MHRA’s GXP data integrity guide published – March 2018

After the British agency MHRA has published three (3) different draft versions of the – MHRA GMP Data Integrity Definitions and Guidance for Industry – in January and March 2015 (GMP) and in July 2016 (Draft for consultation – now for GXP) the final  “Medicines & Healthcare products Regulatory Agency (MHRA) ‘GXP’ Data Integrity Guidance and Definitions was published in March 2018.

Looking into the history of the document and content the major changes have been to replace and extend from “GMP” to GXP (covering  GCP, GDP, GLP, GMP and GPvP).  All this GXP areas had already requirements for data integrity or study integrity or similar for many years and are covered by European EMA regulations, directives and the EMA EudraLex Volumes or other regulations (e.g. chemical for GLP). The second change was the title “Guidance for Industry” to a “Guide“. Maybe the document type “Guidance for Industry” would remind you to US regulations and you are right. But in the EU such a document type in a regulatory structure and understanding is also not known. Maybe the roots of the first versions were coming from US or consultants or authors from this region. In general an own opinion might be better as to listen to any opinion-makers with commercial interests.In any case as part of the European Union we could be happy that the other 27 member states and agencies didn’t start to write national “guidance for industry” documents bypassing any common standards, commitments and even regulations. Something useful to read by the EMA can be found here on the GMP Q&A – data integrity section. It will be a miracle and dark secret why the MHRA has not referenced this good source of information – at least they added the PIC/S PI-041 in there, after PIC/S decided not to take over and not even to reference to the MHRA draft versions – for good reasons.

Now the positive fact(s) in Section 2.1: “This document provides guidance for UK industry and public bodies regulated by the UK MHRA including the Good Laboratory Practice Monitoring Authority (GLPMA).” So it provides guidance (not regulatory binding) – and for the UK industry. Every reader should recognize this sentence and statement, before it will be defined as the company’s global standard!

So the magic question is if an agency is publishing a guidance document / guide for the industry if it is useful and enabling innovation?

It would be nice if it would enable innovation and improve quality control, patient safety and product compliance. In reality it is not needed to add additional information like this to the GXP regulations and to confuse the sensitive community. This might be understood more or less only as “marketing” and most of the readers would be irritated on that. If any inspector has something to say, which might be useful but not binding, they can also write an article in Pharmaceutical Engineering or Technology or PharmInd or work with the ISPE, PDA or ECA etc..

Maybe MHRA just wants to give a message – “hey, we are still there”. Because there is nothing brand-new written in the guide – even if the MHRA states that they got 1300 comments from the industry. Think about the hours, days, weeks spend to do that. Doing audits or inspections in third party countries you may recognize different quality cultures – this is true (good reading is the WHO TR 996 on that).

Just to pick out one of the MHRA ideas: “Reconciliation of controlled print-outs.” (formally “control of blank paper-templates”) – NO, NO, NO. What about controlled print-outs? Just add an automated and clever watermark (or QR code) on the print-out, which is user-restricted, and showing if this is the “first printout by USER, DATE, TIME” or if it is re-print of the original record (itself numbered) and with its reason for reprinting – like an Audit Trail / Log-file for print-outs. I know companies who really start to do to “Reconciliation of controlled print-outs.” – this is no innovation and brings us back to the 19th century. Sorry to mention that, but again, this is only a guide and basically only for UK.

Suppliers and consultants should not support that kind of MHRA approaches. So it is not a “must-read”.. and do not wonder that in the next 3 month your email inbox will be flooded with trainings, events and DIRA presentations and offers. What is DIRA? It is used by the MHRA document for data integrity risk assessment – in reality a full data mapping and a data flow analysis should be done. Do we really need also a new term for ICH Q9 quality risk management? Acc. ICH Q9: “In doing an effective risk assessment, the robustness of the data set is important because it determines the quality of the output.” – and in the chapter “Statistical Tools” you might find the power of data – best in electronic format and not on print-outs.

Finally it could be summarized that it could be questioned if all three draft versions and the final guide were helpful and useful for the industry. The industry must decide that individually, if the guide enabled or will enable innovation, new technology and solutions and if it should be applied internally. It will be a strategic and tactical decision, how to work with the employees and external partners – based on mistrust and recognizing the “horror stories” in some Warning Letters and Inspection Reports going around the world or to enable a good data and records management approach for the 21st century.


Read more with comments and “likes” on LinkedIn.

Please feel free to take these suggestions as inspiration for further reading in areas that interest you the most: