Principles of data integrity
Data integrity according to ALCOA+ with diaLIMS
diaLIMS is finding its way into more and more areas of the company and is being used in many industries.
Data integrity is an important concern for us, which is why we are guided by the ALCOA+ principles of the U.S. Food and Drug Administration(FDA).
ALCOA+ describes the 5 original principles of data integrity.
The + extends this list by 4 further, no less important principles.
The principles
In the following, all the principles will be examined in more detail and technical implementations from diaLIMS will be shown that will enable you to comply with these principles.
The original principles:
- Attributable(assignable)
- Legible
- Contemporaneous(accurate in time)
- Original(original record or certified copy)
- Accurate(correct)
The Plus
- Complete
- Consistent
- Enduring (long-lasting)
- Available
Data integrity and data security - what's the difference?
While data security is primarily concerned with protecting data from loss and unauthorised access, data integrity focuses more on the content.
Integrity is concerned with the validity and trustworthiness of data.
The implementation in diaLIMS
Assignable
Who carried out an interaction and when?
It is important to be able to trace who carried out an action such as creation, modification or deletion and, above all, when. diaLIMS offers several options for logging all activities:
The audit trail records who changed a data record and when. The audit trail is fully configurable so that only important actions are recorded.
In addition, the system automatically enters the creation time and creation user for important data records so that central information can always be read directly without having to check the audit trail.
This is linked to the maintenance of individual user accounts for each user in diaLIMS.
Readable
Can the data be read over the entire life cycle?
In relation to a laboratory system, this means that the data remains readable within the legal retention period and beyond. All data in diaLIMS remains readable over the entire life cycle. Documents are stored digitally and assigned directly to the diaLIMS data.
All diaLIMS data and documents are stored in a standardised SQL database, e.g. Microsoft SQL Server or IBM DB2.
Precise timing
Does the system log actions to the exact time?
diaLIMS automatically saves timestamps for important actions such as the creation time, the status change and the audit trail to the nearest 1000th of a second. This makes it possible to track exactly when an action was carried out.
The time stamps are queried from the central database server so that the times can be compared for several users.
Original
Are originals kept in order to make processes traceable?
Any (original) documents can be stored and managed for almost every data record in diaLIMS. For example, device files or original documents can be stored, e.g. in PDF format.
To ensure that these cannot be subsequently manipulated, diaLIMS also supports the storage of data in the database. This means that access without diaLIMS and therefore without authorisation is no longer possible.
In addition, master data can be versioned so that it can be traced at any time, for example with which version an examination was carried out.
Correct
Is data stored truthfully, validly and reliably and are changes documented accordingly?
The interaction of processes and functions is essential here. Important data such as measurement results or test reports are checked and validated using an established dual control principle. The user always has access to the original data.
Once data records have been finalised, they are fixed and can no longer be changed. A separate process must be established for changing data records so that it is clear who is authorised to put a data record back into work.
Access can be controlled via an integrated authorisation system so that only authorised users can change or view data. diaLIMS also supports the standard-compliant creation of test and correction reports with versioning and change documentation.
Complete
Is every action documented?
Every step can be logged in diaLIMS: every measurement, every outlier and the documentation of test equipment and standards used.
In addition, mandatory fields and compulsory entries can be configured so that important information cannot be forgotten.
Consistent
Are data records consistently created in the expected order?
We have already established that all actions are time-stamped. This allows us to track the correct order in which records are created and processed.
In addition, there are recurring processes that should be adhered to. In diaLIMS, for example, inspection plans can be defined for this purpose. This allows the order of processing to be defined and reused consistently for each sample.
This makes it possible to specify the intended chronological order and to track the actual chronology of the data later.
Durable
Is data available in the long term?
Databases have the advantage that data is equally available regardless of when it was created. Modern systems can therefore easily access data that is several decades old.
The aspects of data protection and data security are important here: you should back up your data regularly in order to be protected against failures and losses of any kind.
Available
Is the data available over the entire life cycle?
Our system offers you access to all data records at any time and in any programme version.
You can also use filters to load specific data records, for example to provide an auditor with all the data for a process.
Theory vs. practice - a summary
Above all, it is important that you utilise the system's capabilities and establish appropriate processes.
An audit trail, for example, is only effective if it is configured for the purpose and traceability is only guaranteed if users log into the system with their own accesses, if users log into the system with their own accesses.
Consistent training of employees in the principles of data integrity is also essential.
It must be clear how important compliance with the principles of data integrity is for operations.
Talk to our service team and let us advise you on which processes and functions are right for your use case.