Guest Commentary: Should you be concerned about temporary data?

If someone says data integrity isn’t a new issue, they might not be paying attention to the matter of temporary data. While it’s been two years since the World Health Organization announced its good data and record management practices, and only a year since the U.S. Food and Drug Administration (FDA) and the U.K. Medicines and Healthcare products Regulatory Agency (MHRA) issued draft guidance to improve data integrity, one aspect is gaining attention: that of temporary memory. While these regulatory agencies evolve their thinking around data integrity mandates, the guidance is pointing to curbing the ability to alter data in temporary memory before it becomes permanent.

Because data is central to a regulator’s mission to ensure the safety, efficacy and quality of pharmaceuticals, regulatory agencies such as FDA and MHRA seek to ensure that data submitted to them has not been falsified, omitted, hidden or substituted. This includes data points that have been entered, but perhaps never saved.

The clearest, non-laboratory example of temporary data comes from online banking; one can enter different amounts to be paid or transferred and dates for these transactions to occur, yet the bank takes no notice or action until the information is saved. Then, only the final data is acted upon. The previous “temporary” activity is untraceable.

Database creators, users and managers are conditioned to view “data” as information that is intentionally saved, whether by the user or the system, as part of the final record. The idea of storing values in between movements in the page, and before explicitly saving, is somewhat foreign. According to the MHRA, until a transaction is saved to permanent memory, that particular data is “considered to be temporary memory” and is “at risk of amendment or deletion without audit trail visibility.¹ The FDA, meanwhile, states “it is not acceptable to store data electronically in temporary memory in a manner that allows for manipulation, before creating a permanent record.²

Whether someone is deliberately falsifying a result or otherwise attempting to overwrite the initial data entered, capturing what has been entered in temporary memory can be useful in an audit. While the issue of temporary data is still under review—and how these global regulatory agencies eventually end up treating it is anyone’s guess—many in the industry are preparing for its capture to be included in the final regulation.

Since much of this data will be captured in a laboratory information management system (LIMS), it is essential for LIMS vendors and LIMS users to watch this space carefully. If there is a new interpretation of the regulation that affects temporary data, it will be useful to know how a LIMS will address it.

There are three ways to reduce the risk of temporary data being amended or deleted, in order to protect the integrity of any data under audit by a regulatory agency.

First, data that is entered in the LIMS should be automatically saved if the user attempts to leave the data-entry area without explicitly saving it. Second, if a user attempts to change a previously entered value, they should be immediately prompted to provide a reason for the change. Third, the audit review record should include all data—both the explicitly saved data and any data left in temporary memory. The permanent data could be flagged visually to let reviewers know there is another information layer available that tracked the data as it was modified in temporary memory.

This approach maintains a clean audit trail based on the full history of the test—including all the information expected to be GxP compliant, such as who entered the data, the date and time and any changes between temporary and permanent memory.

It is also an approach that has been called for by many LIMS users, particularly proactive ones who believe “the writing is on the wall” when it comes to temporary data and data integrity.

LabVantage made a strategic decision, one that was supported by customers during the company’s Customer Training and Education Conference (CTEC) in 2016, to handle changes made to data stored in temporary memory in its LIMS. LabVantage 8.2, which is already available to customers, is able to automatically capture data stored in temporary memory in a way that is compliant with the new guidance. Later this year, LabVantage 8.3 will additionally prompt the user for a change reason, which fully meets international regulations such as 21 CFR 11 and Annex 11. Both versions of the software enable reviewers to easily view changes to data both explicitly saved and those only stored in temporary memory by using a visual indicator in the audit log.

The goal is to be proactive in meeting customers’ needs for data integrity as regulatory agencies join the World Health Organization in formalizing requirements to further ensure data is ALCOA: attributable, legible, contemporaneous, original/true copy and accurate.

When considering a new LIMS, ask the vendor for their position on emerging data integrity guidance and how they will address concerns such as temporary data. Many in the industry believe it is just a matter of time before auditors ask to see which values were changed before being made permanent.

---

Jeff Vannest is senior director of product management at LabVantage.

¹ www.gov.uk/government/uploads/system/uploads/attachment_data/file/538871/MHRA_GxP_data_integrity_consultation.pdf

² https://www.fda.gov/downloads/drugs/guidances/ucm495891.pdf