Quality Compliance Data integrity is not a documentation problem. It is a system design problem.
When FDA investigators cite data integrity failures, they are not usually finding people who deliberately falsified records. They are finding systems that made it easy to do the wrong thing — or hard to do the right thing. The difference matters, because the fix is not more training on "don't falsify data." The fix is building systems where data integrity is the path of least resistance.
What ALCOA+ Actually Means in Practice
ALCOA+ is not a checklist to audit against. It is a set of principles that describe what trustworthy data looks like:
Attributable — You can identify who performed an activity and who recorded it. This means more than a signature on a batch record. It means electronic audit trails that capture the actual user, not a shared login. It means contemporaneous attribution, not after-the-fact reconstruction.
Legible — The data can be read and understood, now and in the future. Handwritten entries that no one can decipher, printouts that fade, and database exports without context all fail this principle.
Contemporaneous — Data is recorded at the time the activity occurs. Back-dating, pre-dating, and "I'll write it up later" all violate this principle. If your process makes contemporaneous recording impractical, the process needs redesign — not a workaround.
Original — The first capture of the data is preserved. This is where electronic systems create the most confusion. Is the original record the printout or the electronic file? The answer matters, and your SOP should define it clearly.
Accurate — The data truthfully represents what was observed or performed. Accuracy requires calibrated instruments, validated methods, and trained personnel. It also requires a culture where reporting an unexpected result is safe.
Complete — All data is recorded, including results that do not meet expectations. Deleting a failed test run and re-running it without documenting both results is an integrity failure, even if the re-run was scientifically justified.
Consistent — Data elements do not contradict each other. Timestamps should be sequential. Entries should follow logical order. Unexplained inconsistencies trigger investigator suspicion.
Enduring — Records are maintained throughout their required retention period in a format that remains accessible and readable.
Available — Records can be retrieved when needed — for batch release, for investigations, for inspections.
Where Companies Fail
The most common data integrity failures are not fraud. They are system design failures:
- Shared logins — When three operators share one system account, no record is attributable
- No audit trails — Systems that allow data modification without recording who changed what and when
- Printout-only retention — Keeping the printout but not the electronic raw data
- Informal re-testing — Running unofficial "test" analyses before the official run
- Blank form hoarding — Pre-signed blank batch record pages
- Clock synchronization — Instruments, computers, and building systems on different time standards
What to Do About It
Data integrity improvement starts with an honest assessment of your current state. Not what your SOPs say should happen — what actually happens on the floor, in the lab, and in the office.
Map your data flows. Identify where data is created, recorded, reviewed, stored, and retrieved. At each point, ask: does this step preserve ALCOA+ attributes? Where it does not, redesign the step.
This is not a six-month project with a final report. It is a permanent change in how you think about data.
Quality Compliance Consulting Inc helps organizations assess, design, and implement data integrity programs that satisfy regulatory expectations and actually work in practice.