Compliance Tips

FDA Compliance Tips:

Digital Pen Speeds Data Management, Helps FDA Compliance

Digital pen technology is an efficient data management solution that offers better operational visibility, enabling manufacturers to react quickly to the production process and respond to issues via immediate data access. Hyla Soft’s FactoryScribe is a lightweight web application built around Anoto digital pen technology. It helps streamline all business processes that revolve around paper by quickly capturing free text handwriting from paper documents and converting it into electronic data. The technology is best described by breaking it down into four areas: write, transmit or interpret, validate, and integrate.


The first component of the technology is the paper that each document is printed on. The paper is nothing more than regular plain white sheets you can buy at any office supply store; the difference is the actual printing of the documents. The first step is for Hyla Soft to recreate the existing documents so they can be used with FactoryScribe. Every document is printed with the original content but with a background that contains a unique dot matrix pattern. This matrix gives the paper a grayish tint and is barely visible to the naked eye. The matrix acts like an x-y coordinate plane to interpret the handwriting and to let the pen know the exact location on the page (e.g., text box, bubble, check box), and on what specific document a user is writing. As a user writes, the pen captures 70 pictures per second. The pen has the ability to hold up to 200 pages of data before a transfer is needed.

When users need to work with a specific document, they can go to the Factory Scribe web portal, select the desired report to use, and print it. Then they begin writing on the document as they would with a regular pen.

Transmit or interpret

Once the document is complete or the pen’s memory is full, the data need to be transferred. This can be done via Bluetooth or a USB docking station. Using Bluetooth, the pen can transfer the data to a smart phone, and the smart phone can forward the information to FactoryScribe’s web application. If the pen is docked in a USB station, the information is also automatically sent to FactoryScribe.

Data are stored in FactoryScribe’s database, where the document’s text is interpreted by the system and converted to digital text. The completed document is saved in a PDF format. Because the PDF is stored electronically, the original file can be discarded.


Once the information has been transferred and converted into digital text, each text area on a document can have its own tolerance for accuracy. This is set up when the document’s template is created. For example, if a lab technician is taking measurements that must be filled out and recorded for compliance reasons, then every area on the page where she would record that information could have a 95-percent tolerance. This means if FactoryScribe is not 95-percent sure it has interpreted the handwriting correctly, the document will be flagged. Flagged documents require additional validation. To do so, a user can log in to the FactoryScribe system and view documents that need further validation. When a user is validating the flagged documents, FactoryScribe shows her which fields need further verification and displays an image of the recorded handwriting for that text area. When all text areas in question have been reviewed, a user can submit the document with changes.

If a submitted document does not have any questionable data fields or has been validated by a user, it can be sent to a third-party system. By taking advantage of XML, FactoryScribe can be set up to export data to other systems such as SAP or Oracle.

The advantages of digital pen and paper include:

Improved operational visibility. Data availability changes from weeks of lag time to minutes or even seconds. More informed decisions can be made quicker, with real-time data.
Eliminate data entry, better compliance. Teams save time and the costs of manual data entry. Misplaced paperwork does not mean lost data; all digital copies are immediately archived with time, date, and author stamps as well as signatures.
Easy to use. Users don’t need to learn anything new as they do with laptop or tablet PC-based applications. They simply use the same system they’ve always used: pen and paper.
Bring products to market faster

The lab arena is one environment that could benefit from the FactoryScribe solution. Countless procedures done in labs are recorded on paper and then later stored or entered in laboratory information management systems (LIMS)—everything from quality tests to new product development. The time that it takes a lab technician to manage these data, including organizing them, manually transferring them from paper to a computer, and storing them, could be spent doing actual testing and providing product improvement and development.

With FactoryScribe, lab technicians no longer have to worry about data management and manual data entry. As technicians write with the pen, on regular paper, their handwriting is saved to the pen’s memory. The pen can record and save information from multiple documents, so technicians can switch between forms as needed. Once complete, a digital copy of the document can be transferred via Bluetooth or docking station to FactoryScribes database. From there the PDF files can be automatically managed and the handwriting extracted and converted to computer text. Once the data have been converted to computer text an interface allows seamless integration to another system such as a LIMS.

