Data integrity remains one of the most closely examined areas during GMP inspections. Every record generated in a pharmaceutical company must be trustworthy, accurate, and complete from the moment it is created until its retention period ends. This expectation applies equally to manufacturing data, laboratory records, and quality documentation.
The concept of ALCOA was introduced to define the essential characteristics of reliable data. It has since developed into ALCOA+ and finally into ALCOA++, reflecting the need for stronger controls in increasingly digital and complex environments.
History and Evolution of ALCOA
The ALCOA framework did not appear in its final form overnight. It developed gradually, reflecting new regulatory expectations and the growing complexity of data systems in the pharmaceutical industry. Each stage built on the last, adding attributes that strengthened how companies demonstrate the reliability of their records.
ALCOA: The foundation
The concept of ALCOA was introduced in the 1990s by the US Food and Drug Administration as part of its guidance on data integrity. At the time, the industry was transitioning from paper to early electronic systems, and inspectors needed a clear and straightforward way to explain what reliable data should look like. ALCOA was built on five attributes:
- Attributable – Every piece of data must be linked to the individual who generated it. This means signatures, initials, or electronic IDs must clearly show who performed the task.
- Legible – Records must be readable and permanent. Information that fades, smudges, or cannot be interpreted loses its value.
- Contemporaneous – Data should be recorded at the time the activity is performed, not written down later from memory.
- Original – The first capture of the data is the one that counts. Photocopies or transcriptions may serve as references, but the original record is the true evidence.
- Accurate – Information must reflect the real observation or measurement without manipulation or error.
ALCOA quickly became a cornerstone of GMP data integrity and was embedded in inspector training and guidance documents worldwide.
SEE ALSO: Data Integrity and Data Governance in GMP
ALCOA+: Strengthening expectations
Over time, regulators recognized that the five ALCOA principles were insufficient to capture the full scope of data governance. The framework was expanded into ALCOA+, adding four further attributes:
- Complete – All data related to a process or activity must be included. Selective recording is not acceptable.
- Consistent – Records should follow a logical sequence and be free of unexplained gaps. Batch numbers, time stamps, and entries must align across the process.
- Enduring – Data must be stored in a permanent, secure medium. Records kept on scrap paper or in temporary files are not compliant.
- Available – Information should be readily accessible throughout its retention period. Inspectors and internal reviewers must be able to retrieve it without delay.
These additions placed greater emphasis on long-term control of records, especially as electronic systems became more common in laboratories and manufacturing.
ALCOA++: The modern standard
As the industry advanced into more complex digital environments, the concept evolved once more into ALCOA++. This stage reflects the need to move beyond recording data correctly, toward managing data with transparency and critical oversight. While interpretations may vary, ALCOA++ generally includes attributes such as:
- Traceable – Every change to data must be captured in an audit trail, showing who made the change, when, and why.
- Transparent – Processes around data must be clear, justifiable, and open to scrutiny. Hidden practices or undocumented changes are not acceptable.
- Integral – Data must remain intact, protected from manipulation, and linked to its context.
- Critical Thinking – Personnel are expected to assess data not only for compliance, but also for scientific sense and alignment with process knowledge.
ALCOA++ represents the most comprehensive view of data integrity. It applies to all GxP areas, including manufacturing, quality control, clinical trials, and pharmacovigilance. The framework is now closely tied to modern regulatory documents such as the FDA’s Data Integrity Guidance, EMA reflection papers, and PIC/S recommendations.
The 10 Principles of ALCOA++ with GMP Examples
Each principle of ALCOA++ builds on the idea that data must be reliable, trustworthy, and inspection-ready. To make the framework practical, it is helpful to see how each attribute translates into both paper-based and electronic systems, along with the type of evidence regulators expect during an audit.
1. Attributable
Definition: Every record must clearly show who performed the action and when.
Regulatory anchor: 21 CFR 211.194(a) requires initials or signatures of the person performing and reviewing lab tests; EU GMP Annex 11 (§12.4) requires recording of operator identity.
