Electronic vs. Paper Records: Which Is the True Record?

The Common Argument: “Paper Is the True Record”

During my consultation work with pharmaceutical and medical device companies, I frequently encounter the following assertion:

“At our company, supervisors thoroughly review all records and affix their signatures (or seals). Therefore, the paper record is the true record (the original).”

However, this argument is fundamentally based on an assumption of good faith—a presumption that all parties will always act with integrity and honesty.

Regulatory Philosophy: Presumption of Potential Misconduct

Regulatory inspections conducted by authorities in Europe and North America, particularly those by the US Food and Drug Administration (FDA), are typically conducted based on a presumption of potential misconduct rather than good faith. This is not because regulators assume companies are inherently dishonest, but rather because quality systems must be designed to prevent misconduct even when significant pressure exists to compromise integrity.

The rationale for this approach is straightforward: if a company experiences a serious quality issue—such as product disposal due to Out-of-Specification (OOS) results, product recalls, patient safety events, or other significant quality problems—economic pressures may create incentives for executives or supervisors to instruct personnel to manipulate data or falsify records. When facing substantial financial losses, the temptation to alter data to avoid costly consequences can be significant.

Why Individual Operators Typically Do Not Commit Fraud

Individual operators and technicians generally do not commit data integrity violations or fraud on their own initiative. The reasons are clear:

First, they lack motivation to commit fraud. Unlike executives or supervisors who may face consequences for poor business results, individual operators have no personal stake in whether a batch is released or rejected. They simply perform their assigned tasks and document the results.

Second, they receive no incentive from committing fraud. Altering data provides no benefit to the individual operator—no bonus, no promotion, no recognition. In fact, if discovered, data manipulation would likely result in disciplinary action or termination of employment.

The Reality: Fraud Often Originates from Management

In most cases where data integrity violations occur, the pressure or instruction to manipulate data comes from supervisors or management personnel. These individuals may face significant consequences if batches are rejected, if investigation costs escalate, if production schedules are disrupted, or if their department’s performance metrics suffer.

This is why regulatory authorities worldwide have placed increasing emphasis on “quality culture” and management responsibility for data integrity. The FDA’s Quality Management Maturity (QMM) program, the European Medicines Agency (EMA) guidance on quality culture, and the UK Medicines and Healthcare products Regulatory Authority (MHRA) data integrity guidance all recognize that senior management commitment to integrity is essential for preventing data integrity violations.

Therefore, the argument that “supervisors thoroughly review records and sign them, so paper is the true record” does not satisfy regulatory expectations. Supervisor review and signature on paper does not, in itself, ensure data integrity when the electronic systems underlying those paper records lack adequate controls to prevent unauthorized modification.

The “Typewriter Excuse”: A Historical Regulatory Discussion

After 21 CFR Part 11 “Electronic Records; Electronic Signatures” was published in 1997, an interesting debate emerged in the United States regarding the scope and application of the regulation.

Industry’s Initial Argument

Some pharmaceutical companies initially argued:

“The true record is the paper record. We are merely using computers to create records—essentially using them as typewriters.”

The implication of this argument was that because the computer was being used only to generate printed records (like a typewriter), the regulation applicable to electronic records—21 CFR Part 11—should not apply to their systems.

This argument became known as the “Typewriter Excuse.”

FDA’s Response: Fundamental Differences Between Typewriters and Computers

The FDA responded to this argument by clarifying the scope of Part 11. The agency stated that Part 11 does not apply only when computers are truly used like typewriters—that is, when no electronic record is created, modified, maintained, archived, retrieved, or transmitted. However, if electronic records are created and retained, even temporarily, Part 11 requirements apply.

The fundamental distinction is this: Typewriters and computers differ significantly in their capabilities and associated data integrity risks.

Characteristics of Typewriters: “One Time Printing”

The defining characteristic of a typewriter is “One Time Printing.” When you type on a typewriter, the characters are mechanically stamped onto paper through an inked ribbon. Once printed, that specific impression cannot be reproduced exactly. There is no electronic record, no file stored in memory, no ability to print the same document again with identical characteristics.

