Evolving Regulatory Systems Stress Importance of Data Integrity

Q: We are updating our training program for this year and wondered, are you aware of any new regulations for data integrity?

A: No new regulations were published in 2025 specific to data integrity. The evolving global regulatory systems do, however, address data integrity within the context of revised or new parts of the legislation.

The European Commission has published1 the Revision of Good Manufacturing Practice (GMP) Guidelines Chapter 4 (Documentation), Annex 11 (Computerised Systems) and New Annex 22 (Artificial Intelligence) for public consultation. All 3 documents address data integrity, namely:

• Chapter 4 clarifies the requirements for the management of electronic records, signatures, and data integrity while ensuring consistency with the concurrent revision of Annex 11.
• Annex 11 strengthens controls related to the assurance of data integrity, audit trails, electronic signatures, and system security.
• Annex 22 addresses the quality of model training data, and the management and processing of test data for AI models.

The US Food and Drug Administration published the Center for Drug Evaluation and Research 2026 Quality Management Maturity (QMM) Prototype Assessment Protocol Evaluation Program in February.2 The QMM program aims to encourage drug manufacturers to implement quality management practices that go beyond current good manufacturing practice requirements. Data governance is a topic covered by this program.

This clearly shows that it is necessary to search beyond the term data integrity to stay abreast of developments in this field. Furthermore, these updates continue to emphasize the need to comply with good practices, such as good documentation practices. This may sound trivial, but it isn’t. The many inspection observations relating to data integrity often show these issue are nothing more than a lapse in having documented processes or creating records that are true and are documented in a timely manner.

As mentioned, there are no new regulations on data integrity, per se. Instead, new or updated regulations are necessary to cover advancements in science and technology. Data integrity remains a key concept throughout and importantly, the requirements for data integrity compliance remain unchanged. You may refer to them as ALCOA+ (attributable, legible, contemporaneous, original, accurate, complete, consistent, enduring, and available).3

References

1. European Commission. Stakeholders’ consultation on EudraLex volume 4 - good manufacturing practice guidelines: chapter 4, annex 11 and new annex 22. Accessed February 23, 2026. https://health.ec.europa.eu/consultations/stakeholders-consultation-eudralex-volume-4-good-manufacturing-practice-guidelines-chapter-4-annex_en
2. FDA. CDER quality management maturity. February 11, 2026. https://www.fda.gov/drugs/pharmaceutical-quality-resources/cder-quality-management-maturity
3. Lopez J. Quality essentials: inspectional coverage of QMS and data integrity. Presented at: the Compounding Quality Center of Excellence Annual Conference; September 11, 2023. https://www.fda.gov/media/179075/download

About the author

Siegfried Schmitt, PhD, is vice president, technical, at Parexel.