The Pharmaceutical Inspection Convention Cooperation Scheme (PIC/S) on 01-Jan-2019 released a long-awaited guidance to help regulators harmonize the classification and reporting of good manufacturing practice (GMP) deficiency outcomes from inspections. The guidance is designed as a “tool to support the risk-based classification of GMP deficiencies from inspections and to establish consistency amongst inspectorates.”
On 30-Nov-2018 PIC/S published the third draft of guidance PI 041-1 “Good Practices for Data Management and Data Integrity in regulated GMP/GDP Environments“. The first draft was published back in 2016, and the third draft is subject to a focused stakeholder consultation seeking substantive comments from trade and professional associations on specific questions relating to the proportionality, clarity and implementation of the guidance requirements. In parallel to this stakeholder consultation, the new draft is applied by PIC/S Participating Authorities on a trial basis for a new implementation trial period (3 months).
In short, you can expect inspectors to have reviewed and be reviewing against this. Do your gap analysis now and have plans in place to address the gaps. Yes, there will be a little while before this is finally published, but at this point this guidance neatly triangulates with other guidances on data integrity and we can expect most of this to be in the final version.
This document is a great place to start and can be used to develop whole sections of the quality management system. I find it very actionable. For example this table from 9.5 “Data capture/entry for computerised systems”:
I’m in charge of ice cream, an important element of my household and as a result there are agreed upon criteria for success. I have internal inspectors (me) and external (my teenagers). I can thus produce a fairly simple graph of internal and external inspections and see the areas where there is a difference.
From this I can tell which categories of findings are pain points and can look for systematic ways to fix them.
In my case, it’s clear the kids do not appreciate only having vanilla, strawberry and chocolate ice cream.
You can apply the same process to your internal vs. regulatory agencies (or certifying body or similar) audit findings.
You can quickly find two major patterns:
Places you are gapping
Places you are tougher than regulatory agencies
For those areas where you are gapping, evaluate your systems and determine what process improvements are necessary. A good area to include in this evaluation is the skill set of your internal auditors. For example, do you need more intensive data integrity training?
For those areas where you are tougher than regulatory agencies, do a quick check to ensure internal expectations are appropriately aligned. And then congratulate yourself.
You might have some areas where you have internal findings but absolutely no external. This might be a good indication that this might be a cutting edge area and you are doing a great job keeping ahead of the curve.
Take an additional step. Go to a source of inspection findings, such as the FDA’s 483 collection, and add them to your graph. This can help you identify additional areas of potential improvement. This can be especially helpful if you are a smaller company that does not have a wealth of data to draw.
We should all be doing what we can to anticipate trends and benchmark ourselves. This sort of data review and go a long way to finding some potential pain points before they get worse.