Characteristics of Computers: Electronic Record Retention

In contrast, computers create and store electronic records. These electronic files can be:

• Printed multiple times, producing identical-appearing documents
• Modified after initial creation, with or without leaving evidence of the modification
• Saved, copied, deleted, or transferred to other systems
• Accessed by multiple users, depending on system controls

The Data Integrity Risk: Manipulation Without Detection

This fundamental difference creates a significant data integrity vulnerability. When a computer system retains electronic records, the following fraudulent scenario becomes possible:

1. An electronic record is created and initially printed
2. The paper record is reviewed and signed by a supervisor
3. Later, after discovering an error or unfavorable result, someone with system access modifies the electronic record
4. The modified electronic record is reprinted
5. The original signatures are backdated onto the reprinted document, or new signatures are obtained on the modified document without disclosing that the underlying data has changed
6. The original printed record is discarded, leaving only the manipulated version

Without adequate controls—such as those required by 21 CFR Part 11, including audit trails, access controls, and system validation—this type of manipulation can be extremely difficult to detect.

Paul Motise’s Perspective: The Limitations of Printouts

Paul Motise, who led the FDA’s Part 11 initiative during its development and early implementation, articulated the fundamental problem with treating paper printouts as the “true record”:

“Printouts cannot be inherently trusted. Printouts do not contain the metadata information necessary to reconstruct the data or reproduce it from the raw data.”

The Critical Role of Metadata

Metadata is “data about data”—information that provides context, meaning, and traceability for the primary data. In computerized systems, metadata typically includes:

• User identification: Who created, modified, or reviewed the data?
• Timestamps: When was each action performed?
• Audit trails: What changes were made, when, by whom, and why?
• System information: What instrument or system generated the data?
• Version information: Is this the original record or a subsequent version?
• Processing parameters: What settings, methods, or algorithms were applied?

Why Paper Records Lack Sufficient Metadata

Paper printouts typically lack this critical metadata, or include only limited metadata that can easily be manipulated if the electronic record is modified and reprinted. Consequently:

• Paper records provide no audit trail of modifications to the underlying electronic data
• Paper records cannot reveal whether data was altered after initial creation but before printing
• Paper records cannot demonstrate whether the printed document is the original printout or a subsequent reprint of modified data

This is why paper printouts alone cannot be considered trustworthy when electronic records exist in the underlying system.

Hybrid Systems: Understanding the True Record

A critical concept that many organizations misunderstand is the true nature of “hybrid systems“—systems that combine electronic records with handwritten signatures on paper.

The Fundamental Principle of Hybrid Systems

In hybrid systems (electronic records + handwritten signatures), only the signature is on paper. The record itself remains electronic.

This distinction is absolutely critical and is frequently misunderstood. When a company uses a computerized system to create records, then prints those records and obtains handwritten signatures on paper, this is a hybrid system. The signature is “hybrid” (handwritten rather than electronic), but the underlying record remains electronic.

How Regulatory Inspectors Approach Hybrid Systems

When regulatory inspectors encounter hybrid systems during inspections, they employ a specific investigation strategy designed to detect potential data manipulation:

Records are investigated electronically, while signatures are verified on paper.

The inspector’s process typically includes:

1. Reviewing the electronic records in the computerized system, including:
   1. Audit trails showing creation, modification, and printing events
   1. Metadata showing who accessed the records and when
   1. Version histories showing whether data was modified after initial creation
   1. System logs showing printing events and their timing
2. Reviewing the paper records to verify:
   1. Signatures are present and properly executed
   1. Dates on signatures align with electronic timestamps
   1. The printed content matches the electronic record currently in the system
3. Comparing the electronic and paper versions to detect:
   1. Discrepancies indicating the paper record was printed from a modified electronic version
   1. Evidence of reprinting after the original signature dates
   1. Missing audit trail entries that should exist if the records were handled properly
   1. Backdating or other signature irregularities

The Purpose: Detecting Data Manipulation

The primary objective of this dual investigation approach is to detect data manipulation or falsification. By comparing the electronic audit trail with the paper signatures, inspectors can identify scenarios such as:

• Electronic records modified after paper signatures were obtained
• Records reprinted after modification, with signatures backdated
• Deletion or modification of data after review and approval
• Unauthorized access to systems by supervisors or others to alter results

This is why hybrid systems require robust electronic controls even though signatures are handwritten. The electronic record must be protected with all applicable 21 CFR Part 11 controls, including:

• System validation to ensure proper operation
• Secure, timestamped audit trails that cannot be disabled or modified by users
• Authority checks to limit system access and privileges
• Operational system checks to enforce permitted sequencing of steps and events
• Device checks to determine the validity of the source of data input or operational instruction

The Critical Rule: Never Delete Electronic Records

The Absolute Prohibition

Paper signatures do NOT provide authorization to delete electronic records. Electronic records must be retained throughout the entire retention period required by applicable regulations.

