An FDA Data Integrity 'bullet list' - 2 years later

"Those who will not learn from the past ..."

A recent warning letter (JULY 2018) was just posted and it focused on Data Integrity. I have already shared comments on it here. While reading the letter I came across that FDA list of 'strong suggestions,' They first came to light, at least to my eye, in a 2016 warning letter. Having taken the time to reread them, 28 months later, they are still the same in this 2018 letter but let's try for the emphasis.

+++++++++++++++++++++++++++++++++++++

Your quality system does not adequately ensure the accuracy and integrity of data to support the safety, effectiveness, and quality of the drugs you manufacture. We strongly recommend that you retain a qualified consultant to assist in your remediation.

 In response to this letter, provide the following.

A.    A comprehensive investigation into the extent of the inaccuracies in data records and reporting. Your investigation should include:

• A detailed investigation protocol and methodology; a summary of all laboratories, manufacturing operations, and systems to be covered by the assessment; and a justification for any part of your operation that you propose to exclude.
• Interviews of current and former employees to identify the nature, scope, and root cause of data inaccuracies. We recommend that these interviews be conducted by a qualified third party.
• An assessment of the extent of data integrity deficiencies at your facility. Identify omissions, alterations, deletions, record destruction, non-contemporaneous record completion, and other deficiencies. Describe all parts of your facility’s operations in which you discovered data integrity lapses.
• A comprehensive retrospective evaluation of the nature of the testing, manufacturing and other data integrity deficiencies. We recommend that a qualified third party with specific expertise in the area where potential breaches were identified should evaluate all data integrity lapses.

B.     A current risk assessment of the potential effects of the observed failures on the quality of your drugs. Your assessment should include analyses of the risks to patients caused by the release of drugs affected by a lapse of data integrity, and risks posed by ongoing operations.

 C.   A management strategy for your firm that includes the details of your global corrective action and preventive action plan. [Comment - This echo's the seminal year 2000 warning letter to a company in the US Midwest that began the push on enforcing 21 CFR Part11, after the industry had survived 'Y2K.'] Your strategy should include:

• A detailed corrective action plan that describes how you intend to ensure the reliability and completeness of all the data you generate, including analytical data, manufacturing records, and all data submitted to FDA.
• A comprehensive description of the root causes of your data integrity lapses, including evidence that the scope and depth of the current action plan is commensurate with the findings of the investigation and risk assessment. Indicate whether individuals responsible for data integrity lapses remain able to influence CGMP-related or drug application data at your firm.
• Interim measures describing the actions you have taken or will take to protect patients and to ensure the quality of your drugs, such as notifying your customers, recalling product, conducting additional testing, adding lots to your stability programs to assure stability, drug application actions, and enhanced complaint monitoring.
• Long-term measures describing any remediation efforts and enhancements to procedures, processes, methods, controls, systems, management oversight, and human resources (e.g., training, staffing improvements) designed to ensure the integrity of your company’s data.
• A status report for any of the above activities already underway or completed. 

++++++++++++++++++++++++++++++

There are many 'third party resources currently, and still being, retained to address such issues. The key of course is "qualified" ( cf 21 CFR 211.34 ) The larger question is how the site/ organization got this deep into these issues. And then, how to keep them from digging further. (This is not always easy. I will refrain from sharing any stories ....)

If you wish to go directly to this most recent warning letter, as of today at least, click here. [Backup reference - ucm6146069] Comments, questions and corrections will be cheerfully accepted.

#dataintegrity #FDA #pharmaceuticalapi