Batch release decisions — and other product safety evaluations — rely on data integrity. In this pharmaceutical industry article, we’ll explore 2021 and 2022 FDA Warning Letters on data integrity issues in the pharmaceutical manufacturing sector.

We’ll also discuss:

  • Why data integrity controls become more critical during a pandemic.
  • Why data governance measures are essential to protect product quality, brand reputation, and supply chain security.

Background to Pharmaceutical Industry challenges (2020 to 2025)

The pharmaceutical industry experienced unprecedented product demand in relation to the global SARS Covid-19 pandemic.

Demand for medicinal products, medical devices (e.g. PPE), laboratory testing services – and GMP-trained personnel – grew rapidly:

  • In 2020, when SARS-CoV-2 rapidly made its way across the globe
  • In 2021, when the virus mutated to a Delta variant, followed by an Omicron variant (and other variants of concern)
  • In 2021 and 2022, when new medicines were approved, resulting in billions of vaccine doses and PCR tests being administered to protect our populations)

These statistics are staggering.

For example, in terms of vaccination dose numbers required/administered and RAT kits:

  • There have been over 9 billion covid-vaccine doses administered as of early January 2022.
  • In Australia alone, there have been over 56 million PCR tests performed as of early January 2022.
  • Rapid antigen tests (RATs) are in high demand across the globe, particularly as new variants make their way into both vaccinated and unvaccinated populations.

Increased demand for medicinal products, including PPE and testing reagents, is expected to continue through 2022 through 2025 (or longer).

*Based on ongoing outbreaks in various regions along with the potential for further vaccine-resistant mutations.

Pharmaceutical supply chains and unmet product demands

In 2022, increased demand for pharmaceutical products will continue to challenge the sector’s production capacities and supply chain stability.

Increased product demands also prove challenging to Regulators and their GMP compliance inspectors. Regulators (including the FDA, TGA, EMA, MHRA, and others) need to stay abreast of manufacturing changes, new suppliers entering the manufacturing sector, drug safety reports (pharmacovigilance data/safety monitoring), clinical trials, and greatly increased drug approval applications.

Which pharmaceutical products have experienced steep increases in demand (and resultant supply chain shortages) during the pandemic?

Demand for the following pharmaceutical products skyrocketed in recent years:

Related healthcare services, including pharmaceutical product administration, ambulance services, emergency departments, and hospital personnel, are also suffering from a shortage of resources.

So as we start the 3rd year of living with a pandemic, we want to reiterate the importance of data integrity on product quality, safety, and efficacy; as well as its impact on supply chain stability and counterfeit prevention.

It’s important to note that data integrity and data governance measures have always been important components of a Pharmaceutical Quality System (PQS) or other Quality Management System (QMS).

Yet data integrity takes on increased importance during a pandemic, primarily because:

  • Heightened demand increases supply chain risks.
  • When demand exceeds available supply — and when shipping delays impede typical pharmaceutical supply chains/distribution channels — counterfeit products become an increasing concern.
  • Rapid production-line changes can go ‘horrifically wrong’:
    • if validation activities are lacking or inadequate (including cleaning validation)
    • if personnel are not adequately trained in cGMP and current SOPs
    • if SOPs aren’t kept up to date (or aren’t end-user friendly)
    • if new suppliers are used but not adequately qualified
    • if key personnel are lost to attrition and/or illness
    • if auditing schedules are delayed
    • if scheduled self-inspections are missed
    • if computer systems/software upgrades and data-capturing processes are not validated


The fact is that ALL quality controls depend upon accurate, reliable, consistently-recorded data.

Also, the recent increase in FDA Warning Letters on data integrity issues are not ‘stand alone’ warnings. Data integrity citations are often closely linked with other breaches of current GMP (cGMP), such as failure to investigate non-conformances/deviations, failure to document CAPAs and review their effectiveness, and failure to devote adequate resources to personnel training, Supervision, and SOP updates.

Pharmaceutical industry challenges in 2022

Key issues manufacturing businesses are contending with in relation to the ongoing pandemic include the following:

Variations in demand and production costs

Personnel shortages

  • staff shortages during outbreaks or lockdowns
  • personnel attrition
  • increased competition for industry talent
  • increased demand for GMP training/onboarding resource requirements
  • lack of data integrity personnel and data security experts

Disruptions and related challenges

  • supply chain disruptions
  • reduced access to APIs
  • delayed delivery times
    • incoming materials
    • product distribution
  • variations in production runs
    • rapid scaling
    • new products (e.g. mRNA vaccines, new types of PPE, etc)
    • substitute suppliers due to shortages and facility shut-downs
  • cold-chain storage challenges for mRNA vaccines
  • disrupted auditing schedules
  • delays in clinical trials (recruitment through completion)

Supply chain security issues

Recent FDA Warning Letters on Data Integrity issues

FDA warning supply-chain-shortage-ppe-pandemic-gmp

The FDA’s warning letters contain information about GMP breaches and auditing citations issued to organisations who fail to meet Good Manufacturing Practice standards (GMP regulations).