Paper Example: A technician signs and dates an entry in a batch manufacturing record immediately after weighing an ingredient.
Electronic Example: A chromatography data system automatically records the analyst’s user ID and time stamp when an HPLC sequence is started.
Evidence: Handwritten initials with dates, unique electronic login credentials, and audit trail entries linking actions to specific users.
2. Legible
Definition: Data must be readable and permanent throughout its retention period.
Regulatory anchor: FDA Part 211.180 requires records to be legible and readily available; EU GMP Annex 11 (§8.1) requires electronic records to be human-readable throughout their lifecycle.
Paper Example: Environmental monitoring results recorded in ink in logbooks, free of overwriting or faded print.
Electronic Example: Results stored in a validated LIMS with font and formatting that remain consistent across systems.
Evidence: Clear handwriting or printed records, legible scanned copies, and system access that ensures records can be displayed without corruption.
3. Contemporaneous
Definition: Records must be created at the time the activity is performed.
Regulatory anchor: 21 CFR 211.100(b) requires documentation of each significant step at the time it is performed; PIC/S PI-041 highlights contemporaneous recording as a critical ALCOA principle.
Paper Example: An operator documents pH measurement results directly onto the batch record during in-process testing, not on a scrap note to be transcribed later.
Electronic Example: An electronic balance automatically records the weight and time stamp when a material is dispensed.
Evidence: Original time-stamped entries, electronic audit trails showing real-time capture, and absence of unexplained delays between activity and recording.
4. Original
Definition: The first capture of data is the true record.
Regulatory anchor: 21 CFR 211.180 requires retention of original data or true copies; Annex 11 (§8.2) requires records to indicate when data have been changed.
Paper Example: Handwritten results on validated worksheets are considered the original record, while photocopies are only supporting documentation.
Electronic Example: The raw HPLC chromatogram stored in the CDS database is the original, while exported PDFs are secondary copies.
Evidence: Controlled logbooks, validated systems storing raw data, and procedures describing management of originals versus copies.
5. Accurate
Definition: Data must reflect the true value or observation without error or manipulation.
Regulatory anchor: 21 CFR 211.68 requires controls to ensure accuracy of input and output; Annex 11 (§6) requires accuracy checks for critical data.
Paper Example: Recording the actual observed temperature from a validated thermometer instead of “expected” or rounded values.
Electronic Example: Automated import of analytical instrument results directly into LIMS without manual re-entry.
Evidence: Calibration records, audit trails showing no unauthorized modifications, and consistent data across different sources.
6. Complete
Definition: All data, including repeat analyses, deviations, and failed runs, must be retained.
Regulatory anchor: 21 CFR 211.194(a) requires complete data derived from all tests; Annex 11 (§9) requires retention of audit trails to support completeness.
Paper Example: Both initial and repeat sterility test results are kept in the QC file, even if the repeat passed.
Electronic Example: CDS retains all injections in a sequence, including failed or aborted runs, rather than allowing deletion.
Evidence: Full data sets with no missing pages, complete electronic records with audit trails showing aborted or failed attempts.
7. Consistent
Definition: Data must follow a logical sequence without gaps.
Regulatory anchor: 21 CFR 211.188(b) requires batch records to include complete information with consistent sequencing; Annex 11 (§10–11) calls for change control and periodic evaluation of computerized systems.
Paper Example: Equipment logbooks with continuous entries for each usage, showing no missing dates.
Electronic Example: Batch records in MES with sequential, unaltered time stamps for each step in the process.
Evidence: Sequential numbering of records, electronic audit trails demonstrating chronological order, and reconciliation of logbook pages.
8. Enduring
Definition: Data must be stored in a durable and secure form.
Regulatory anchor: 21 CFR Part 11.10(c) requires protection of records to enable accurate and ready retrieval; Annex 11 (§7, §17) requires secure storage and archiving.
Paper Example: Permanent laboratory notebooks stored in controlled archives, protected from damage.
Electronic Example: Electronic records maintained in validated servers with regular backups and disaster recovery plans.
