How To Achieve Data Integrity Through Effective Data Management in a Regulated Laboratory: Digitalization

How To Achieve Data Integrity Through Effective Data Management in a Regulated Laboratory: Digitalization Mahboubeh Lotfinia and Bob McDowall, PhD This guide discusses the role of effective (and compliant) data management (DM) to achieve data integrity (DI); together known as DMDI.1 Readers may be more familiar with DI, but DM is also important, as we will demonstrate in this guide. Although focused on regulated laboratories, the principles outlined here will apply to any laboratory as DMDI is sound analytical science and consistent with the expectations of global health authorities. Definitions: Data integrity 1: assurance that data are accurate, complete and consistent throughout their entire lifecycle.2-4 A more recent and encompassing DI definition from 2025 is: • Data integrity 2: DI is an overarching activity that ensures that data (measurements, raw data, calculated results and metadata), recorded in any available media (paper, electronic or hybrid) is properly documented and retained during the life cycle under the umbrella of ALCOA++ (attributable, legible, contemporaneous, original, accurate, complete, consistent, enduring, available and traceable) principles.5 Following the publication of the European Medicines Agency clinical guidance, traceability should be added to the criteria above.6 • Data management: The totality of organized measures that should be in place to collectively and individually ensure that data and records are secure, attributable, legible, traceable, permanent, contemporaneously recorded, original and accurate, and that if not robustly implemented can impact data reliability and completeness and undermine the robustness of decision-making based upon those data records.4 The scope of DM in ensuring DI is shown in Figure 1; these two are part of an overall and formal approach to data governance (DG) throughout the data lifecycle. DG includes behavioral, procedural and technical controls for data.7 Here, we will focus mainly on technical controls, but this does not diminish the need to ensure that systems and processes are operated by trained analysts with the right ethical behaviors. How To Guide HOW TO ACHIEVE DATA INTEGRITY THROUGH EFFECTIVE DATA MANAGEMENT IN A REGULATED LABORATORY: DIGITALIZATION 2 In addition, DM is considered one of the technical skills of data literacy (DL), enabling meaningful data exploration, understanding and communication8 for further information on DL, see the article by Andraos and McDowall.9 DM includes ensuring that master and reference data are correct, such as policies and procedures, raw material and product specifications, quality control master batch records, reference standards, analytical development data and reports, as shown in Figure 1. Furthermore, data are organized to meet laboratory objectives, including naming conventions for data and storage locations. This directly impacts integrity over the data lifecycle shown in yellow. Our focus is on how effective DM can achieve DI throughout the data lifecycle within quality control through digitalization. Where necessary, we will touch on elements of DG. Figure 1: Data management and data integrity as components of data governance. Credit: Bob McDowall. Retain & retrieve Acquire Process Review Report Data storage locations File data storage Database storage CRO & CDMO external data Cloud storage Data Governance Data management: Management of master and reference data Organization of data to meet lab objectives Network storage locations & naming conventions Data integrity: Technical & procedural controls to ensure complete, consistent & accurate data good documentation practices meeting ALCOA++ criteria How To Guide Laboratory objectives impact data management approach How data are managed and organized depends on laboratory objectives and level of automation. Comparing analytical development (AD) and quality control (QC): AD has a project focus in comparison to the product focus in QC. This will impact the way each department operates and how data must be managed and stored, as shown in Table 1. Table 1: Laboratory objectives of analytical development (AD) and quality control (QC) departments. With this background, let us explore our tips for DM that improve DI. Data management tips Our top data management tips for ensuring DI fall into three categories: 1. Process digitalization 2. Laboratory data systems 3. External service providers This guide focuses on process digitalization, with points 1–4 from Figure 2 