As I noted in a prior article Establishing a Data Integrity Program in a GxP Environment, Data Integrity can be defined as the extent to which data are complete, intact, consistent, and accurate throughout its lifecycle.  Establishing and demonstrating Data Integrity compliance to regulatory agency guidance and industry expectations is required in a GxP regulated environment. 

Data Integrity requirements apply to both electronic and paper based GxP records – this article will focus primarily on the requirements and concerns associated with paper based GxP records.  We will discuss ALCOA +, Good Documentation Practices and General Consideration requirements for Data Integrity of paper based GxP records. 

ALCOA + Requirements

ALCOA + Principles state that GxP data should be (A) Attributable, (L) Legible, (C) Contemporaneous, (O) Original, (A) Accurate and the “+” portion also includes Complete, Consistent, Enduring and Available.  Data Integrity guidance from the FDA, MHRA and numerous industry organizations consistently cite ALCOA + to define the necessary attributes of GxP data.  Meeting applicable ALCOA + requirements is an industry expectation to help ensure product integrity and the safety of test subjects and patients. 

ALCOA + principles are appliable to both electronic and paper based GxP records.  The following provides a brief overview of the ALCOA + Principles in the context of Data Integrity for paper based GxP records:

1. Attributable (A) – Manual entries to a GxP records must:

a) Be attributable to the authorized individual (signee) performing the activity and/or recording data.

b) Include the data and time the activity was performed.  For some processes, it may be required to record both the start and end date/time of the process.    

c) Link the signature or initials of the signee to the activity being performed by:

  • Applying them at the end of each page of a manual form to designate the form page was completed by the signee.
  • Applying them next to or below each entry if the form is completed by multiple individuals.
  • Next to or below an annotation made by the signee to a document.

2. Legible (L) – Manual entries to GxP records must be clearly recorded and readable.    

3. Contemporaneous (C) – Manual entries must be recorded, signed, and dated when the work or activity is performed.

a) The signee must never pre-date or back date when the activity was performed.  

b) Data should be recorded and signed as each discrete activity is completed within a process and not combined with other activities and recorded and signed once for the group of activities that comprise the process.

c) Recording the start and/or completion times for an activity is especially important when it is necessary to establish the chronological order of the events of a process.

4. Original (O) – GxP records must be preserved, secured and retrievable in their original form.  Associated requirements and controls include:

a) Source, raw or primary data must be retained as originals or as true copies.

b) Ensure the transcription of raw, source or primary data from where it was originally and officially recorded to another official document is performed only through an approved procedure that requires the retention of the original document with the final document.  In some cases, the original document may have limited durability, such as thermal paper prints that fade over time.  

c) Only the approved, current versions of GxP records, procedural controls (Policies, SOPs, Work Instructions, other Controlled forms) and controlled documents are made available for use.

d) When working copies of controlled documents are authorized for use, they should have a printed expiration date to ensure they are appropriately removed and disposed when a new version is established, or the designed expiration date is reached.  

e) Use controlled and numbered blank forms, bound logbooks, and numbered pages to help reduce unauthorized creation or duplication of GxP records.

5. Accurate (A) – GxP records must reflect true observations and accurate calculations, ensure that: 

a) Process validation has been performed to ensure the accuracy of resulting GxP data. 

b) GxP data is secured with limited access to authorized individuals.

c) Original entries are not obscured or lost.

d) Data is verified against original source documents such as logbooks to ensure it is complete and unaltered.

e) Missing or potentially altered documentation must be reported to appropriate oversight, such as Quality Assurance. 

6. Complete – GxP records must be complete:

a) Your company’s Good Documentation Practices must be followed to ensure GxP records have no blank entry fields and any entry fields without a value are appropriately managed (e.g., lined out or have “N/A” recorded). 

b) Procedures controls should be in place for GxP records to ensure:

  • No missing intended references or attachments.
  • No missing signatures, initials, or dates.
  • All results including original test results or analysis are managed and presented with any retest results or re-analysis.  This is a key consideration to ensure that “testing into compliance” is not occurring. 

7. Consistent – GxP records must be secured and controlled to ensure they present accurate data in chronological order (where applicable): 

a) A consistent time source must be used for processes that must follow a designated sequence of events:

  • Date and Time entries are recorded to document the chronological order of events.
  • When data is manually recorded, the operator will record the time from a qualified time source. 
  • The qualified time source must be regularly verified and calibrated or synchronized to a reference time source, such as designated server or time service.        

b) Data modification (addition, removal, update) must be performed through an authorized procedural control that ensures:

  • The data modification is approved and/or reviewed by the appropriate level of supervision or management.
  • The data modification is attributable to the individual making the change by recording their signature/initials, date/time of the change and reason for the change.
  • Original entries are not obscured or lost.