Evidence: Archival procedures, system validation documentation, and backup logs showing restoration testing.
9. Available
Definition: Records must be accessible for review and inspection throughout their retention period.
Regulatory anchor: 21 CFR 211.180(c) requires records to be readily available for inspection; Annex 11 (§7.1) requires data to remain accessible throughout its retention period.
Paper Example: Archived paper batch records retrievable within defined timelines when requested by auditors.
Electronic Example: LIMS data accessible through controlled queries without relying on vendor intervention.
Evidence: Retrieval logs, documented access rights, and demonstration of rapid record access during audits.
10. Traceable / Transparent (the ++ principles)
Definition: Records must show clear traceability from creation to final use, with all changes documented and transparent.
Regulatory anchor: 21 CFR Part 11.10(e) requires secure, time-stamped audit trails; Annex 11 (§9, §12.3–12.4) requires operator identity and traceability of changes; PIC/S PI-041 highlights transparency as a critical ALCOA++ expectation.
Paper Example: Corrections in a logbook made with a single line through the original entry, initialed, dated, and reason provided.
Electronic Example: Audit trail in an electronic system recording every data change, including user ID, timestamp, and justification.
Evidence: Logbook corrections with signatures, validated audit trail reports, and change management records linked to quality events.
Where Draft Annex 11 Strengthens ALCOA++
The draft revision of Annex 11 builds on the established framework and makes several expectations more explicit. It translates ALCOA++ principles into clear operational requirements, particularly for electronic systems and outsourced services. Key areas of reinforcement include:
- Audit Trails: The draft Annex 11 explicitly requires that audit trails be considered GMP data, subject to review and retention just like raw results. This directly reinforces the ALCOA++ attributes of traceability and transparency.
- Metadata Management: It expands on the need to manage metadata (time stamps, user IDs, instrument parameters) with the same level of control as the primary data. This aligns with complete and accurate.
- Periodic Review: The draft requires more formalized periodic reviews of computerized systems, including evaluation of data integrity risks. This ensures records remain enduring and available.
- Cloud and Outsourcing: It introduces clearer expectations for data integrity in cloud-hosted systems and outsourced services, making attributable and consistent more challenging but also more important.
- Risk-Based Approach: Inspectors are encouraged to evaluate how companies justify their controls using risk assessment. This reflects the ALCOA++ attribute of critical thinking.
Applying ALCOA++ in CSV, CSA, and the Validation Lifecycle
The principles of ALCOA++ extend far beyond documentation practices. They are the backbone of how pharmaceutical companies design, validate, and maintain computerized systems.
Whether following traditional Computer System Validation (CSV) or adopting the FDA-encouraged Computer Software Assurance (CSA) approach, data integrity is only meaningful when ALCOA++ is consistently applied.
SEE ALSO: CSV vs CSA in Software Validation
Risk-based Тesting
Validation must reflect the criticality of the process and its impact on product quality and patient safety. Regulators now expect companies to justify why certain functions receive more intensive testing than others.
- High-risk functions (e.g., electronic batch records, laboratory information management systems) require fully scripted protocols and thorough documentation.
- Medium- or low-risk functions (e.g., reporting tools, user-friendly dashboards) may be tested using unscripted or exploratory approaches, provided evidence of accuracy and traceability is maintained.
- Key ALCOA++ link: Testing must always generate records that are attributable, contemporaneous, and transparent.
Supplier Documentation
Many validation activities rely on vendor-supplied information, but regulators expect manufacturers to demonstrate ownership. Simply filing away supplier protocols is not enough.
- Review vendor IQ/OQ protocols to ensure they address GMP-relevant functions.
- Perform gap assessments where supplier documentation does not cover specific user requirements.
- Confirm that supplier data, such as calibration certificates and audit trail specifications, are original, accurate, and available during inspection.
- Key ALCOA++ link: Ensuring supplier data is complete, enduring, and traceable.
Metadata and Аudit Тrails
Metadata are often overlooked, yet they are integral to data integrity. They provide the context that makes raw data meaningful.