FactoryScribe can be validated so that it complies with the U.S. Food and Drug Administration’s guidance on electronic records and electronic signatures, 21 CFR Part 11.

For more information, visit the FactoryScribe website.

Avoiding these problems in GLP labs can save you a warning letter
Excerpted from The Journal of GXP Compliance

There are recurring themes of observations documented in warning letters that relate directly to laboratory and study management. They are:
1. QA fails to do its job
One common finding involves the failure of the quality assurance unit (QAU) to fulfill the require-ments of the GLP regulation. The following example illustrates a common theme found within warning letters:

Failure of quality assurance unit to monitor each study to assure management that the facilities, equipment, personnel, methods, practices, records, and controls are in conformance with applicable regulations.

Items used as specifics include lack of validation for laboratory methods, failure of the QAU to perform annual validation reviews as stated in standard operating procedures (SOPs), environmental monitoring not performed according to established schedules, failure to determine whether any deviations from approved protocols or SOPs had the proper authorization and documentation as required by SOPs, and a general lack of ensuring that the stipulated and often implied requirements of the GLP regulation are addressed satisfactorily.

FDA scrutinizes the quality of final reports with regard to statements or assertions that are not supported by facts or data. It is not uncommon for a warning letter to state that final reports failed to include a description of all circumstances that may have affected the quality or integrity of the data [21 CFR § 58.185(a)(9)] (1). Test and control article stability statements must be accompanied by the basis for the conclusion either by stability testing or alternative do-cumentation regarding why the test or control article is stable for the stated period and under established storage conditions. Also overlooked by the QAU is the requirement for each of the individual scientists or other professionals involved in the study to sign and date their reports. Finally, the lack of pharmacokinetic data and analyses and the scientist or other professionals involved in that portion of the study is a QAU responsibility, which will lead to an observation.

The QAU can circumvent problems and prevent issues of these types by creating a pre-study checklist such as the example presented in Table I.
The checklist should include all required elements for the study and will take substantial time to prepare, but it is worth the investment.

Another way to ensure that activities are com-plete is simply by having someone in the QAU that has not developed the report perform an in-depth re-view of the report and list areas where questions or deficiencies exist. Finally, the QAU may contract a third party to perform an audit that includes the entire scope of the study, including test and control articles, facilities and equipment, laboratory and clinical as-pects, and a sampling of the data and reports. The audit should occur early in the process and not be put off until the study is completed to ensure that bad practices do not continue.

2. Equipment management
When equipment is involved in a GLP study, one cannot simply assume that the equipment plugs in and works as expected forever without some type of management. Human intervention is always required, even if it involves only elementary cleaning. These activities must be documented in a procedure and the actions recorded. Otherwise you can expect the following comment from FDA
Failure to adequately inspect, clean, and maintain equipment.

Warning letters include multiple observations of objectionable or absent practices when it comes to ensuring that equipment used in the study operates in a manner that produces accurate and reliable results.

The message here is if equipment is used in a GLP study, read the manual, develop written procedures, establish calibration and maintenance schedules, document daily and periodic activities, and perform reviews to ensure that things are in a state of good repair and control. Develop methods to investigate and remediate problems when deviations in operability occur and train individuals in these procedures

For example, if the temperature of a refrigerator is found to be outside the allowable limit, don’t ignore it. Determine what is in the refrigerator that re-lates to the study, assess its stability, determine the impact on the study, document corrective action and, by all means, document both the out-of-specification temperature and the temperature after remediation. Don’t forget to “tag out” nonconforming equipment as out of service if it fails to perform. Finally, apply these rules across the board. Remember, you are responsible for your own house and the study sites, so make sure that all equipment receives this measure of scrutiny, regardless of its location.

3. Bad laboratory practices
The lab is a world of its own. Often misunderstood in its capabilities, duties, regulatory require-ments, and throughput, the laboratory and the professionals working in it are required to respond to both reasonable and unreasonable or impossible tasks to support the GLP study. It is important to understand that just because an array of equipment fills a room, not all laboratory workers comprehend the criticality of their work in a study.