This principle cannot be overstated. Many companies make the serious error of believing that once a paper record has been signed, the underlying electronic record can be deleted or overwritten. This is fundamentally incorrect and represents a serious data integrity violation.

Why Electronic Records Must Be Retained

Electronic records must be retained because:

1. The electronic record is the true record. When a computerized system is used to create, modify, or maintain records, the electronic version is the original record that contains the complete data and metadata necessary for regulatory review.
2. Paper printouts are copies. Paper printouts derived from electronic systems are, by definition, copies of the electronic record. They may be “true copies” if properly controlled, but they are not the original.
3. Audit trails exist only electronically. The audit trails, metadata, and system logs that demonstrate data integrity exist in electronic form. Deleting the electronic records destroys this evidence.
4. Regulatory inspections require access to electronic records. Inspectors need to review electronic records, audit trails, and metadata to verify data integrity. If electronic records have been deleted, this review is impossible.
5. Part 11 explicitly requires electronic record retention. 21 CFR Part 11 requires that electronic records be retained for the periods required by predicate rules (the underlying regulations requiring the records, such as 21 CFR Parts 211, 820, etc.).

What Happens When Electronic Records Are Deleted

Deleting electronic records after obtaining paper signatures creates several serious problems:

Loss of Audit Trail: The complete history of data creation, modification, and review is lost, making it impossible to verify data integrity.

Inability to Detect Manipulation: Inspectors cannot determine whether data was manipulated because the electronic evidence has been destroyed.

Regulatory Violations: Deletion violates 21 CFR Part 11 requirements and potentially violates predicate rule requirements for record retention.

483 Observations and Warning Letters: Companies that delete electronic records frequently receive FDA Form 483 observations or Warning Letters citing data integrity violations.

Loss of Regulatory Credibility: Deletion of electronic records severely damages the company’s credibility with regulatory authorities and may result in increased inspection frequency or other enforcement actions.

Regulatory Requirements for Electronic Records and Data Integrity

The regulatory framework for electronic records and data integrity has evolved significantly since 21 CFR Part 11 was first published in 1997. Multiple regulatory authorities worldwide have issued guidance documents that clarify expectations and requirements.

United States FDA Requirements

21 CFR Part 11 remains the foundational US regulation for electronic records and electronic signatures. Key requirements include:

• System validation (§11.10(a) and §11.30)
• Audit trails that record creation, modification, and deletion of electronic records (§11.10(e))
• Authority checks to ensure only authorized individuals use the system or access data (§11.10(d))
• Secure, timestamped audit trails (§11.10(e))
• Accurate and complete copies of records for inspection (§11.10(b))
• Protection of records throughout the retention period (§11.10(c))

The FDA’s 2003 guidance “Part 11, Electronic Records; Electronic Signatures—Scope and Application” clarified that FDA would exercise enforcement discretion on certain Part 11 requirements but emphasized that predicate rule requirements (the underlying GMP, GCP, and GLP regulations) must always be followed.

In October 2024, FDA finalized guidance on “Electronic Systems, Electronic Records, and Electronic Signatures in Clinical Investigations” providing updated recommendations for electronic systems used in clinical research.

ALCOA Principles: FDA guidance documents consistently reference the ALCOA principles for data integrity. Data must be:

• Attributable: Data must be traceable to the individual who generated it
• Legible: Data must be readable and comprehensible
• Contemporaneous: Data must be recorded at the time the activity is performed
• Original: The original record (or a certified true copy) must be available
• Accurate: Data must be free from errors and accurately reflect observations

European Union and UK Requirements

EU GMP Annex 11 “Computerised Systems” provides detailed requirements for computerized systems used in GMP environments, including:

• Risk management approach to system validation
• Requirements for audit trails
• Change and configuration management
• Security controls
• Incident management
• Business continuity planning

MHRA GxP Data Integrity Guidance (Revision 1, March 2018) expanded the ALCOA principles to ALCOA+, adding four additional attributes:

• Complete: All data must be complete and include all applicable information
• Consistent: Data must be internally consistent and presented in a consistent format
• Enduring: Data must be durable and persist throughout the retention period
• Available: Data must be readily available for review throughout the retention period

The MHRA guidance emphasizes that data integrity is a fundamental component of good data governance and quality systems, requiring appropriate organizational culture, education, and technology controls.

PIC/S and WHO Guidance

PIC/S PI 041-1 (September 2021) “Good Practices for Data Management and Integrity in Regulated GMP/GDP Environments” provides a risk-based approach to data integrity that is aligned with the MHRA guidance and recognizes ALCOA+ principles.

