FDA/EMA Audit: How to Demonstrate Data Integrity in QC
Share

Data Integrity in FDA/EMA Audits: What to Expect and How to Prepare
Introduction
Regulatory inspections have become increasingly focused on Data Integrity.
FDA, EMA and PIC/S consider the QC laboratory a high-risk zone: this is where the data critical for batch release are generated.
A single nonconformity in this area can compromise the entire Pharmaceutical Quality System (PQS).
Advanced Regulatory Analysis
Inspectors assess Data Integrity with respect to:
- EU GMP Parts I and II
- Annex 11 (controls for computerized systems)
- ICH Q9/Q10 (risk management and PQS)
- MHRA Data Integrity Guidance
- FDA Data Integrity Compliance Program
The ALCOA+ principles serve as the matrix for evaluating all QC records, especially those produced by HPLC/GC, Empower, LIMS, ELN and backup systems.
What Inspectors Look For
The guide provides a detailed list of the most frequently scrutinized areas:
1. Chromatographic Data Integrity
- Availability of all original raw data
- Traceability of all reintegrations
- Version control of processing methods
- Consistency between sequences and laboratory notebooks
2. Reviewed Audit Trails
Inspectors may ask:
“Show me the audit trail of series X and explain every critical event.”
The laboratory must know:
- where audit trails are stored
- how to filter them
- how to document the review
3. Access Control
- No Admin rights for analysts
- No shared accounts
- Immediate deactivation of inactive users
4. Consistency Between Records and Electronic Systems
A mismatch between the notebook, LIMS and CDS is one of the most common red flags.
5. Data Reconciliation
Injection counts, raw files and reports must match exactly, with no omissions.
How to Avoid Critical Findings
- Implement a mandatory Audit Trail Review SOP
- Apply least-privilege access: analysts must not be able to delete or overwrite raw data
- Automate daily backups on segregated servers
- Document every reintegration with a technical note and approval
- Update analytical methods only through formal change control
- Perform daily data reconciliation
Audit Readiness: Essential Documents
- Audit Trail Review Template
- QC Data Review Template
- HPLC/GC Audit Checklist
- LIMS/ELN Audit Checklist
- Data Integrity & Backup SOP
- OOS/OOT workflow integrating Data Integrity
Typical Error → Corrective Action
Error: Multiple reprocessing actions without annotation
CAPA: Restrict privileges + enforce technical justification + QA review
Error: Missing chromatograms
CAPA: Automatic backup + daily reconciliation + monthly internal audit
Conclusion
An audit-ready laboratory is not prepared at the last minute.
It builds a robust, traceable and defensible data system every single day.
Keep your company audit-ready. Explore the complete guide on GuideGxP.com