8. Enduring – GxP records must be recorded in an authorized and permanent format, such as a controlled form, bound logbook, worksheet, report, or other controlled document and must be:

a) Secured and maintained throughout their designated retention period.     

b) Appropriately dispositioned per applicable procedural controls upon the completion of their retention period. 

9. Available – GxP records must be readily available for review and inspection through their designated retention period.

Further information on ALCOA + is found in the FDA and MHRA guidance listed in the Additional Information on Data Integrity section at the end of this article.

Good Documentation Practices Requirements

Your company should have Good Documentation Practices as part of their Quality Management System, and they should be required training for most if not all employees and contractors.  Many of these practices are common industry expectations and are recommended by regulatory authorities (e.g., FDA, MHRA, TGA) and industry organizations (e.g., PIC/S, GAMP).     

The following provides a brief overview of Good Documentation Practices in the context of Data Integrity for paper based GxP records:

1. A Signature Log should be established if paper based GxP records are used at your company:

a) Establish a master Signature Log that records the signatures and initials of all employees and contractors that perform GxP work to establish a reference that identifies the persons whose signatures and initials are applied to paper based GxP records. 

b) Another approach is to establish a Signature Log as part of executed paper based GxP document.  This approach is often taken with protocol executions.   

2. Procedural controls should be established for the use of controlled data entry documents (e.g., logbooks, notebooks, worksheets, forms, templates) to ensure they are completed in an authorized and consistent manner: 

a) All entries must be attributable to the individual performing the work by the application of their signature, date, and time (where appliable) to the applicable controlled data entry document.

b) Entries must be recorded:

  • Contemporaneously as work is completed.
  • In chronological order for each discrete activity in the process.
  • In indelible ink that permits clear photocopying to record entries.  Use blue or black ink unless another color is justified. 

c) When an operator cannot contemporaneously record the activity, an authorized scribe may do so in lieu of the operator, per procedural controls.  The inability of the operator to record the activity can occur when:

  • Personal protective equipment prohibits recording of the activity.
  • The manufacturing or test suite layout or process prohibits recording of the activity.
  • The toxicity of the material being manufactured or tested prohibits recording of the activity and/or the removal of the source documentation from the area.    

d) The temporary recording of GxP data on unofficial documents, notepads or “scratch paper” for later transcription to a controlled data entry document is prohibited.  If this does occur:  

  • Contact Quality Assurance and document the occurrence as a deviation.
  • Retain the unofficial source document that GxP data was originally recorded on and attach it to the applicable controlled data entry document.   

e) Controlled data entry documents must be approved by Quality Assurance and:

  • Maintained under version and access controls to ensure the correct version is used.  
  • Blank forms should be maintained as numbered sets and reconciled upon completion of the numbered set to better ensure their appropriate use. 
  • Unused, incomplete, or erroneous forms must be kept with the permanent GxP Record with documented and attributable (signature, date) justification for their replacement. 

f) When using bound and paginated notebooks or logbooks to record GxP Data and records:

  • Do not remove pages from the bound notebook or logbook.
  • Formally control, pre-number and issue notebooks and logbooks.
  • Reconcile completed notebooks and logbooks.
  • Attach printouts or other data forms associated with work in the notebook and logbook in a way that will indicate if the attachment has been removed.  One approach is to sign across the attached document and the notebook or logbook page.  An additional approach is referencing the attachment in the body of the notebook or logbook.   

g) Unambiguously record data and time entries per your company’s Good Documentation Practices:

  • Avoid using date formats that can have different interpretations between countries or across geographies, such as variations of DDMMYYYY and MMDDYYYY.  
  • Use a variation of DD-MMM-YYYY which is unambiguous and is understood in most countries and geographic regions.
  • Use either the standard 24-hour format (e.g., 14:45) or the standard 12-hour format (e.g., 1:45 PM).
  • It is recommended that the time zone designation is added at the end of the time value if work is captured or shared across multiple time zones (e.g., 1:45 PM EST) to ensure that data is recorded and presented in chronological order.   

h) Utilize good error correction practices per your company’s Good Documentation Practices:

  • Corrections must be made using a clear single line through the data to indicate it is incorrect.
  • The person making the corrections should enter their initials and the date of the correction with the corrected entry and reason for the correction adjacent to, or as close as possible to, the lined out incorrect data.    
  • Wherever possible, the person who made the original, incorrect entry should make and justify the correction of data or the addition of omitted data.  If a second person makes the correction to data or adds omitted data, they must note what they did and why they did it in lieu of the person who made the original entry (e.g., “The person who made the original entry no longer works for the company”). 

i) The following practices should be prohibited:

  • Applying the signature or initials of another person.  
  • Using a pencil to record entries in controlled data entry documents.
  • Obscuring previously recorded entries by writing over them.
  • Obscuring previously recorded entries with multiple lines or “scribbling out”.
  • Obscuring previously recorded entries with white out or correction tape.
  • The use of ditto mark to repeat a value across multiple entries. 