discussed. Analytical development Quality control • Development and validation of analytical procedures • Analysis of raw materials, in-process and finished products samples • Stability testing • Technology transfer • Data used to support product submissions • Input to QC investigations as necessary • Appropriate levels of compliance • Establishment of new analytical procedures/ technology transfer • Analysis of raw materials, in-process and finished products samples • Secondary product testing • Stability testing of all production batches • Data used for product quality reviews/ annual product reviews • Compliance with applicable regulations HOW TO ACHIEVE DATA INTEGRITY THROUGH EFFECTIVE DATA MANAGEMENT IN A REGULATED LABORATORY: DIGITALIZATION 3 How To Guide Figure 2: Top data management tips for ensuring data integrity. Credit: Bob McDowall. Process digitalization 1. Data acquisition at source The first rule of digitalization is data acquisition at the point of origin: you can’t share data when it’s locked in a filing cabinet. The scope applies from sample identification using barcoded or quick response (QR) labels, direct entry of observational tests into an informatics application and electronic workflows for instrumental analysis. The best way to digitalize a non-digital process to ensure better DMDI is to understand an existing process and then to thoughtfully redesign it to improve DMDI. This requires taking a risk-based approach Handling CRO & CDMO suppliers 11. SaaS: the validation treadmill 10. Databases not directories 7. Direct data acquisition to the network 8. 9. No USB devices Tips for effective data management Process digitalization Laboratory data systems External service providers Data acquisition at source 1. Data acquisition at source 5. Purchase GXP compliant software 6 Instrument interfacing 2. Electronic data transfer 3. Know where the data go 4. HOW TO ACHIEVE DATA INTEGRITY THROUGH EFFECTIVE DATA MANAGEMENT IN A REGULATED LABORATORY: DIGITALIZATION 4 How To Guide (e.g., conducting data integrity risk assessment or DIRA)3 to map and understand the current process and data flow with reasons for bottlenecks and delays, as well as identifying items such as: 1. Where printouts are generated 2. Where spreadsheets or similar software are used 3. Manual data entry with subsequent transcription checking 4. How decisions are documented The redesign aim is to eliminate all bottlenecks and implement a digital process where data are captured at source and records are approved with electronic signatures.10, 11 Results from observational tests should be entered directly into an informatics application. One aspect of this is connecting analytical instruments to data systems, discussed next. 2. Connect analytical instruments to data systems Reiterating, the first rule of laboratory digitalization is data acquisition at the point of origin. Therefore, in a regulated digitalized laboratory, analytical instruments must be connected to data systems. PIC/S PI 041 8.9 recommends that simple instruments (balances, pH meters) should have printers to record the readings.12 This misses the point that data on the printout will be typed into a data system or informatics applications e.g., laboratory information management system (LIMS), as part of an analytical procedure or for the generation of a certificate of analysis. Even simple instruments must be interfaced to an informatics application to achieve digitalization. Therefore, ignore this regulatory advice to simply print the measurements and take the step to interface instruments instead, because digitization provides business as well as compliance benefits. This results in a single storage location for the output rather than having to trace from the printout, manual entry of the data and the corresponding audit trail entries. A validated LIMS interface plays a critical role within a digitalized environment, and we will share further examples demonstrating the benefit of its implementation.  3. Transfer data electronically between systems The second rule of laboratory digitalization is to never retype data. Once electronic, data must remain electronic. Once electronic data is converted to PDF, it is no longer dynamic. Automated and validated interface functionality is a vital specification that leads to controlled data transfer with minimal, if any, human input. For example, the interface between a chromatography data system (CDS) application and LIMS can download sample identities and weights, matching CDS results to them, and upload sample identities with results to the LIMS electronically13 that will mitigate any transcription errors. 