Numerous citations in FDA warning letters relate to the lack of the use of validated laboratory methods. Without even minimum validation, there is no assurance that the results of an analytical method reflect the true status or concentration of the analyte in the sample submitted for analysis. Methods for per-forming analytical method validation are beyond the scope of this article, but the resources listed in the references section will provide sufficient detail (2,3, 4).
Overlooking the laboratory and the counsel of quality lab workers can lead to a train wreck with the FDA, such as the following example:

The protocol required an analysis for CBC with ajjerential to he performed with regard to the test system, sheep. Instead of conducting this analysis as required by the protocol, you employed a contract facility, [redacted], that was not capable of performing this analysis on sheep Hood and instead attempted to run the test on equipment calibrated for humans, generating results you knew to be invalid. Even though you were aware of this problem, you ad not change to a laboratory capable of running the tests required by the protocol and ad not submit a protocol amendment to eliminate the requirement to conduct these hema-tology analyses.
This observation by FDA is a multi-layer failure that could have been avoided if communication, method validation status, and lab capabilities had been considered. The lesson here is that attention to detail is critical when choosing a contract lab.

It is acknowledged that not all studies can be performed in an in-house laboratory. Methods may re-quire expensive equipment, specialized training, ex-pensive materials, or even specialized environments. It may be a requirement to refer samples. But not all contract labs are created equal. The following are some points to consider:

* Inspect the facility – especially relating to its portion of the study. Ask questions. Ask to see equip-ment maintenance logs, SOPs, contingency plans, storage capabilities, receipt, storage, and traceability procedures for samples.
* Insist on GLP – Ensure that the contract laboratory is capable of operating under the GLP regulations.

* Review quality control – Good labs perform a strict regimen of quality control (QC) that accompanies the assays they perform. There should be a com-prehensive quality control procedure that details how results of quality control samples are interpreted and remedial activities when QC results fall out of specifi-cation. Review this remedial action and ask yourself if you would be satisfied with the documentation, approach, and strategy.

* Prepare a contract – A contract with an out-side lab should not only include the scope of testing, but should also define the means of communication that is required (i.e., problems, remediation, changes in personnel, changes in methodology, and the impact on the study), and the timing, format, and content of interim and final reports.

* Ensure the lab is capable – If the GLP testing includes rodents, primates, or other species, ensure that the laboratory has the proper experience with these animals. Additionally, request that normal limits for clinical pathology, blood, urine, and other sample values be provided.
Even if an in-house lab is used, the points to consider should be applied to an assessment of inter-nal capabilities, practices, and attention to quality It all pays off when the inspector visits.

4. SOPs are non-existent

The following excerpt from a GLP-related warning letter says it all:

The testing facility management failed to establish standard operating procedures (SOPs) adequate to ensure the quality and integrity of the data generated during the course of a study, to limit unauthorized and undocumented procedural deviations, and to establish controls to ensure accountability of SOPs.
While study protocols, contract agreements, professional affiliations, and stacks of impressive resumes are rarely overlooked during a GLP study, SOPs often are overlooked. Again, the details matter.

Even lowly SOPs such as operation of a pH meter are important if pH measurement comes into play in a study. Table III demonstrates a sampling from warning letters regarding the importance of hav-ing a complete suite of SOPs to support the study.

Note that it is not sufficient to have SOPs, but to have effective and directive SOPs that state how something is accomplished or performed. If there is a risk of failure when the task is performed, the procedure should direct the operator in specific steps to take. Every stage of the study where activity is required must be defined in writing that is complete, reviewed, controlled, and approved. The responsibility for this ultimately falls in the study director’s lap. However, it is really driven by the QAU, who must assess the requirements for and provide guidance to the development, training, and use of the procedures related to the study. The take-away here is to assess, develop, and operate under a documented system.

5. Missing data
You must take care of and account for specimens received and used in the GLP study. This requirement involves means of identifying, preserving, handling, and storing clinical and biological samples and the data that result from laboratory studies or clinical examinations. Failure to properly store specimens and data violates 21 CFR 58.51. The following are a few examples taken from warning letters that should have been no-brainers, but occurred:
* Raw study data are archived and maintained on open shelves in an unused restroom.