- Time stamps, user IDs, system configurations, and method versions must be recorded and protected.
- Audit trails must capture who made the change, what was changed, when it occurred, and the reason for the change.
- Routine audit trail reviews are expected by both FDA and EU regulators, not only during inspections but as part of everyday quality oversight.
- Key ALCOA++ link: Metadata and audit trails ensure transparency, traceability, and accuracy.
Periodic Reviews
Annex 11 and PIC/S guidelines both require companies to conduct regular reviews of computerized systems. These reviews confirm that systems remain validated and that data remain reliable.
- Verification of user access rights, ensuring no shared accounts.
- Review of backup and recovery processes, including restoration testing.
- Checks on system patches, upgrades, and configuration changes that could impact data integrity.
- Confirmation that records remain available and legible for their retention period.
- Key ALCOA++ link: Reviews safeguard enduring, consistent, and available data.
Data Retention and Archiving
Data integrity does not end when a record is created. Companies must demonstrate that information can be retrieved long after the batch is released or the product is withdrawn.
- Define scientifically justified retention periods linked to product lifecycle and regulatory requirements.
- Validate archiving solutions to confirm that records remain readable and accessible over time.
- Use controlled migration processes when moving data between platforms, ensuring no loss of context or metadata.
- Key ALCOA++ link: Archiving practices secure complete, enduring, and legible records.
Department Playbooks: Applying ALCOA++ in Daily GMP Work
ALCOA++ principles are universal, but their practical application differs between functions. Inspectors expect to see evidence that each department integrates data integrity into its daily operations.
| Department | Key Risks | ALCOA++ Principles | Practical Controls |
|---|---|---|---|
| QC Lab | Loss of raw chromatograms, transcribed notes | Complete, Accurate, Traceable | Retain raw data, validate LIMS transfer, audit trail review |
| Manufacturing | Missing log entries, undocumented overrides | Contemporaneous, Consistent, Enduring | Real-time eBR entries, sequential equipment logs, SCADA audit trail checks |
| QA | Over-reliance on summaries, weak CAPA evidence | Traceable, Transparent, Available | Original data review, defined audit trail frequency, robust training documentation |
Quality Control (QC) Laboratory
QC labs generate large volumes of raw data through analytical instruments, microbiological testing, and environmental monitoring. ALCOA++ ensures that all results, passing and failing, are preserved and traceable.
- Chromatography systems (HPLC, GC): Raw chromatograms and metadata must be retained, not only printed summaries. Audit trails should be enabled and reviewed.
- Microbiological testing: Environmental monitoring plates and sterility tests must be recorded contemporaneously, with clear links to personnel and sampling locations.
- Data transfer: Results transferred to LIMS must be original, accurate, and verified against raw files.
- Documentation: Controlled laboratory notebooks or electronic templates should be legible, attributable, and free of transcriptions from scrap notes.
Key ALCOA++ link: QC labs must demonstrate completeness, accuracy, and transparency of all analytical data.
Manufacturing
In production environments, operators, supervisors, and automated systems all contribute to batch records. Data integrity failures here directly affect product quality.
- Batch manufacturing records (BMR/eBR): Entries must be contemporaneous, legible, and attributable, whether on paper or in electronic systems.
- Equipment logs: Usage and cleaning logs must be complete, consistent, and free of unexplained gaps.
- In-process testing: Values must be recorded at the time of testing, with no placeholders or generic “within range” entries.
- Automation systems (MES, SCADA): Audit trails must be active and reviewed, especially for overrides and alarms.
Key ALCOA++ link: Manufacturing relies on contemporaneous, consistent, and enduring data across the process lifecycle.
Quality Assurance (QA)
QA is responsible for oversight of data integrity across departments. Inspectors often scrutinize QA processes for gaps in the ALCOA++ application:
- Batch review: QA reviewers must have access to original data, not just summaries, and verify the completeness of records.
- Deviation and CAPA management: Entries must be attributable and contemporaneous, supported by traceable evidence such as audit trails and source records.