WHO TRS 996 Annex 5 “Guidance on good data and record management practices” defines data integrity requirements applicable globally and provides practical examples of controls for both paper-based and electronic systems.

The Evolving Concept: ALCOA++

Some recent guidance documents and industry practice have evolved ALCOA+ further to ALCOA++, adding additional principles:

• Traceable: The complete data lifecycle can be traced and reconstructed
• Robust: Systems and processes resist accidental or deliberate compromise
• Integrity-protected: Technical and procedural controls ensure data cannot be modified inappropriately

Practical Implications for Organizations

Understanding that electronic records are the true records when computerized systems are used has several critical practical implications for pharmaceutical and medical device companies.

System Design and Validation

Organizations must design and validate their computerized systems to ensure:

• Electronic records are protected from unauthorized modification
• Comprehensive audit trails capture all data creation, modification, and deletion events
• Access controls limit system privileges based on job responsibilities
• Timestamping is secure and cannot be manipulated by users
• Data backups are regular, secure, and tested for recoverability

Quality Culture and Training

Senior management must establish and maintain a quality culture that:

• Recognizes data integrity as a core organizational value
• Empowers employees to report data integrity concerns without fear of retaliation
• Holds supervisors and managers accountable for data integrity within their areas
• Provides comprehensive training on data integrity principles and requirements
• Ensures adequate resources (time, personnel, systems) for proper data management

Inspection Readiness

Organizations must prepare for regulatory inspections by:

• Ensuring electronic records are readily available for inspector review
• Maintaining complete audit trails throughout the record retention period
• Training personnel on how to access and demonstrate system controls
• Having procedures for providing electronic copies of records to inspectors
• Never deleting electronic records based on the existence of paper signatures

Addressing Hybrid Systems Appropriately

For organizations using hybrid systems (electronic records with paper signatures):

• Implement full Part 11 controls on the electronic systems
• Train reviewers and signers that their paper signature does not authorize deletion of electronic records
• Maintain both electronic records and signed paper records throughout the retention period
• Ensure audit trails capture both electronic activities and paper signature events
• Have procedures that explicitly prohibit deletion of electronic records

Addressing Legacy Systems

Many organizations have “legacy” systems—older computerized systems that were implemented before current data integrity requirements were well understood. For these systems:

• Conduct risk assessments to identify data integrity vulnerabilities
• Implement compensating controls where technical system limitations exist
• Document limitations and controls for inspector review
• Plan for system upgrades or replacement with compliant systems
• Never claim legacy status exempts the system from data integrity requirements

Common Data Integrity Violations

Based on FDA Warning Letters, EMA inspection findings, and MHRA guidance documents, common data integrity violations include:

Failure to Maintain Audit Trails

Systems lack audit trails, audit trails are disabled, or audit trails are not reviewed. This prevents detection of unauthorized data modification.

Shared Login Credentials

Multiple users share usernames and passwords, making it impossible to attribute actions to specific individuals. This violates the “Attributable” principle of ALCOA.

Unauthorized Data Deletion

Electronic records are deleted after paper records are signed, eliminating the evidence needed to verify data integrity.

Backdating of Records or Signatures

Activities are documented after they occur, and dates are falsified to make it appear the documentation was contemporaneous. This violates the “Contemporaneous” principle of ALCOA.

Failure to Investigate Data Anomalies

Unexpected results, system errors, or data inconsistencies are not investigated, documented, and resolved. This suggests a weak quality culture where data integrity is not prioritized.

Inadequate System Validation

Computerized systems are not properly validated to ensure they operate as intended and maintain data integrity throughout the data lifecycle.

Lack of Access Controls

Systems allow inappropriate access, permitting users to perform functions beyond their job responsibilities or allowing unauthorized modification of validated systems.

Reprocessing or Reintegration Without Documentation

Analytical data (such as chromatography results) are reprocessed or reintegrated without documenting the reason and without retaining the original data. This violates the “Original” principle of ALCOA.

The Role of Technology in Ensuring Data Integrity

Modern technology solutions can significantly enhance data integrity when properly implemented, validated, and maintained.

