Pfizer plant in Kansas repeatedly hit with form 483 infractions

In the last 6 years, Pfizer’s Hospira plant in Kansas has received eight FDA Form 483 citations, as well as other observations for regulatory bodies, such as this summer’s  from the MHRA.

The latest FDA 483 was in August 2018.

Comparing these observations with this year’s from Mylan certainly brings to mind a lot of thoughts about cleaning validation and contamination control.

All eight observations are repeat, some from multiple years. I find this troubling given the June 2018 Close Out letter to the 2017 Warning Letter.

A list of Pharmaceutical Regulatory Requirements for Data Integrity

A compilation of regulatory requirements in pharmaceuticals for data requirements.

SourceReferenceContent
EMAEMA Guideline on GCP compliance in relation to trial master fileA certified copy is a paper or electronic copy of the original record that has been verified (e.g. by a dated signature) or has been generated through a validated process to produce a copy having the exact content and meaning of the original.
EMA/CHMP/ICH Tripartite GCPGuideline for good clinical practice E6(R2)Source Data: All information in original records and certified copies of original records of clinical findings, observations, or other activities in a clinical trial necessary for the reconstruction and evaluation of the trial. Source data are contained in source documents (original records or certified copies).
EMA/CHMP/ICH Tripartite GCPGuideline for good clinical practice E6(R2)Source Documents: Original documents, data, and records (e.g. hospital records, clinical and office charts, laboratory notes, memoranda, subjects’ diaries or evaluation checklists, pharmacy dispensing records, recorded data from automated instruments, copies or transcriptions certified after verification as being accurate copies, microfiches, photographic negatives, microfilm or magnetic media, x-rays, subject files, and records kept at the pharmacy, at the laboratories and at medico-technical departments involved in the clinical trial).

Certified Copy: A copy (irrespective of the type of media used) of the original record that has been verified (i.e., by a dated signature or by generation through a validated process) to have the same information, including data that describe the context, content, and structure, as the original.

When a copy is used to replace an original document (e.g., source documents, CRF), the copy should fulfill the requirements for certified copies.

EudraLexAnnex 11Audit Trails

Consideration should be given, based on a risk assessment, to building into the system the creation of a record of all GMP-relevant changes and deletions (a system generated “audit trail”). For change or deletion of GMP-relevant data the reason should be documented. Audit trails need to be available and convertible to a generally intelligible form and regularly reviewed.

EudraLexChapter 4Generation and Control of Documentation

All types of document should be defined and adhered to. The requirements apply equally to all forms of document media types. Complex systems need to be understood, well documented, validated, and adequate controls should be in place. Many documents (instructions and/or records) may exist in hybrid forms, i.e. some elements as electronic and others as paper based.

EudraLexChapter 4Records: Provide evidence of various actions taken to demonstrate compliance with instructions, e.g. activities, events, investigations, and in the case of manufactured batches a history of each batch of product, including its distribution. Records include the raw data which is used to generate other records. For electronic records regulated users should define which data are to be used as raw data. At least, all data on which quality decisions are based should be defined as raw data
OECDGLP No 1Section 2.3 item 7. Raw data means all original test facility records and documentation, or verified copies thereof, which are the result of the original observations and activities in a study. Raw data also may include, for example, photographs, microfilm or microfiche copies, computer readable media, dictated observations, recorded data from automated instruments, or any other data storage medium that has been recognized as capable of providing secure storage of information for a time period as stated in section 10, below. (Section 10 not reproduced here.)
OECDGLP No 17Data (raw data): Data (raw data) may be defined as measurable or descriptive attribute of a physical entity, process or event. The GLP Principles define

raw data as all laboratory records and documentation, including data directly entered into a computer through an automatic instrument interface, which are the results of primary observations and activities in a study and which are necessary for the reconstruction and evaluation of the report of that study.

Data (derived data): Derived data depend on raw data and can be reconstructed from raw data (e.g., final concentrations as calculated by a spreadsheet relying on raw data, result tables as summarized by a LIMS, etc.).

OECDGLP No 173.4. Audit trails

An audit trail provides documentary evidence of activities that have affected the content or meaning of a record at a specific time point. Audit trails need to be available and convertible to a human readable form. Depending on the system, log files may be considered (or may be considered in addition, to an audit trailing system) to meet this requirement. Any change to electronic records must not obscure the original entry and be time and date stamped and traceable to the person who made the change.