While there have been some interesting shifts in the focus of FDA regulatory audits and findings, as well as those of other Regulators including the Therapeutic Goods Administration (TGA) in Australia — frequently identified GMP breaches have related to:

  • inadequate deviation investigations
  • CAPA system issues including out-of-date OR non-existent SOPs
  • poor documentation practices (breaches of data integrity and batch recordkeeping requirements)
  • insufficient training of GMP personnel, contractors, and service providers
  • data integrity issues relating to quality testing/laboratory practices, batch traceability, non-conformances, etc.
  • falsification of testing data or ‘repeated testing until pass’

Pharmaceutical Industry Regulators recognise that nearly every quality management activity rests upon good documentation practices and data integrity assurances.

FDA warning letters on data integrity issues have highlighted the following issues:

  • Failure to adequately document deviations and CAPAs
  • Failure to ensure computer system log-ins are secure and never shared
  • Failure to restrict system administration rights
  • Failure to validate computerised systems or software upgrades
  • Failure to conduct data audits in a timely manner and/or as scheduled
  • Issues with signatures including written signatures and electronic signatures
  • Inadequate data backup schedules
  • Lack of data governance (e.g. inadequate data accessibility controls/unqualified personnel)

fda-warning-letters-for-data-integrity-issues Recent FDA warning letters for Data Integrity breaches

..And other GMP regulation breaches including breaches of CFRs


  • 2021 FDA Warning Letter for data integrity issues: Failure to record batch activities contemporaneously and numerous other regulatory breaches of GMP regulations/CFRs.
    • FDA Warning Letter excerpt: “The batch record documented that one employee performed multiple manufacturing steps, such as measuring containers and bulk reconciliation on two separate dates, and a second employee documented the verification of the activities. However, the second employee (verifier) stated to our investigator that they were not at work when these steps were documented as being performed.”
    • FDA Warning Letter excerpt: “Your quality system has not adequately ensured the accuracy and integrity of the data to support the safety, effectiveness, and quality of the drugs you manufacture. Without accurate records, you cannot assure appropriate decisions regarding batch release, product stability, and other matters that are fundamental to the ongoing assurance of quality.”

  • 2021 FDA Warning Letter for data integrity issues: Numerous breaches of data integrity regulations/CFRs were identified during an inspection of an external testing laboratory, including that the laboratory’s “data acquisition systems did not have sufficient controls to prevent deletion or alteration of raw data files,” failures to validate electronic worksheets and cell formulas, and a lack of audit trails for microbial challenge efficacy testing.
    • FDA Warning Letter excerpt: “Your firm failed to exercise appropriate controls over computer or related systems to assure that only authorized personnel institute changes in master production and control records, or other records (21 CFR 211.68(b)).”

FDA-CFRs-data-integrity-warning-letters. The above examples of data integrity warning letters from the FDA are only a small sampling of the GMP Inspection citations published in 2022, 2021, and previous years.

How do you ‘remedy’ data integrity problems in regulated sectors (GMP industries)?

1. Ensure resources and regulatory knowledge are adequate

  • First, business owners/Managers must devote adequate resources to data integrity/data governance assurance measures.
  • Owners, managers and personnel must keep abreast of the regulations, noting that:
    • Data integrity regulations are likely to change more rapidly than other GMP regulations or Annexes.
    • Changes to data integrity regulations relate to the speed of technological changes for computerised systems, data storage and data transfer systems, data security risks/data protection requirements, authorised user verification systems, AI, etc.

2. Hire appropriately qualified personnel and ensure they are appropriately trained

  • A key component of data integrity is ensuring your organisation employs adequate numbers of appropriately qualified personnel.
  • Personnel must also be trained appropriately, including contractors and service providers, to meet GMP requirements including Data Integrity requirements (ongoing training in GMP compliance matters is required).
  • The organisational culture — including data governance measures — is also a crucial consideration, and often starts ‘top down’.

3. Validate your systems

  • Validate your data governance procedures and computerised systems.
  • Ensure data protection measures are appropriate.
  • Conduct data integrity audits at an appropriate frequency.

All of the above rests on the application of quality risk management (QRM) principles and an understanding of the regulations for your products, e.g.  FDA CFRs 800 & 820 and CFRs 210 & 211.

Which pharmaceutical personnel require data integrity training?

  • Quality Management personnel and business owners
  • Operations managers, scientists, and laboratory technicians
  • IT personnel and software suppliers
  • Data managers/database administrators
  • System Administrators
  • Laboratory teams
  • Report-writing personnel
  • Data Integrity service providers
  • Data analysts/business analysts

Where can you get an online course on GMP/Data Integrity for Pharmaceutical Industry employees?

Suggested reading:

Supply shortages during the pandemic were often blamed on an over-reliance on overseas manufacturers and the use of complex supply chains, along with delivery delays of APIs and finished products.

Read more on Release for Supply – TGA requirements.

Last updated on February 22nd, 2022 at 09:41 am

Similar Posts