The paper wants to investigate how data integrity can be combined with information security concerns while ensuring compliance with industry regulations and standards, which is to be solved in a global guidance document. For this purpose, a case was selected where Endress+Hauser is the supplier of a certain measurement device for a company, which operates in the Life Science Industry. The case was selected as it provides new insights into the subject of data integrity combined with information security, challenges existing approaches, and proposes a conceptual solution to the issue.

The case was described and analyzed in detail, all relevant aspects were combined to give contextual details about the case and connected with the literature and theory gathered. Therefore, the system of the client was described in detail from an architectural viewpoint as well as regarding the data flows. It was clearly defined between which components of the system data integrity needs to be combined with information security. The results from the case study were combined with the theory from the literature review and a solution matching the needs and requirements of the client was created.

The global guidance document consists of different sections targeting the different aspects. The first component covers how data integrity can be ensured internally, throughout the whole lifecycle from raw data production to storage. Following, the second component targets the backup strategy, that guarantees integrity and security of the data when it is archived. The information security request regarding data integrity will be part of the third component and the fourth component targets different qualification services that are offered by Endress+Hauser to the client. From a commercial perspective the potential long-term benefits, such as detection and mitigation of security threats, incident response and recovery, business continuity, data preservation and maintaining reputation, as well as compliance with data integrity regulations, outweigh the expenses. While initial investments are needed, the measures ensure compliance and enable efficient recovery, which also protects the financial interests of the company. Moreover, they demonstrate the company’s commitment to data integrity and security as well as the overall importance of operational resilience.