Audit trail for a computerised system should be enabled, appropriately configured and reflect the roles and responsibilities of study personnel. The ability to make modifications to the audit trail settings should be restricted to authorised personnel. Any personnel involved in a study (e.g. study directors, heads of analytical departments, analysts, etc.) should not be authorised to change audit trail settings.

PIC/SPI 041-1 (Draft

2)

Complete: All information that would be critical to recreating an event is important when trying to understand the event. The level of detail required for an information set to be considered complete would depend on the criticality of the information…A complete record of data generated electronically includes relevant metadata.
PIC/SPI 041-1 (Draft

2)

Many electronic records are important to retain in their dynamic (electronic) format, to enable interaction with the data. Data must be retained in a dynamic form where this is critical to its integrity or later verification.
PIC/SPI 041-1 (Draft

2)

The original record can be described as the first-capture of information, whether recorded on paper (static) or electronically (usually dynamic, depending on the complexity of the system).

Information that is originally captured in a dynamic state should remain available in that state.

UK MHRA‘GXP’ Data Integrity Guidance and Definitions6.2. Raw data (synonymous with “source data” which is defined in ICH GCP)

Raw data is defined as the original record (data) which can be described as the first-capture of information, whether recorded on paper or electronically. Information that is originally captured in a dynamic state should remain available in that state.

Raw data must permit full reconstruction of the activities. Where this has been captured in a dynamic state and generated electronically, paper copies cannot be considered as ‘raw data’…. In all definitions, the term ‘data’ includes raw data.

UK MHRA‘GXP’ Data Integrity Guidance and DefinitionsA static record format, such as a paper or electronic record, is one that is fixed and allows little or no interaction between the user and the record content. For example, once printed or converted to static electronic format chromatography records lose the capability of being reprocessed or enabling more detailed viewing of baselines.

Records in dynamic format, such as electronic records, allow an interactive relationship between the user and the record content. For example, electronic records in database formats allow the user to track, trend and query data; chromatography records maintained as electronic records allow the user or reviewer (with appropriate access permissions) to reprocess the data and expand the baseline to view the integration more clearly.

Where it is not practical or feasibly possible to retain the original copy of source data, (e.g. MRI scans, where the source machine is not under the study sponsor’s control and the operator can only provide summary statistics) the risks and mitigation should be documented.

UK MHRA‘GXP’ Data Integrity Guidance and Definitions6.11.1      Original record

The first or source capture of data or information e.g. original paper record of manual observation or electronic raw data file from a computerised system, and all subsequent data required to fully reconstruct the conduct of the GXP activity. Original records can be Static or Dynamic.

6.11.2      True copy

A copy (irrespective of the type of media used) of the original record that has been verified (i.e. by a dated signature or by generation through a validated process) to have the same information, including data that describe the context, content, and structure, as the original.

A true copy may be stored in a different electronic file format to the original record if required, but must retain the metadata and audit trail required to ensure that the full meaning of the data are kept and its history may be reconstructed.

Original records and true copies must preserve the integrity of the record. True copies of original records may be retained in place of the original record (e.g. scan of a paper record), if a documented system is in place to verify and record the integrity of the copy. Organisations should consider any risk associated with the destruction of original records.

It should be possible to create a true copy of electronic data, including relevant metadata, for the purposes of review, backup and archival. Accurate and complete copies for certification of the copy should include the meaning of the data (e.g. date formats, context, layout, electronic signatures and authorisations) and the full GXP audit trail. Consideration should be given to the dynamic functionality of a ‘true copy’ throughout the retention period (see ‘archive’).

Data must be retained in a dynamic form where this is critical to its integrity or later verification. If the computerized system cannot be maintained e.g., if it is no longer supported, then records should be archived according to a documented archiving strategy prior to decommissioning the computerized system. It is conceivable for some data generated by electronic means to be retained in an acceptable paper or electronic format, where it can be justified that a static record maintains the integrity of the original data. However, the data retention process must be shown to include verified copies of all raw data, metadata, relevant audit trail and result files, any variable software/system configuration settings specific to each record, and all data processing runs (including methods and audit trails) necessary for reconstruction of a given raw data set. It would also require a documented means to verify that the printed records were an accurate representation. To enable a GXP compliant record this approach is likely to be demanding in its administration.