4. Know where your data are The third rule of laboratory digitalization is to know where your data are. This enables efficient retrieval for review, audit and inspection and, above all, being able to meet laboratory objectives. To achieve this requires that standardized data file and location naming conventions are established and followed. HOW TO ACHIEVE DATA INTEGRITY THROUGH EFFECTIVE DATA MANAGEMENT IN A REGULATED LABORATORY: DIGITALIZATION 5 How To Guide Data location is an imperative consideration also in a digitalized initiative. For example, in a SaaS (Software as a Service) or cloud model, your data reside on someone else’s computer. There is inadequate consistency among Good Laboratory or Manufacturing Practice (GxP) regulations and regulatory guidance documents on data location requirements for SaaS; 3,6,14,15 however, our suggestion is to cover these points explicitly in a service level agreement.16 Summary Our article has presented four data management tips to enhance data integrity in regulated laboratories through digitalization of processes. It is vital that senior management's support and involvement in allocating enough resource is a key to support laboratory digitalization and upgrade systems to improve DMDI. Remember, keeping current with technology is a requirement of both US and EU good manufacturing practice.17, 18 Acknowledgements We thank Monika Andraos, Chris Burgess, Bob Iser and Paul Smith for their time and effort reviewing our article to improve it. References 1. Data Management and Data Integrity (DMDI). Therapeutic Goods Administration, 2017. https://www.tga.gov.au/products/regulations-all-products/manufacturing/data-management-and-data-integrity-dmdi Accessed November 12, 2025. 2. MHRA GMP Data Integrity Definitions and Guidance for Industry 2nd Edition. 2nd ed.; Medicines and Healthcare products Regulatory Agency: London, 2015. 3. MHRA GXP Data Integrity Guidance and Definitions. Medicines and Healthcare products Regulatory Agency: London, 2018. 4. WHO Technical Report Series No.996 Annex 5 Guidance on good data and records management practices. World Health Organisation: Geneva, 2016. 5. Draft USP <1029> Good documentation guidelines and data integrity. Pharmacopoeial Forum. 2025,51(4). 6. EMA guideline on computerised systems and electronic data in clinical trials. European Medicines Agency: Amsterdam, 2023. 7. GAMP Guide Records and Data integrity; International Society for Pharmaceutical Engineering, 2017. 8. what is data literacy? Tableau Inc., https://www.tableau.com/data-insights/data-literacy/what-is Accessed April 4, 2025. 9. Andraos M, McDowall, RD. Data literacy: The foundation of quality management maturity? Technology Networks, 2025. https:// www.technologynetworks.com/tn/articles/data-literacy-the-foundation-of-quality-management-maturity-405271 Accessed Oct 2, 2025. 10. 21 CFR Part 11; Electronic records; electronic signatures final rule. Federal Register 1997, 62(54),13430-13466. 11. EudraLex - Volume 4 Good Manufacturing Practice (GMP) Guidelines, Annex 11 Computerised Systems. European Commission: Brussels, 2011. 12. PIC/S PI-041 Good Practices for Data Management and Integrity in Regulated GMP / GDP Environments Geneva, 2021. 13. McDowall RD. Validation of Chromatography Data Systems: Ensuring Data Integrity, Meeting Business and Regulatory Requirements. Royal Society of Chemistry, 2017. 14. OECD Series on principles of good laboratory practice and compliance monitoring number 1,OECD principles on good laboratory practice. Organisation for Economic Co-operation and Development: Paris, 1998. 15. Advisory document on GLP and cloud computing, supplement 1 to OECD document number 17 on application of GLP principles to computerised systems. Organization for Economic Co-operation and Development: Paris, 2023. 16. Lotfinia M, McDowall RD. What Goes in a CDS IT Service Level Agreement? LCGC International 2025, 2(3),18-27. doi: 10.56530/lcgc. int.rj1678q1 17. Facts About the Current Good Manufacturing Practices (CGMPs). Food and Drug Administration, 2021. https://www.fda.gov/drugs/ pharmaceutical-quality-resources/facts-about-current-good-manufacturing-practices-cgmp Accessed January 3, 2021. 18. Commission Directive 2003/94/EC laying down the principles and guidelines of good manufacturing practice in respect of medicinal products for human use and investigational medicinal products for human use European Commission: Brussels, 2003. HOW TO ACHIEVE DATA INTEGRITY THROUGH EFFECTIVE DATA MANAGEMENT IN A REGULATED LABORATORY: DIGITALIZATION