* There is no individual who is identified as being responsible for maintaining the archived data

* Access to the archive area is based on an honor system since all study personnel are issimi keys to the room
* The study director failed to assure that all raw data, documentation, protocols, specimens, and final reports were transferred to the archives during or at the close of the study
* The animal organs directed for collection in study were not transferred to the archives at the close of the study
* The protocol for study and resulting data were not transferred to the archives at the close of the study

A good GLP study will provide up-front thought to ensure that adequate plans are made to ac-count for the samples and documentation. Fail to do this and a warning letter will appear in your mailbox.

What You Need to Know About Vendor Audits

A vendor audit is a vehicle used by pharmaceutical companies, and other large companies as well, to inspect and evaluate a vendor’s quality management system, as well as its practices, products, and documentation. The need to conduct vendor audits stems from a higher need for quality control in an industry that needs to be more regulated than any other industry in the world. This need for a closer monitoring of a vendor’s qualities and practices stems from an ever-evolving quality control market, and an industry where quality products are a necessity, not a luxury.

One reason why organizations use audits is to reduce cost and improve quality control. They do this by creating the leverage of expertise of product and service providers as an alternative, instead of building equivalent capabilities in-house. This way of outsourcing partnerships between pharmaceutical companies and external pharmaceutical vendors has reached the top of many companies’ strategic imitative plans in recent years. This system of vendor auditing is being used by different companies, in different industries all over the world, but has really gained ground as a reliable business principle in the pharmaceutical industry.

The FDA requires that all inherent systems used to support agency regulated activities need to be validated and compliant with FDA rules and regulations. In more precise words, the system administrator is responsible for demonstrating that the application that was developed and tested is operating and maintained according to FDA quality control standards. In addition to this, the system administrator needs to be able to demonstrate the proper use of the procedural and technical controls, and that all applicable regulations are met.

The primary areas that need to be evaluated in a vendor audit are vendor viability, management responsibility, system accuracy, and data integrity. The main objectives for a vendor audit are to assess the quality management of the whole organization, through its procedures and data processes. It is an assessment of quality control measures taken by the vendor to assure that their products and services are acceptable for business transaction. During this audit they will also verify computer systems developed or used by the vendor, make sure they meet all of the regulatory requirements, as well as have the testing documentation requirements.

A vendor audit should not be only limited to making lists of good or bad things. It should be looked at more as an overall assessment of finding, from which you can draw your own conclusion. A vendor audit should be conducted to help your organization make quality decisions about services, products, vendors, and quality practices. It will provide your company a means to verify that third party vendors meet the applicable FDA laws and regulations, while reducing liability and effort on your part.

When done correctly a vendor audit can provide a great value to your company and organization, especially, in the system implementation and validation process. It allows for vendors and buyers to quickly establish relationships that will not only increase product quality, but reduce duplicated testing efforts, and start a new and constructive dialogue between buyer and vendor. To learn more about how to properly administer vendor audits in your company, contact a leading pharmaceutical consultant in your area.


How to Perform a Mock Audit

After you have defined the educational programs and standard operating procedures (SOPs) for government inspections, it is wise to choose several studies to apply to a mock audit.

You can base your selection on the criteria established by the FDA and on the type of work your company does; for example, a good option would be a crucial Phase 3 study that was recently completed and includes a good number of subjects, and it is also important to consider the accessibility of the data and the staff that will participate in a specific study.

First, choose a location and a study, and later develop a plan for your mock audit based on your SOPs and on the right FDA compliance program manual.

This plan should clearly state:

-The audit’s goals
-The project and location you chose
-The participants
-The time frames for completing the audit

Be very diligent when addressing the requests for information that the mock inspector will issue, taking into account the significant questions about regulatory knowledge, data validation, observance of SOPs, and compliance documentation.

Even more so, include an educational program into the mock audit process. Define how and when the participants will be “debriefed”, and how you will follow up on the lessons learned from the exercise.

Once you start the mock audit, make it as real as possible. Follow a clear plan and treat the mock inspector exactly as you would treat the real one. Everyone must remain “in character” throughout the whole process to get the best out of the activity.

