Tag: MHRA

MHRA GCP Inspection Metrics

The MHRA published in March 2023 their ‘GCP Inspections Metrics Report’, covering the period from 1 April 2019 to 31 March 2020.

I am pretty sure no regulatory agency would accept my 2019-2020 Annual Product Quality Review (APR/PQR) being published 3 years late. Regulatory agencies need to hold themselves accountable and are fairly poor at doing so. The EMA is not alone at this, the recent EMA report was two year old data.

The MHRA GCP inspectors reported the following observations in the two-year period:

  • Commercial sponsors: 4 critical, 17 major, 34 other. All critical observations were related to pharmacovigilance (PV).
  • CROs: 4 critical, 25 major, 41 other. Critical observations were related to data integrity, IMP management, and protocol compliance.
  • Non-commercial sponsors: 4 critical, 12 major, 26 other. Critical observations were related to clinical sample analysis, data integrity, sponsor oversight, and PV.
  • Phase I Units: 1 critical, 8, major, 28 other. The critical observation was related to dose escalation.
  • Investigator Sites: 0 critical, 17 major, 64 other.

As always, a very good document to perform a gap assessment against.

MHRA on Good Pharacovigilance Inspections

The MHRA GPvP inspectorate recently published their latest inspection metrics for the period from April 2019 to March 2020. 

Someday these reports won’t take a year to write. If I took a year writing my annual reports I would receive an inspection finding from the MHRA.

There is no surprise that the five critical observations are all from risk management. Risk management is also the largest source of major findings, with quality management a close second with a lot of growth.

There are a lot of observations around the smooth and effective running of the CAPA program; a fair amount on PSMF management; and a handful on procedure, training and oversight.

Looking at the nine major observations due to deficiencies in the management of CAPA, the MHRA reports these problems:

  • Delays to CAPA development
  • CAPA that did not address the root cause and impact analysis for the identified noncompliance
  • Open CAPA which were significantly past their due date
  • CAPA raised from a previous critical finding raised at an earlier MHRA inspection had not been addressed

I’m going to go out on a limb here and say some of these stem from companies thinking non-GMP CAPAs do not require the same level of control and scrutiny. Root Cause Analysis and a good CAPA program are fundamental, no matter where you fall on (or out of) the pharmaceutical regulatory spectrum.

Root Cause Analysis Deficiencies

An appropriate level of root cause analysis should be applied during the investigation of deviations, suspected product defects and other problems. This can be determined using Quality Risk Management principles. In cases where the true root cause(s) of the issue cannot be determined, consideration should be given to identifying the most likely root cause(s) and to addressing those. Where human error is suspected or identified as the cause, this should be justified having taken care to ensure that process, procedural or system based errors or problems have not been overlooked, if present.

Appropriate corrective actions and/or preventative actions (CAPAs) should be identified and taken in response to investigations. The effectiveness of such actions should be monitored and assessed, in line with Quality Risk Management principles.

EU Guidelines for Good Manufacturing Practice for Medicinal Products for Human and Veterinary Use, Chapter 1 Pharmaceutical System C1.4(xiv)

The MHRA cited 210 companies in 2019 on failure to conduct good root cause analysis and develop appropriate CAPAs. 6 of those were critical and a 100 were major.

My guess is if I asked those 210 companies in 2018 how their root cause analysis and CAPAs were doing, 85% would say “great!” We tend to overestimate our capabilities on the fundamentals (which root cause analysis and CAPA are) and not to continuously invest in improvement.

Of course, without good benchmarking, its really easy to say good enough and not be. There can be a tendency to say “Well we’ve never had a problem here, so we’re good.” Where in reality its just the problem has never been seen in an inspection or has never gone critical.

The FDA has fairly similar observations around root cause analysis. As does anyone who shares their metrics in any way. Bad root cause and bad CAPAs are pretty widespread.

This comes up a lot because the quality of CAPAs (and quantity) are considered key indicators of an organization’s health. CAPAs demonstrate that issues are acknowledged, tracked and remediated in an effective manner to eliminate or reduce the risk of a recurrence. The timeliness and robustness of these processes and records indicate whether an organization demonstrates effective planning and has sufficient resources to manage, resolve and correct past issues and prevent future issues.

A good CAPA system covers problem identification (which can be, and usually is a few different processes), root cause analysis, corrective and preventive actions, CAPA effectiveness, metrics, and governance. It is a house of cards, short one and the whole structure will fall down around you, often when you least need it to.

We can’t freeze our systems with superglue. If we are not continually improving then we are going backwards. No steady state when it comes to quality.

MHRA 2019 GMP Inspection Data and Documentation observations

Transparency is something that regulatory agencies need to get better at, both in sharing more and doing it in a timely manner. The fact that the 2019 data from the MHRA was released in October of 2020 is pretty poor. As a reference, the FDA releases their data pretty reliably at the end of the calendar year for the given year.

