Sunday, April 17, 2011

Current Pharmaceutical Industry CGMP Compliance Trends

It must be that time of year again when conference planners rack their brains on how to bolster dwindling attendance, because several have contacted me through this blog to ask my opinion on major trends in the pharmaceutical industry.

So with this edition I offer my opinion not only to those conference planners, but also to my readers. After all, why should you—my loyal readers—have to attend a pricey conference to hear what I told them?

But first, a note about—well, these pricey pharmaceutical conferences.

There are worthwhile conferences in our industry, but you really have to consider whether they are worth the price of admission. I have always thought that the best conferences were those with a strong FDA presence on the speaker roster. However, FDA speaker materials eventually become accessible to the general public. So, shortly thereafter, you can Google the name of the FDA speaker you saw in the pre-conference e-brochure and bingo. If it’s content you’re after, why not use your favorite search engine?

The worst conferences are those that recycle the same industry consultants—free advertisement. I'll save that subject for another time.

So—now to the subject at hand: current pharmaceutical industry CGMP compliance trends. Here are the top three, in my opinion:

1.    There is an emboldened FDA intent on measuring up under a keenly interested Congress.

·       There are sixteen (16) major pharma consent decrees dating from 1989 to 2010. What do they all have in common? No, it’s not bodies in the street. It’s GMP violations. Of these, only six (6) consent decrees have been vacated.
·       Eric Blumberg, FDA Chief Deputy Counsel for Litigation, has been saying for the last ten (10) years that the FDA cannot expect progress until individuals are criminally charged. We’re starting to see that now. (Enter stage left: KV’s Marc Herelin, InterMune’s W. Scott Harkonen, Forrest’s Solomon, Glaxo’s Lauren Stevens.)
·       Margaret Hamburg, FDA Commissioner, said that the FDA will no longer issue multiple Warning Letters. Criteria have been developed for selecting cases for criminal prosecution of individuals.

2.    When there are repeated observations, the FDA questions the willingness and ability of the Quality Unit to exercise its responsibility.

·       Repeated FDA483 observations are considered a failure of the Quality Unit, as stated in numerous Warning Letters.
·       Warning Letter language recognizes that Quality Unit failure may be attributed to either an unwillingness to exercise its responsibility, or an inability due to lack of independence.
·       Recent high-profile cases have ineffective quality units in common.

3.    FDA expects the global deployment of the Quality Management System and oversight by corporate management.

·       Corporations are expected to have oversight of the quality and regulatory compliance of their operating units.
·       Some companies have “flattened” their organizations into non-compliance and lack of oversight upon the questionable advice of efficiency and cost-reduction experts.
·       The Parke Doctrine holds management responsible although they may not have been directly involved or aware of violative conditions. Some of these individuals have appeared before Congress.

Now, here’s the funny thing. One conference planner asked if this anonymous blogger would agree to be a speaker. What part of “anonymous” didn’t they understand?

Perhaps I could make it work? Perhaps a backlit screen projecting my trademark silhouette?

The QA Pharm

Friday, April 8, 2011

Data Integrity Questioned at Ningbo Smart

The Warning Letter to Ningbo Smart Pharmaceutical Company (March 30, 2011) revealed that they had reported conformance to specifications on Certificates of Analysis when in fact—no testing was done. (Among other issues.)

FDA rather understatedly informed Ningbo Smart, “It is essential that your firm only report results to customers when you have actually performed the analysis.”

However, FDA was quick to advise the Chinese API manufacturer of the full implication of their testing and reporting practices. “This serious CGMP violation raises concerns regarding the reliability and integrity of other data generated by your firm.”

This was the same language used by FDA in the Warning Letter (January 28, 2010) to Xian Libang Pharmaceutical Company in Shaanxi, China for using the infrared spectra for one lot of incoming material to support the release of subsequent material.

The term “data integrity” is not just casual language. It is a direct reference to the FDA Application Integrity Policy (AIP) that FDA invokes when there is evidence of fraud, bribery or other acts that impact the validity of data used to support marketing applications.

The FDA Application Integrity List is the list you don’t want to be on. Here’s the list:

When FDA uses the term “data integrity” as it did with Ningbo Smart, it is another way of saying, “Why should I trust any data out of your firm?” As a result, FDA halts its review of pending new drug applications and proceeds to withdraw approved applications.

Remember, Ranbaxy was put on that list in 2009 for claims of falsifying data on product shelf life. Ranbaxy reported that it had tested compounds at room temperature when products were actually stored in a refrigerator. In addition, it tested data at different time points than claimed in drug applications.

But notice that FDA places the blame for the failure at Ningbo Smart squarely on the Quality Unit.

·       “Failure of your quality unit to ensure that materials are appropriately tested and the results are reported.”
·       “Failure of your QCU to exercise its responsibility to ensure the APIs manufactured at your facility are in compliance with CGMP, and must meet established specifications for quality and purity.”
·       “Your QCU released API lots to the U.S. without assuring that all the required tests are performed.”
·       “Your QCU also failed to detect that your COAs stated that…conformed to specifications, although the test was not performed.”

In fact, the ultimate slight was FDA’s recommendation that they hire a third party auditor, with experience in detecting data integrity problems, to assist them in evaluating their overall compliance with CGMPs. I’ve reported previously (The QA Pharm 9/25/10) that such recommendations are a vote of no confidence in the QCU.

So what can a QCU do to prevent data integrity problems?

1.    Encourage your company to establish a data integrity policy to show that you are serious about falsification of data and that it is a cause for termination. Train on this policy.
2.    Establish a general standard for Good Documentation Practices so that even the most innocent recording issues cannot be perceived as fraudulent. Train on this standard.
3.    Establish a specific procedure on sampling/testing requirements and laboratory data recording to be clear about incoming, in process, and final testing requirements. Train on these procedures.
4.    Provide specific training for secondary reviewers/approvers to ensure Good Documentation Practices are followed and suspicious results and trends are investigated.

It is impossible to prevent someone who is intent on falsifying data. However, even well meaning (but uninformed) people can give the impression of fraudulent data by erasures, unexplained cross-outs, incomplete blanks on forms, varying significant figures, signing documents after the fact, omitting/inserting data without explanation, etc. Such sloppiness at the least gives an impression of a questionable lot history, at the most—fraud.

The FDA correctly criticizes the QCU at Ningbo Smart. The QCU (a.k.a. Quality Assurance) is responsible for establishing a compliant Quality Management System (QMS) that is capable of detecting and self-correcting in order to maintain a state of control.

The QCU must be able to demonstrate that it has established and trained on policies and procedures that are designed to take data integrity seriously.

Let this be a reminder to take a second looks at your data integrity program. Go forth.

The QA Pharm