The intent of this posting is to provide the reader with the different perspectives associated with an FDA inspection. This accounting and the reactions of the parties depicted here is based on a compilation of my experiences as a consultant working closely with clients and FDA inspectors.

 

THE PHARMACEUTICAL COMPANY

---

Background —  Yeah, you’ve been hearing noise about data integrity from your head of quality and understand that the cost to comply is astronomical, but you aren’t going to worry too much about it until it comes up during an inspection.

After all, as a company that has been around for over 15 years, you have experienced many regulatory inspections. Inspections always seem to come at a bad time and although you have to admit that your staff is not great at answering questions posed by the inspectors, all of the observations received to date have been minor. Observations are addressed and responses seem to be acceptable to the Health Authority as you don’t hear from them until the next inspection.

 

The Next Inspection — Notice comes for the next regulatory inspection and the site gets ready as usual. The inspector is someone who hasn’t inspected your site before and makes a beeline into the QC lab where he spends an eternity. During the daily wrap up, not only is the inspector talking about data integrity, he is also talking about possible fraud as well. He wants to speak with several of the bench chemists about the “irregularities” he has found in the laboratory – something about audit trails. And this was on the 1^st day.

The inspection report lists several data integrity observations – something about deleted files, Part 11, and exact copies. Your quality head looked like she was going to be sick when you asked her about it.

Your head of quality says that the inspector looked at lab data and found data integrity issues with lots tested over a 3-year period, the same as your product shelf life. As usual, your quality head prepared a response letter for your signature. The  letter said that the company had taken steps to revise lab SOPs and retrain everyone on data integrity. There were also assurances that the data integrity issues found by the inspector had been fixed.

The Warning Letter came 7 months later, and said that our actions were inadequate, that we are now subject to an import alert. The letter also suggested we engage the services of a 3^rd party consultant to assist us.

You are totally confused – after all, the site has operated the same way for 15 years, been inspected many times, and no inspector ever identified this data integrity problem. You know that your products are safe.

 

THE INSPECTOR

---

Background — Working for a Health Authority, your job is to inspect pharmaceutical manufacturing facilities. Your goal is to find any issues that may affect the health and safety of your fellow countrymen who may be taking any of the products manufactured at the sites you inspect. You have been with the agency for over 10 years, have conducted a lot of inspections, and have found a lot of issues over the years – some significant, but mostly minor.  Your job is to do the inspection, write a report that is distributed to the site that was inspected, and to your supervisor. You don’t pay much attention to what happens after that as it’s not your job.

You’ve had a lot of training about manufacturing processes, quality systems, and interview / inspection techniques. The interview / inspection techniques training seemed a lot like police interrogation techniques. You are a competent inspector but are not that comfortable doing lab inspections. You are surprised when you had to undergo additional training this past year on data integrity inspection techniques, which included a couple of weeks of instruction on laboratory inspections.

 

The Inspection — Your supervisor assigns you to your next inspection and reminds you to spend about 50% of the time looking for data integrity issues. You’ve inspected this particular site several times in the past and although the staff seem a bit nervous, you never found anything that appeared to be a risk to public safety.

You go to the laboratory and begin to apply the techniques you just learned. To your surprise, you see evidence of tests that were deleted or manipulated in some way. Why, looking at information from one lab system, you see inconsistent patterns in time stamps, and it looks like the same chemist did every analysis ever done on the instrument, 24 hours / day for 3 years. The only exception is an apparent 5-month gap where absolutely no data can be found. You are now very concerned that there may be some safety issues with the products from this factory after all.

When you ask the staff about the issues you’ve observed, no one can give you a coherent answer. You remind everyone in the audit room about the severity of the issues found, and even use the interrogation techniques you learned about. Still nothing. You suspect that they are hiding something. You aren’t sure what it is, but you are very suspicious. You write up your report, carefully identifying your observations, give a copy to the company and email a copy to your supervisor.

As you leave the site, you feel like you have really earned your paycheck, and are protecting the people of your country from products that may very well be unsafe and / or ineffective.

 

THE EXTERNAL CONSULTANT (me)

---

Background — You’ve been in the consulting business for about 25 years and have pretty much seen everything. Your boss gave you this assignment and it sounded typical of the last 4 you’ve worked on. The client is upset that they have received a Warning Letter and because of the import alert, are concerned about the loss of business. They want your help but don’t really understand why they got the Warning Letter in the first place or what it will take to make it all
“go away.” After all, nothing changed in how they operated.

Remediation — During your first meeting with the site head and staff, you explain why they got the Warning Letter, and explain what it will take to get the import alert lifted. You carefully explain that revising SOPs and retraining staff do not address the Regulator’s concerns about the safety of the products that are already in the market. The site head interrupts you to say that his company’s products are safe. You explain that because of the data integrity issues found, the inspector had no confidence in any of the data generated by the site that might show that the products are safe, hence the Warning Letter.

You explain that getting the import alert lifted will require replacing laboratory instruments, upgrading software, revalidation activities, and a retrospective review of all product lots that have not yet expired. The site head does a quick calculation in his head to determine just how many lots were produced, and realizes that at 3 batches per day, there are over 1,000 batches to be reviewed. The site head is getting upset, and wants to know how many days you will be on site.

So, before you answer, you lay out on the conference room whiteboard exactly what will be needed for the import ban to be lifted:

• Lab instrumentation
  • New laboratory HPLCs, GC, FTIR
  • New computers to run the instruments
  • New software that is Part 11 compliant
  • Computer system validation for each instrument
  • Revised SOPs associated with the operation of the instruments
• Retrospective review of products within expiration date
  • Batch records
  • Analytical data (raw material, in-process, finished product test data)
• Prospective review of products
  • Batch records
  • Analytical data

Because it will take some time to implement lab upgrades, you recommend 3^rd party oversight of the lab, to ensure that there are no data integrity issues until the new equipment is qualified. You also mention that it may be necessary to have an external lab test retained samples, and if there is a problem, a recall may be required.

The site head asks again, how long you will be on site. You preemptively ask him a couple of questions:

“How many people do you have who can do computer system validation?”

“How big are your batch records?”

“How soon do you want the import ban lifted?”

You explain that at best the FDA may be available to re-inspect the facility within 6 months. Based on the size and number of batch records to be reviewed, you estimate the number of man hours needed. You do the same with the lab instruments, but know that it may be several months before the equipment arrives and several more to complete the installation and validation activities.

Based on the information provided, your experience, and the level of support you are likely to receive from the client, you determine how many additional consultants will need to be on site. You also tell the site head and head of quality that at this point, it is impossible to guarantee exactly how long it will take, depending upon other problems that may be found and the extent of retesting that may be necessary.

Finally, you explain that the site MUST be absolutely ready when the FDA comes back to re-inspect. If the site fails re-inspection, the import alert will remain in effect, and the FDA will be slow to return to the site for another inspection.

The site head does not look well, but understands what is necessary to bring his facility back in operation. He reluctantly heads to his office to give his boss the news.

George Bernstein, Ph.D.
Principal, Double Dragon Consulting