectations remain the same.

A commitment to Quality Culture

You need to implement effective strategies that manage DI risks based on Quality Risk Management foundations (as per ICH guidance for industry Q9 Quality Risk Management).

That is, you should adjust your data governance program to the risk and impact of a DI failure. That risk and impact are related to the patient safety, product quality or environment.

If you want to pursue a continuous improvement landscape, you will need a well-integrated and articulated Quality and Data governance system.

The use of Quality Risk Management (QRM) tools as those advocated by ICH Q9 is key. With them, you will be able to:

  • Identify the risks to DI
  • Establish systems/procedures
  • Minimize potential risks

How does Data Integrity fit into 4TE’s business?

At 4TE, we apply DI principles in our business, namely in the development of our products and on the services we provide. For instance, we incorporate DI principles in the design, development, testing and change management until retirement of our Digital products.

We also support clients developing new and better functionalities on existing digital products. Specifically, we work closely with clientes to make sure that DI principles are applied throughout the project to assure a smooth GxP system validation.

What if you don’t know how to proceed?

If you’re not sure on how to tackle the subject of Data Integrity in your processes or products, we may be able to help. For that, you can reach out to us from our Contact possibilities, we’ll do out absolute best to help!