It can be educational to invite managers, executives, and members of other projects to observe the mock audit; and it is because of the educational aspect that the mock audit requires immediate and thorough review of the lessons learned after it is finished.

The review process has to include:

-Comments from the mock inspector in regards to what was done well and what needs improvement.

-Observations from the QA team and others who witnessed the activity.

-Input from the participants about what happened during the audit and about the value of the activity.

-The creation of an action plan to take care of compliance issues and organizational deficiencies that surfaced during the exercise.

-A follow-up report to make sure the action plan is put into practice.

Take advantage of the debriefing process to ask the participants about any negative feelings that came up during the mock audit. A mock inspection may upset people, make them feel they were treated unfairly or criticized, or that the issues uncovered could be held against them.

Managers and executives who participated must make sure everyone understands that the results will not affect anyone’s job; otherwise, future mock audits will lose effectiveness due to employee fear.

Mock audits must be a regular practice of any pharmaceutical company’s training program; thus, it requires full management support and staff participation.

Pharmaceutical consultants believe that when these exercises are held at regular intervals, more and more people share the learning experience, and the company can regularly improve its level to face real audits as well as its operational systems.


FDA Inspection Wizard – What’s Scary Can Turn Out to Be a Piece of Cake

Although FDA inspections of clinical sites are not an indictment of something being wrong with a clinical site, it can nevertheless still be a scary experience, especially if you are not properly prepared.

An FDA inspection is basically a quality assurance process that is used to confirm clinical data management/integrity and regulatory compliance. Here we show you how to make it a piece of cake for your site and your nerves.

Kinds of inspections

-The most common FDA inspection is the ‘routine inspection’, prompted by a New Drug Application (NDA) submission. The typical candidates for a routine inspection are clinical sites that enroll the majority of patients in the NDA’s critical clinical trials.

-‘For Cause inspections’ are not common, and are prompted when the FDA receives a report of, or becomes aware of, suspicious behavior. Here are some reasons that may bring about such an audit:

_ The carrying out of many clinical trials

_ The carrying out of clinical studies outside of your specialization field

_ The reporting of much better effectiveness, less unfavorable effects, or different laboratory results from other sites studying the same drug

_ Having noticeable access to a large number of patients with a specific disease state for the setting

_ Complaints from a patient or sponsor in regards to regulations, protocol, or human rights violations

-Customer complaints that may trigger a product recall

How it all starts

It all starts with a phone call. The FDA will call to program an inspection at a time that is agreed between both parties and that does not interrupt the site’s activity. Nevertheless, they will only give you between 5 to 14 days notice, and will spend around 2 to 3 days on site.

You are entitled to ask what study they are going to inspect and who should be available during the visit, and contact the study sponsor immediately, because this sponsor can give you good suggestions and they are not directly notified by the FDA about clinical site inspections.

Before the inspection, gather these documents for the study in question:


-Investigator’s brochure and IND Safety Reports

-Form FDA 1572 with accompanying CVs

-IRB correspondence, including approval documentation and final report to IRB and Sponsor

-IRB-approved Informed Consent form

-IRB-approved advertising

-Correspondence related to the study, excluding investigator agreement and financial information

-Monitor sign-in log

-Laboratory certification documents

-Drug accountability records

-Each subject’s signed informed consent

-Assess support areas, like pharmacy or lab, to make sure they are properly prepared. The FDA may tour the facility

Be ready to answer these questions:

– Where was the study done?

– What special equipment was used?

– Who assisted in doing the study?

– What were each person’s specific responsibilities?

– Describe the sponsor’s monitoring procedures and your interaction with the monitor.

– How did you account for the drug received, distributed to, or returned from subjects? Were all drugs returned to the sponsor?

Train your personnel to relate to the FDA. You must show you are a professional and should answer questions in a direct way, without giving information they haven’t requested.

When the inspector arrives

First, check his ID, because you don’t want an unauthorized person checking your files. The inspector will fill a Notice of Inspection (FDA Form 482) and will hand it to you.

1.The inspector will begin by determining the nature of the investigator’s conduct of the study. He may want to tour the facilities and talk to everyone who took part in the study.