UK MHRA‘GXP’ Data Integrity Guidance and Definitions4.3 Hybrid

Where hybrid systems are used, it should be clearly documented what constitutes the whole data set and all records that are defined by the data set should be reviewed and retained. Hybrid systems should be designed to ensure they meet the desired objective.

UK MHRA‘GXP’ Data Integrity Guidance and DefinitionsThe audit trail is a form of metadata containing information associated with actions that relate to the creation, modification or deletion of GXP records. An audit trail provides for secure recording of life-cycle details such as creation, additions, deletions or alterations of information in a record, either paper or electronic, without obscuring or overwriting the original record. An audit trail facilitates the reconstruction of the history of such events relating to the record regardless of its medium, including the “who, what, when and why” of the action.
US FDA21 CFR Part

211.194 (a)

 

Laboratory records shall include complete data derived from all tests necessary to assure compliance with established specifications and standards, including examinations and assays
US FDA21 CFR Part

211.188

Batch production and control records shall be prepared for each batch of drug product produced and shall include complete information relating to the production and control of each batch.
US FDA21 CFR Part

211.68(b)

Hard copy or alternative systems, such as duplicates, tapes, or microfilm, designed to assure that backup data are exact and complete and that it is secure from alteration, inadvertent erasures, or loss shall be maintained.
US FDA21 CFR Part

58.3(k)

Raw data means any laboratory worksheets, records, memoranda, notes, or exact copies thereof, that are the result of original observations and activities of a nonclinical laboratory study and are necessary for the reconstruction and evaluation of the report of that study.
US FDA21 CFR Part

58.3

Raw data means all original nonclinical laboratory study records and documentation or exact copies that maintain the original intent and meaning and are made according to the person’s certified copy procedures.

Raw data includes any laboratory worksheets, correspondence, notes, and other documentation (regardless of capture medium) that are the result of original observations and activities of a nonclinical laboratory study and are necessary for the reconstruction and evaluation of the report of that study.

Raw data also includes the signed and dated pathology report.

US FDA21 CFR Part 211.180(d)Records required under this part may be retained either as original records or as true copies such as photocopies, microfilm, microfiche, or other accurate reproductions of the original records. Where reduction techniques, such as microfilming, are used, suitable reader and photocopying equipment shall be readily available.
US FDAData Integrity and Compliance with CGMP Guidance for

Industry (draft)

Electronic copies can be used as true copies of paper or electronic records, provided the copies preserve the content and meaning of the original data, which includes associated metadata and the static or dynamic nature of the original records.

True copies of dynamic electronic records may be made and maintained in the format of the original records or in a compatible format, provided that the content and meaning of the original records are preserved and that a suitable reader and copying equipment (for example, software and hardware, including media readers) are readily available.

US FDAData Integrity and Compliance with CGMP Guidance for

Industry (draft)

What is an “audit trail”?

For purposes of this guidance, audit trail means a secure, computer-generated, time-stamped electronic record that allows for reconstruction of the course of events relating to the creation, modification, or deletion of an electronic record. An audit trail is a chronology of the “who, what, when, and why” of a record.

For example, the audit trail for a high performance liquid chromatography (HPLC) run could include the user name, date/time of the run, the integration parameters used, and details of a reprocessing, if any, including change justification for the reprocessing.

Electronic audit trails include those that track creation, modification, or deletion of data (such as processing parameters and results) and those that track actions at the record or system level (such as attempts to access the system or rename or delete a file).

CGMP-compliant record-keeping practices prevent data from being lost or obscured (see §§ 211.160(a), 211.194, and 212.110(b)). Electronic record-keeping systems, which include audit trails, can fulfill these CGMP requirements.