Electronic Laboratory Notebooks (ELN)

ELNs replace paper laboratory notebooks with electronic systems that provide:

• Automatic timestamping of entries
• User authentication and attribution
• Built-in audit trails
• Search and retrieval capabilities
• Support for electronic signatures
• Integration with laboratory instruments

Laboratory Information Management Systems (LIMS)

LIMS provide comprehensive management of laboratory data, including:

• Sample tracking throughout the testing process
• Integration with analytical instruments for direct data capture
• Workflow management and electronic approvals
• Comprehensive audit trails
• Statistical analysis and trending capabilities
• Report generation with embedded metadata

Manufacturing Execution Systems (MES)

MES provide electronic management of manufacturing operations, including:

• Electronic batch records that replace paper Batch Manufacturing Records
• Real-time collection of process data from equipment
• Workflow enforcement to ensure proper sequencing of operations
• Electronic review and approval workflows
• Material tracking and genealogy
• Production scheduling and resource management

Document Management Systems

Electronic document management systems provide:

• Controlled authoring and review workflows
• Version control with complete revision history
• Secure storage with access controls
• Audit trails of all document activities
• Electronic signatures for approvals
• Automated notifications and training management

Cloud-Based Systems and Software as a Service (SaaS)

Cloud-based quality management systems and SaaS applications offer:

• Centralized data storage with automatic backups
• Built-in audit trails and security controls
• Regular updates with validated changes
• Scalability for growing organizations
• Potential for real-time collaboration across sites

However, cloud and SaaS systems introduce new considerations:

• Data residency and sovereignty requirements
• Vendor qualification and oversight requirements
• Business continuity planning if vendor relationship ends
• Network security and data transmission controls
• Compliance with 21 CFR Part 11 requirements for “open systems”

Conclusion: Electronic Records Are the True Records

When organizations use computerized systems to create, modify, maintain, archive, retrieve, or transmit records required by regulatory authorities, the electronic records in those systems are the true records. Paper printouts derived from those electronic systems are copies—potentially “true copies” if properly controlled, but copies nonetheless.

The fundamental principles that organizations must understand and implement include:

Principle 1: Electronic Records Require Full Regulatory Controls

Electronic records must be managed according to 21 CFR Part 11 (in the US), EU GMP Annex 11 (in Europe), and equivalent requirements in other jurisdictions. These controls are not optional when electronic records are created.

Principle 2: Paper Signatures Do Not Eliminate Electronic Record Requirements

The use of handwritten signatures on printed records (hybrid systems) does not exempt the underlying electronic records from regulatory requirements. Both the electronic records and the signed paper records must be maintained.

Principle 3: Audit Trails and Metadata Are Essential

The audit trails and metadata associated with electronic records provide the evidence necessary to verify data integrity. Without access to these electronic artifacts, data integrity cannot be demonstrated.

Principle 4: Electronic Records Must Be Retained

Electronic records must be retained throughout the required retention period. Deletion of electronic records based on the existence of signed paper copies is a serious data integrity violation.

Principle 5: Data Integrity Is a Management Responsibility

Senior management must establish and maintain organizational culture, systems, and procedures that ensure data integrity. Management responsibility for quality cannot be delegated to individual operators or to computer systems.

Principle 6: The “Typewriter Excuse” Is Invalid

Claims that computerized systems are being used “like typewriters” and therefore exempt from electronic record requirements are invalid if the systems create, store, or transmit electronic records.

Principle 7: Inspection Focus Is on Detecting Manipulation

Regulatory inspectors investigate electronic records specifically to detect potential data manipulation, falsification, or other integrity violations. Organizations must design systems and establish cultures that prevent such violations.

The Future Direction: Enhanced Digital Integration

The pharmaceutical and medical device industries are moving toward increasingly digital operations, with technologies such as:

• Artificial intelligence and machine learning for data analysis and process optimization
• Internet of Things (IoT) sensors for real-time process monitoring
• Blockchain for supply chain traceability and data integrity verification
• Advanced analytics for predictive quality management
• Digital twins for process simulation and optimization

As these technologies are adopted, the fundamental principles of data integrity remain unchanged. Data must be attributable, legible, contemporaneous, original, accurate, complete, consistent, enduring, and available—regardless of the technology platform.

Regulatory requirements will continue to evolve to address new technologies, but the core expectation remains constant: electronic records must be trustworthy, reliable, and equivalent to paper records. This is only possible when proper controls are designed into systems, proper procedures are established and followed, and proper culture is maintained throughout the organization.

Organizations that embrace this understanding—that electronic records are the true records and must be managed accordingly—position themselves for regulatory success, quality excellence, and patient safety. Those that continue to rely on outdated paradigms, such as treating paper as the “true record” when electronic systems are actually being used, face significant compliance risks and potential regulatory action.

The choice is clear: implement proper electronic record controls, maintain complete audit trails, preserve electronic records throughout their lifecycle, and establish a quality culture that prioritizes data integrity above all other considerations. This is not merely a regulatory compliance requirement—it is a fundamental responsibility to patients and to public health.