Best Practices for Lab Data Integrity and Security

Keeping your lab and its valuable data protected is at the heart of any lab manager’s role

Lauren Everett

At the core of any scientific organization—from pharmaceutical manufacturers to academic research labs—is data. Laboratory leaders use diverse sets of data on a daily basis, from data generated by basic research experiments, to analyzing financial data to make informed business decisions. Regardless of the type of data being produced and analyzed in a lab, it must be trustworthy and accurate. Ensuring data integrity and security promotes a positive lab culture, protects the lab’s reputation, and drives business growth.

What is data integrity?

Data integrity is a broad term, commonly defined as the “maintenance of, and the assurance of, data accuracy and consistency over its entire life cycle.” There are a variety of factors that can lead to data integrity failures, ranging from accidental human error, improperly-followed standard operating procedures, lack of training, or in the worst-case scenario, intentional misrepresentation of the data. As the leader of the lab, it is a key duty to establish an organizational culture that promotes good practices, ethical work processes, and a passion for the mission of the organization. The lab staff looks to those at the highest levels of the organization to set standards, so lab managers should lead by example by making data integrity a core value. This can be done through proper and continuous training of staff, by demonstrating transparent communication in everyday conversations, and organizing data integrity audits to keep everyone accountable for their work.

Pharmaceutical manufacturers, third-party testing labs, and similar quality control facilities are typically first-of-mind when thinking about the importance of data integrity, as these companies carry the burden of ensuring that only safe and healthy products are on the market, but the reliability of data is paramount in any lab setting. The FDA states that data needs to meet certain fundamental criteria to be considered quality data. Labs can refer to the ALCOA principles when developing strategies for data integrity. ALCOA stands for: Attributable; Legible; Contemporaneous; Original; and Accurate. Since the FDA introduced these principles, four more have been added to create the ALCOA+ principles: Complete; Consistent; Enduring; and Available.

ALCOA+ Principles

On the business side, the financial reasons to ensure data integrity and compliance are clear—a lab could spend a substantial amount of money and effort if experiments need to be repeated, in addition to time and productivity loss. Additionally, if your lab successfully implements clear and strict compliance strategies, you will stand out among other competitors as a trusted resource.

As the digitalization of labs continues to expand, organizations generate and collect massive amounts of data. While big data analysis can offer much more insight and information, it requires accurate and substantiated data to have value. After all, what is the point of hiring talented scientists, training them to excel, and investing in sophisticated equipment, just to risk it all due to poor-quality data?

Data integrity tools and software

Electronic lab notebooks (ELN) and laboratory information management systems (LIMS) are two popular solutions to help ensure data integrity. Some benefits of these tools include automatic data capture, easy-to-read data and metadata, the ability to maintain an audit trail for all records, and keeping data in one central place, as opposed to different platforms. Software packages are now available that take the capabilities of ELN and LIMS a step further. These software platforms can integrate with common benchtop instruments like balances or pH meters to provide users step-by-step workflow guidance, and have options to enhance security.

What is data security?

Data security complements data integrity, and is known as “protecting data from unauthorized parties.” In a lab setting, unauthorized parties could refer to both internal staff and external sources. 

There are three main areas of the lab that need to be considered when evaluating your organization’s level of data security, the first of which is hardware security. Common vulnerable factors to consider include instruments that may be connected to a network or have the capability of being monitored remotely, outdated operating systems, and outdated anti-virus software. Network security could also be at risk, whether you use an internal network, or an external, cloud-based software. Application security is another area to consider—does your organization have written policies for creating and safeguarding passwords? In addition to strong passwords, two-factor authentication is a smart way to prevent data breaches. When using two-factor authentication, users input the password as usual, and are asked to enter a code that is sent to a separate device or smartphone.

Developing a collaborative relationship with your organization’s IT team is an ideal first step to confirm that all aspects of the lab are protected, and to prevent major breaches or issues. 

It is important that lab leaders don’t forget about lab staff as potential areas of vulnerability when it comes to breaches and hacks. Personal devices and phones can be used as an entry point for hackers to enter a network, and human error is often the cause of cybersecurity issues. All staff should be trained to identify potential threats and practice proper security measures

This series will go into greater detail on each of the above topics, and offer tips and solutions that laboratory leaders can immediately implement to safeguard their organization’s valuable information.