Been evaluating the MHRA’s 2020 data on Chapter 4 Documentation, which is the 2nd largest category of observations in 2019 (and in 2018 before it).

80 different inspections cited comments against the Principles section

Good documentation constitutes an essential part of the quality assurance system and is key to operating in compliance with GMP requirements. The various types of documents and media used should be fully defined in the manufacturer’s Quality Management System.


Documentation may exist in a variety of forms, including paper-based, electronic or photographic media. The main objective of the system of documentation utilized must be to establish, control, monitor and record all activities which directly or indirectly impact on all aspects of the quality of medicinal products. The Quality Management System should include sufficient instructional detail to facilitate a common understanding of the requirements, in addition to providing for sufficient recording of the various processes and evaluation of any observations, so that ongoing application of the requirements may be demonstrated.


There are two primary types of documentation used to manage and record GMP compliance: instructions (directions, requirements) and records/reports. Appropriate good documentation practice should be applied with respect to the type of document.


Suitable controls should be implemented to ensure the accuracy, integrity, availability and legibility of documents. Instruction documents should be free from errors and available in writing. The term ‘written’ means recorded, or documented on media from which data may be rendered in a human readable form.

Principles, Chapter 4 Documentation

The Principles section then goes on to lay out the required document types.

I would love to see more. Is this 80 companies who don’t known what a SMF is? Good documentation practices? Don’t have SOPs and batch records? Have errors in their documents? Don’t approve them? More transparency would be valuable here.

We can learn more by drilling down in the document.

  • There are 87 inspections with 4.1 in section “Generation and Control of Documents”. 1 is critical and 25 are major. Here we see failures in understanding types of documents and controlling them, or maybe just having them in the first place.
  • The 82 against 4.2 (1 critical and 20 major) are more about having the manufacturing and testing process defined (and matching the filing).
  • 103 inspections with observations against 4.3 (23 major) show companies that do not have appropriate approval and release controls
  • 14 for 4.4 (6 major) means there are 14 companies out there who can’t write a good process and procedure. 4.4 has one of my favorite requirements “written in an imperative mandatory style”
  • 60 against 4.5 (13 major) demonstrates a lack of review and keeping documents up-to-date.
  • 12 companies (6 major) have terrible handwriting and cannot stick to ballpoints, yes in fact 4.7 states “Handwritten entries should be made in clear, legible, indelible way.”
  • 103 against 4.8 (1 critical and 28 major) is ALCOA focused on contemporaneous, attributable and accurate.
  • 18 for 4.9 (6 major) is for not correcting data correctly. That’s right 18 companies do not know how to comment correctly.
  • 22 for 4.10 (1 critical and 9 major) is for not clearly laying out the manufacturing records and keeping them for the retention period.
  • 19 for 4.29 (5 major) is a lack of process and procedure for a grab-bag of quality processes from change control to equipment management to cleaning

There are more, but we are in single digit observation territory.

Useful things to be evaluating in your own organization. As a good place to start, here are some questions to ask when contemplating data integrity.

MHRA on Passing the Baton from GPvP to GMP

I love the MHRA Inspectorate blog. They don’t write often, but when they do, good stuff. Here are some of my thoughts on the post on moving patient safety data from determination as part of the pharmacovigilance efforts to labeling to distribution.

Starting in the Good Pharmacovigilance Practice (GPvP) realm, triggers for updates may be identified by pharmacovigilance staff and the corresponding variations submitted by regulatory affairs staff, who will also receive notification of variation approval. At this stage Good Manufacturing Practice (GMP) processes come into play with arrangements for printing the updated leaflets and incorporating these into the supply chain.

MHRA Inspectporate Blog “Passing the baton from GPvP to GMP: Three top tips for protecting patients and staying compliant ” 17 Dec 2019

Unless otherwise stated, updates to patient information leaflets should be introduced within 3 to 6 months of approval” – this is the critical point stressed in this post. The recommendations given in the blog post are solid.

Blog RecommendationThoughts
Check that the end to end process facilitates the timely implementation of updates and that there is seamless transition from written procedures covering GPvP, regulatory affairs and GMP processes. Labeling is often a separate change control process. Integration and simplification in change management is critical and companies should look seriously at balkanization of systems.
Define what is meant by ‘implementation’ of an updated leaflet and make sure this is in advance of regulatory deadlines to prevent the need for batches being re-worked should there be any unexpected delays Effective dates on changes need to take into account deadlines.

Appropriate linkages to ERP and supply chain systems.
Ensure the QP has access to up to date information on the correct leaflet version that should be used at batch certification. Communication, and the use of integrated change management

I also read this morning Teresa Gorecki’s post “Dedicated, Integrated Quality Assurance Systems Critical to Successful Clinical Trials.” All of her points are highly relevant here.