Document Management + CGMP Compliance
FDA Perspective On Data Integrity
FDA makes the importance of data integrity crystal clear in warning letters and 483s. Want to remain in good standing with the FDA? Demonstrate clearly and quickly that you have a firm control on the data in your document management system in order to produce wise decision-making.
Properly Responding To FDA Warning Letter
The FDA uses warning letters – often representing a life sciences manufacturer’s last chance to avoid the more serious 483 — to help the life science manufacturer better understand the FDA’s expectations regarding data integrity and its role in your quality management system (QMS). Satisfy the agency with your warning letter response and you likely will not receive a 483.
FDA Inspector Questions Your Data Integrity: What Now?
If your data integrity has been questioned by an FDA inspector, the agency will demand a comprehensive investigation into the extent of the problem. Further, the agency “strongly” recommends hiring a qualified consultant.
4 Key Components of Your Internal Investigation
Your investigation should include these four critical elements.
- Detailed Investigation – Comprehensive protocol and methodology; a summary of all labs, manufacturing operations, and systems to be covered by the assessment; and a justification for any part of the operation that you elect to exclude from the investigation.
- Employee Interviews — Interviews of current and former employees to identify the nature, scope, and root cause of any data mistakes. The agency suggests bringing in an outside consultant to handle this part of the project.
- Facility Data Integrity Deficiencies – An assessment of the extent of data integrity deficiencies at your facility. Identify omissions, alterations, deletions, record destruction, non-contemporaneous record completion, and other deficiencies. Describe all parts of your facility’s operations in which you found data integrity shortcomings.
- Retrospective Evaluation – A comprehensive retrospective evaluation of the nature of the testing data integrity deficiencies. FDA recommends hiring a qualified third party with expertise in the area where potential breaches were found.
Risk Assessment On End User Impact
FDA also wants to see a current risk assessment of the potential effects of the observed failures on the quality of the product. Assessment should include thorough analysis of the potential risks to patients caused by the product owing to the data integrity lapse.
4 Critical Elements Of Corrective And Preventive Action (CAPA) Plans
Don’t forget a corrective action and preventive action (CAPA) plan. The effectiveness of a CAPA plan is almost always the first thing a FDA inspector checks out when they first arrive. Here, the FDA wants to see:
- Detailed CAPA Plan — This describes how you intend to ensure the reliability and completeness of the data you generate, including analytical data, manufacturing records, and all other data submitted to the agency.
- Root Cause Description — A comprehensive description of the root causes of your data integrity lapse, including any evidence that the scope and depth of your proposed new CAPA plan is commensurate with the findings of the original investigation and risk assessment.
- Enhanced Complaints Management Efforts — Interim measure describing the quality management actions you have taken or will take to protect patients and ensure the quality of your product, e.g. notifying customers, recalling product, conducting additional test, and/or adds lots to a stability program. It’s also critical to enhance complaint monitoring efforts.
- Long Term Plans — Long-term measures describing any remediation efforts and enhancements to procedures, processes, methods, controls, systems, management oversight, and human resources including training management.
Data Integrity + Document Management Process
While there are many examples from which to choose, a recent FDA warning letter serves as an excellent example of the importance FDA inspectors place on data integrity as part of your document management process.
Recent FDA Warning Letter Example
While there are many examples from November, Sekisui Medical Co., Ltd. received a warning letter after an inspection in June revealed significant data integrity issues.
- Failure to Maintain Data — The FDA inspector said the firm failed to maintain complete data from all laboratory analyses.
- Data Files in Recycle Bin — In addition, the inspector discovered numerous data files in the recycle bin folder on the computer connected to gas chromatography instruments GC-4 and GC-6.
- Improper Documentation — Records also show that the firm retested the lot without documented justification or an investigation. Worse, it allegedly only retained the final test result.
- Unable To Retrieve Data — The investigator also requested residual solvent release test data for two of Sekisui’s APIs, which managers were unable to retrieve. That’s another thing that sets of internal alarm bells in an inspector’s mind.
- Changes Not Captured in Audit Trail — In addition, investigators also discovered laboratory systems lacked controls to prevent deletion of and alterations to electronic raw data. The firm’s analyst demonstrated to the investigator that he could change the data, including injection time and date, without the changes being captured in the audit trail, prior to printing the results.
What Could Happen? FDA Withholds Approval
The stakes are high for Sekisui or any firm in a similar predicament if they don’t comply: FDA may withhold approval of any new applications or supplements listing a firm as a pharmaceutical manufacturer.
Automated Document Management Solution
You simply cannot take a risk with a manual document management process for data collection. An automated document management solution like AssurX provides clear and actionable information that can ease FDA inspector’s concerns. In addition, comprehensive information is at your fingertips that can aid in finding the root cause of any problem. There is no excuse to still use manual records for any part of your quality management process. Ask any company that has received a FDA warning letter or 483