General Consideration Requirements

The following are general considerations for ensuring Data Integrity of paper based GxP records:

1. For GxP processes that require recording the time that activities are performed, a consistent time source must be visible as the reference source to record the time. 

2. As noted in the article Establishing a Data Integrity Program in a GxP Environment, documenting data flows can identify the manual and electronic paths of data in your company’s processes.  Assessing the manual processes, as well as the paper-based data-entry inputs and report outputs of electronic processes, can help identify ALCOA + and GDP gaps.  Unsecured paper based GxP records, such as clinical data, external test results, sample manifests and reports can create a significant data integrity risk to GxP data that can be modified or deleted unintentionally or intentionally.             

3. The use of emails as GxP records can be problematic as it is difficult (in not impossible) to validate an email system.  Procedural controls to appropriately manage internal or external emails supporting GxP processes should require that they be printed or saved as a PDF.  If printing these emails as a paper based GxP Record, then they should be managed as follows:

a) Print the entire email, including any attachments, and maintain as a paper based GxP Record. 

b) Ensure the date and time of the email are persevered in the body of the email or annotated on the paper record with an attributable signature, date, and explanation. 

c) Any GxP decisions or instructions (e.g., sample accessioning decisions, specific analysis instructions) that are included in an email must be:

  • Sent from an individual authorized to make those decisions or provide those instructions.
  • Printed and managed as a paper based GxP Record. 

4. Also noted in the article Establishing a Data Integrity Program in a GxP Environment, your company should consider establishing a Data Integrity Policy or Standard to define requirements for the integrity of GxP data, both in paper and electronic formats.  The ALCOA +, Good Documentation Practices and the General Considerations requirements discussed in this article along with a reference to your company’s Good Documentation Practices, should be integrated into your company’s Data Integrity Policy or Standard.


The use of paper based electronic GxP records require procedural controls and ongoing staff training to ensure Data Integrity.  The ALCOA +, Good Documentation Practices and General Consideration requirements may already be part of existing procedural controls or part of a Data Integrity Policy or Standard at  your company.  If these controls are not already established in existing procedural controls, they should be. These requirements support core requirements for secured and accurate GxP records and are an expectation of regulatory authorities and industry.      

Ensuring staff are trained on these procedural controls and verifying that they are effective helps ensure the Data Integrity of paper based GxP records at your company.  The inclusion and execution of these requirements as part of your Data Integrity Program contribute to the defensible position of your company with regulatory authorities and clients.  The Data Integrity of paper based GxP records contributes to the integrity of drug development, clinical trials, and drug manufacturing as well as the safety of trial subjects and patients.  

This is the second in a series of articles on Data Integrity in a GxP environment.  The first article in this series highlighted the need for, structure and execution of a Data Integrity Program.  This article highlighted the data integrity requirements specific to paper based GxP records.  Future articles will describe other categories of Data Integrity requirements as well as provide an overview of the assessment and remediation processes. 

Additional Information on Data Integrity

  • FDA 21 CFR Part 11: Electronic Records; Electronic Signatures (Mar 1997)
  • FDA Part 11, Electronic Records; Electronic Signatures – Scope and Application (Aug 2003)
  • FDA Data Integrity and Compliance with CGMP: Guidance for Industry (Apr 2016)
  • FDA Data Integrity and Compliance with Drug CGMP: Questions and Answers Guidance for Industry (Dec 2018)
  • MHRA GXP Data Integrity Guidance and Definitions (Mar 2018)
  • EudraLex Volume 4 Good Manufacturing Guidelines, Annex 11: Computerised Systems (Jan 2011)
  • ISPE GAMP 5: A risk-based approach to Compliant GxP Computerized Systems (2008)
  • ISPE GAMP; Records and Data Integrity Guide (Mar 2017)
  • PDA Technical Report No. 80, Data Integrity Management System for Pharmaceutical Laboratories (2018)
  • PIC/S Draft Guidance: Good Practices for Data Management and Integrity in Regulated GXP/GDP Environments (Nov 2018)

Kevin DeLeon is a Principal Consultant in CREO’s Cybersecurity and Compliance practice and is an expert in IT Quality and Compliance for regulated environments.  The CREO Cybersecurity and Compliance practice has deep expertise in GxP systems implementation and validation, SDLC processes and oversight, QMS and related policies, procedures and supporting activities, Data Integrity, Part 11/Annex 11 programs and assessments, Lab Buildouts, Cybersecurity, and program operationalization.