Securing the integrity of electronic data often can be a costly and resource-intensive endeavor. While every organization in the pharmaceutical space is expected to protect the data on its networks, doing so can take several different forms and often can cost a lot of money and resources that smaller organizations just don’t have at their disposal. However, there are several low-cost ways to improve the security of network data files and, with a little creativity, organizations can go a long way to close the gap on protecting their important files without expending much in the way of resources. Larger organizations, on the other hand, have far more data, which results in staggering costs and intensive efforts of maintaining large data sets. From the smallest laboratory to a global corporation, there are many options are available to help secure important data files and close or eliminate the data integrity gap.
Closing the Gap on Data Integrity
Since the original 21 CFR Part 11 guidance (1) was established in 1997, data integrity has long been a concern for regulated industries in the pharmaceutical space. For over 20 years, discussions on data integrity have occurred in audits, conferences, forums and other venues where industry professionals could collaborate to work out acceptable ways to ensure that electronic files are kept secure. Instrument data has long been a concern, as data files from instruments very often include no audit trail or any protections on files that they create.
Protecting these files is of paramount importance, and there are several considerations when trying to protect instrument data files. Complexities and dependencies include the type of instrument used, what types of files it creates, what sort of data structure it has and how it controls where its files go. Considering there are hundreds if not thousands of instrument types in the market, from Mass Spectrometry systems to plate readers to next generation sequencers – all of which have different ways of controlling their files – it easily can become overwhelming for unprepared organizations to manage and protect the heterogeneous data files. Factor in that organizations traditionally don’t dedicate annual budgets to handle this, how does an organization go about securing the integrity of instrument data files? How does an organization close the gap?