His intention is to establish the level of delegation of the investigator’s authority, where specific procedures were performed, where and how the data was gathered, and where the drug was accounted for and stored.

These things are normally checked:

-Communication capability with the IRB, including the initial submission document, adverse event reporting, and progress reports

-Totality of accountability documentation for the receipt, storage, administration, and return of test article (drug, device, etc.)

-Compliance with the study protocol and documentation that each deviation/amendment received the approval of the IRB and the sponsor

-Aptness of the informed consent process

-Timely and full reporting of adverse events to the IRB and sponsor

-Compliance with the record retention requirements and that the investigator had instant access to the study records during the trial

-Ample monitoring of the site and communication with the sponsor

2.The inspector will move on to audit the data. He will compare the data submitted to the FDA with the medical charts and source documents that support it.

He will review data from before and after the subject’s participation to make sure the subject had the medical condition under treatment and that excluded medications were not given to him or her during the study period.

3.After finishing the audit, the inspector will meet with the investigator to talk about the results. Any inconsistencies will be registered on FDA Form 483, of which you will receive a copy.

4.The inspector will write an Establishment Inspection Report (EIR) that will be sent to the FDA for evaluation. You will receive a letter after this evaluation is finished.

This letter may show one of three scenarios:

-It may simply recognize that the inspection was done and that nothing significant was found.

-It may list deficiencies found during the inspection, but may point out that no response is necessary. Nevertheless, it is important that the site acts on these deficiencies in view of future inspections.

-It may point out serious negative discoveries. The site and the data are at risk here, and you must answer immediately to clarify what steps you will take to solve the situation.

Get the help of your sponsor, because the pharmaceutical company has lots to lose too, and contact your pharmaceutical consultant for guidance and support.

If you do not respond correctly, you may be banned from performing other studies; your study data, or even the whole marketing application, can be rejected; and you may even face criminal charges.

The EIR is available, upon request, to the site, sponsor, and general public, after 4 to 6 months through the Freedom of Information Act.


Compliance Tips For cGMP Inspections

Successfully managing a cGMP inspection begins first with developing a clear cut company plan, which will define the roles and responsibilities of everyone that will be involved in the inspection. Because the FDA can arrive at your company without any prior notification, it is important that you thoroughly, and regularly train and prepare all personnel, so they will be ready to act if an unannounced inspection takes place. But how do you thoroughly plan and prepare your company for a cGMP inspection audit, and what do you do if they show up one afternoon at your front door?

The FDA inspector must present some form of notice of inspection (FD-482), and should offer proper FDA credentials upon your company’s request. If the FDA inspector cannot supply you with the proper credentials, then it is within your company’s legal right to not begin the investigation until the person can authenticate their FDA status. Any persons accompanying the investigator should be able to provide proper identification as well, and also explain their purpose for requesting entry and authority to enter your premises. Upon presentation of these formal documents, entry can not be refused as long as it’s under normal business hours.

Once the inspectors have been verified, your company representative shall notify a designated individual, who will then notify all the relevant managers and department heads and let them know that there is an FDA inspector on the premises. Once you are ready to begin the FDA inspector will notify your company the exact purpose for the inspection, and roughly how long it will take for them to complete their audit. You will want to supply the inspectors with an office room, or conference room, so that they can set up a base of operation, and review their records and files.

The inspection itself, usually involves a combination of physical plant inspection, as well as possibly document and record review. This may also include any recent complaints, production records, and possibly storage and shipping records as well. All employees should cooperate with the investigation in any way they can, while assuring that their conditions meet your proper code of conduct that you have set forth. Your company representative must accompany the investigator at all times during his investigation, as well as keep detailed notes, including record of dates, times, areas inspected, questions or remarks from the investigator, and any observations made.

Your best chance of having a successful cGMP inspection, is to thoroughly prepare for it. Even if the audit is unannounced, your company and personnel should know exactly what protocol to have, and a plan already in place. The best way to prepare for a cGMP inspection is to first hire an outside pharmaceutical consultancy firm that can help your company to make the adequate preparations. They will be able to thoroughly guide your company on the best course of action your company can take, and teach you how to properly put them in place.


Subscribe Now

Featured Partner