US FDAData Integrity and Compliance with CGMP Guidance for IndustryFor the purposes of this guidance, static is used to indicate a fixed-data document such as a paper record or an electronic image, and dynamic means that the record format allows interaction between the user and the record content. For example, a dynamic chromatographic record may allow the user to change the baseline and reprocess chromatographic data so that the resulting peaks may appear smaller or larger. It also may allow the user to modify formulas or entries in a spreadsheet used to compute test results or other information such as calculated yield.
WHOTRS No. 996

Annex 5

Data means all original records and true copies of original records, including source data and metadata and all subsequent transformations and reports of these data, which are generated or recorded at the time of the GXP activity and allow full and complete reconstruction and evaluation of the GXP activity. Data should be accurately recorded by permanent means at the time of the activity. Data may be contained in paper records (such as worksheets and logbooks), electronic records and audit trails, photographs, microfilm or microfiche, audio- or video-files or any other media whereby information related to GXP activities is recorded.
WHOTRS No. 996

Annex 5

Dynamic record format.

Records in dynamic format, such as electronic records, that allow for an interactive relationship between the user and the record content. For example, electronic records in database formats allow the user to track, trend and query data; chromatography records maintained as electronic records allow the

user (with proper access permissions) to reprocess the data and expand the baseline to view the integration more clearly.

Static record format.

A static record format, such as a paper or pdf record, is one that is fixed and allows little or no interaction between the user and the record content. For example, once printed or converted to static pdfs, chromatography records lose the capability of being reprocessed or enabling more detailed viewing of baselines.

WHOTRS No. 996

Annex 5

The use of hybrid systems is discouraged, but where legacy systems are awaiting replacement, mitigating controls should be in place…

A hybrid approach might exceptionally be used to sign electronic records when the system lacks features for electronic signatures, provided adequate security can be maintained…

Replacement of hybrid systems should be a priority.

Medical Device Enforcement and Quality Report

In light of recent criticism of FDA’s oversight of medical devices, it is curious why FDA did not release a report touting the success of its enforcement activities with the same fanfare as its report on its plan to modernize the 510(k) program, which we reported on here. The Medical Device Enforcement and Quality Report (Report), available here, claims FDA’s increased inspections have led to improved compliance by industry.
— Read on www.fdalawblog.net/2018/12/medical-device-enforcement-and-quality-report/

International Plan of Mystery: ICH Guidelines for Generic Drugs

Back in October, FDA announced that it submitted a proposal to the International Council for Harmonization of Technical Requirements for Pharmaceuticals for Human Use (ICH) for the development of common global standards for generic drugs.
— Read on www.fdalawblog.net/2018/11/international-plan-of-mystery-ich-guidelines-for-generic-drugs/

Interesting blog post on FDA’s thoughts on the ICH creating some standards on generics.

Mylan Warning Letter

Mylan’s West Virginia plant received a Warning Letter this month and US FDA Commission Scott Gottlieb tweeted on it, and Mylan recently issued a press release.

I’ve made a few posts on their 483:

Mylan’s issues really need to be viewed as a lens of current regulatory body thinking and not as an issue of a company behind the times. In short, this could be you and if your company is not pouring through these and evaluating your own systems you should be.

The Warning Letter has a few trends we see in this sort of document:

  1. Requiring an independent review. If your system is broke than the agency doesn’t trust you to say its okay. Get an independent consultant.
  2. Lack of quality unit authority. One of the best things my site head of quality ever said (and if he is reading this, take this as a serious compliment) was to a group of high school interns when he said the quality unit is the only part of the Pharma manufacturing organization with duties required by law. That we have a legal duty to our companies and to the patients.
  3. Go to the ICH guidance documents
  4. This is happening at more than one site. Clean it up corporate wide.

The last one is worth further thought:

These repeated failures at multiple sites demonstrate that Mylan’s management oversight and control over the manufacture of drugs is inadequate.Your executive management remains responsible for fully resolving all deficiencies and ensuring ongoing CGMP compliance. You should immediately and comprehensively assess your company’s global manufacturing operations to ensure that systems and processes, and ultimately, the products you manufacture, consistently conform to FDA requirements.

It is a critical part of your inspection program to be evaluating issues at each and every one of your sites for all your sites. The CAPA program needs to have the ability to assess CAPAs for similar root cause at all sites, that’s part of the preventive, and without it you are truly not addressing all the potential risks in your organization.

In past decades Mylan was a golden-child of cGMPs, and a lot of thought has gone into why the massive backslide. Cases like this, and Toyota, really reaffirm how a quality culture is something that must be constantly maintained and grown, and how easy it is to go backwards.