- Training records: Documentation must be legible, accurate, and linked to the individual employee.
- Audit trail review: QA should define frequency, scope, and methodology for routine review of electronic audit trails.
- Key ALCOA++ link: QA ensures that records are traceable, transparent, and available for inspection.
FAQ
How Does ALCOA++ Relate to Good Documentation Practices (GDocP)?
ALCOA++ and GDocP are closely linked but not identical. GDocP provides detailed rules for how documents should be written, corrected, and maintained. ALCOA++ is broader, covering not only documentation but also how data is generated, stored, and managed across the entire lifecycle. Together, they form a strong foundation for compliance in regulated environments.
Does ALCOA++ Apply Equally to Paper and Electronic Records?
Yes, the principles apply to both, but the implementation differs. In paper systems, compliance relies on documentation practices such as controlled logbooks, signatures, and legible handwriting. In electronic systems, compliance is achieved through validated software, audit trails, and access control.
Regulators do not differentiate in expectations; they only judge whether the record is trustworthy.
Can ALCOA++ Be Applied to Non-GMP Areas Like Pharmacovigilance or Clinical Trials?
Yes, ALCOA++ is used across all GxP areas, not just GMP. In pharmacovigilance, it ensures that adverse event reports are accurate and traceable. In clinical trials, it underpins Good Clinical Practice by ensuring the reliability of patient data. The framework is flexible enough to cover research, development, and post-marketing activities.
What is the Difference Between ALCOA++ and Data Integrity by Design?
ALCOA++ defines what good data should look like, while Data Integrity by Design focuses on building systems and processes that naturally produce such data. For example, a well-designed electronic system automatically captures user IDs and timestamps without requiring manual entry.
This reduces the risk of human error and enforces ALCOA++ by default. Together, they form a proactive approach to compliance.
How Do Companies Prove That Their Data Is “Enduring”?
Evidence comes from validated archiving and backup systems. Companies demonstrate that records remain retrievable even after software upgrades or hardware changes. Restoration testing of backups provides proof that data are not only stored but also usable. Regulators expect documentation of these activities in an audit-ready format.
Is ALCOA++ Relevant for Cloud-Based Systems?
Yes, cloud systems must meet the exact requirements. The challenge lies in ensuring traceability, availability, and security when third parties host data. Contracts must specify responsibilities for backup, access, and audit trail retention. Validation of the cloud environment and vendor audits are critical for demonstrating compliance.
How Often Should Audit Trails Be Reviewed to Meet ALCOA++ Expectations?
The frequency depends on the system’s criticality and regulatory expectations. For high-risk systems like chromatography data or electronic batch records, routine (often monthly or batch-by-batch) reviews are expected.
For lower-risk systems, periodic reviews may be sufficient if justified by risk assessment. The critical point is that reviews must be proactive, not reactive.
How Do Companies Apply ALCOA++ in Electronic Batch Records (eBR)?
Electronic batch records are designed to enforce contemporaneous, attributable, and complete data capture. Every entry is time-stamped and linked to a user ID. Systems to implement also sequence consistency and include embedded checks for accuracy. When validated properly, eBR systems embody ALCOA++ principles by default.
Final Thoughts
ALCOA++ has become the universal language of data integrity in the pharmaceutical industry. From laboratory notebooks to electronic batch records, its principles shape how information is created, managed, and preserved.
Regulators may phrase their observations in many ways, but almost all inspection findings can be traced back to weaknesses in one or more ALCOA++ attributes.
For companies, this framework serves not only as a compliance requirement but also as a practical tool for building trust in their processes. Applying ALCOA++ across all departments ensures that records remain reliable, inspections are handled with confidence, and patients receive products of consistent quality.
More importantly, it fosters a culture where data integrity is embedded in daily work, rather than being treated as a regulatory checkbox.
By viewing ALCOA++ as both a standard and a mindset, organizations can move beyond reactive corrections and develop inherently robust systems. In a world where pharmaceutical data are increasingly digital and interconnected, this mindset is essential for long-term success.
