Data integrity includes the total accuracy, completeness, and consistency of data throughout its entire lifecycle. Data undergoes numerous processes and alterations from raw to more usable formats. Maintaining data integrity is critical for ensuring that data can be searched, recovered, traced, reused, and maintained without jeopardizing stability and performance.
Therefore, data integrity is a central and critical component of any system that stores, processes, designs, or retrieves data of any type. It seeks to ensure that all data is recorded exactly as intended and, when retrieved, the data are identical to when they were originally recorded. Ensuring data integrity occurs via the use of error-checking and validation processes.
When data integrity is compromised, the end result can be catastrophic—whether the loss of an album of priceless family photos, an entire company’s customer database, or a life-critical system.
Data Integrity versus Data Security
While related, data integrity should not be confused with data security, the latter of which simply protects data from unauthorized access or corruption. Thus, data security—a process designed to protect data—exists to ensure data integrity—the uncorrupted and complete data.
Types of Data Integrity
There are two primary types of data integrity: physical integrity and logical integrity. First, physical integrity addresses the actual data and the challenges inherent to storing and retrieving the data correctly.
Second, logical integrity relates to the rationality or correctness of certain data within an organization. In other words, logical integrity seeks to ensure that the data make sense within their particular environment.
Ensuring Data Integrity
Unintended alteration of data—or data corruption—can occur during the storage, retrieval, or processing of data and can be the result of:
- Unintentional human error
- Malicious human activity
- Design flaws
- Cyber threats such as bugs, malware, or viruses
- Storage errors
- Environmental hazards
- Transfer errors
- Compromised hardware or devices
- Software bugs
- Material fatigue
Thus, every time data is stored, transferred, or replicated, it is imperative that it remain fully intact and completely unaltered. The use of error checking and validation processes seek to maintain data integrity.
It is also important to understand that data integrity is both a process and a state. As a process, data integrity describes steps taken to ensure the validity and accuracy of data. As a state, data integrity describes data that is complete, valid, and accurate.
The Importance of Data Integrity
Ensuring data integrity is particularly important in certain industries, particularly within the Food and Drug Administration (FDA) with respect to the safety, quality, and efficacy of pharmaceuticals. Any breach of data integrity can have serious implications related to public health. Thus, data integrity must adhere to current good manufacturing practice (CGMP) standards. Said standards are set forth in Chapter 21 of the Code of Federal Regulations (21 CFR) parts 210, 211, and 212.
Specific FDA requirements to ensure pharmaceutical safety, strength, purity, quality, and identity include:
- Completeness and exactness of backup data
- Data that is secure from alteration, inadvertent erasure, or loss
- Proper data storage to prevent deterioration or loss
- Scientifically sound laboratory controls
- Documentation of specific activities
- Complete retained records that include original and true copies
- Well-preserved and traceable metadata—the contextual information necessary to understand data
Of particular concern is the FDA’s increasing observance of CGMP violations regarding data integrity, thus resulting in increased regulatory actions, import alerts, warning letters, and consent decrees.
Ensuring data integrity is critical in all circumstances but perhaps even more so when public health is concerned. Within the context of pharmaceutical manufacturing and the serious implications which can result should data become corrupted, adhering to FDA guidelines is imperative.