FDA and Manufacturers Intensify Concerns about Data Integrity

FDA has long emphasized the importance of reliable and accurate data in ensuring drug safety, quality, and purity, but current good manufacturing practice (CGMP) violations involving data integrity failings seem to be on the rise, especially at overseas bio/pharmaceutical operations. Current FDA policies for ensuring that manufacturers maintain accurate records and submit complete information stem from its Application Integrity Policy, which was established in the wake of the generic-drug scandal of the 1980s. And while most data integrity citations tend to involve sloppy practices and inadvertent violations, as opposed to outright fraud, FDA officials are taking stronger action to emphasize the importance of maintaining secure systems for collecting and retaining records to document the production of quality drugs and biologics.

To highlight its concerns about the rise in serious data and recordkeeping lapses in the United States and abroad, FDA issued in April 2016 a long-awaited draft guidance (1). The guidance uses a Q&A format to outline key strategies for ensuring that manufacturing data are reliable and accurate, and that companies establish risk-based approaches for preventing and detecting problems in documenting processes and tests and in retaining records. FDA emphasizes the need to ensure that all records are complete and that effective systems are in place for retaining and tracking information and for preventing the deterioration and loss of stored data.

The draft guidance defines key terms, such as “backup” and “audit trail,” and discusses methods for restricting unauthorized access to computer IT systems. There’s an explanation for why “testing into compliance” is an inappropriate way to achieve desired test results, a practice that is cited increasingly in inspection reports. At the same time, FDA seeks to avoid adding onerous requirements or to complicate efficient drug production. The regulators are all too aware that a hard slap on a large producer could lead to production delays that create drug shortages or reduce competition that helps maintain lower drug prices.

Inspections find problems 
FDA notes in the guidance that it is observing an increased number of violations involving data integrity in CGMP inspections, including instances of poor records, inadequate written procedures, and deficient systems for ensuring effective production processes and controls at manufacturing facilities all over the world. FDA inspections cite a range of serious deficiencies in how employees handle important records and documents. There are reports of records found in trash bins, data that do not match test results, data manipulation, sample retesting to achieve desired results, and deletion of undesirable results. These violations have led to warning letters, import alerts, and consent decrees, particularly at facilities in India and China.

A scathing letter was sent in April to Mumbai-based API producer Polidrug Laboratories, following an in-depth inspection in March 2015 (2). FDA cited the firm for failing to record or investigate quality-related customer complaints and for production deviations and inadequate controls on computerized systems to prevent unauthorized access or changes to manufacturing data. FDA banned all imports from this site in September 2015, as has Health Canada and other regulatory authorities (3, 4). 

Another warning letter to contract manufacturer Sri Krishna Pharmaceuticals highlights data integrity violations involving incomplete laboratory records, inappropriate controls on computer systems, a lack of written procedures, plus a failure to follow those procedures that are in place (5). The letter cites multiple situations where the firm deleted non-conforming test results and repeated tests to gain desired results. FDA wants Sri Krishna to conduct a comprehensive investigation into the extent of record inaccuracies and to develop a global corrective action and prevention plan.
Of 28 warning letters issued by FDA’s Center for Drug Evaluation and Research (CDER) from January 2015 to May 2016, 21 cite data integrity issues, reported Thomas Cosgrove, acting director of CDER’s Office of Compliance, at the ISPE/FDA/PQRI Quality Manufacturing conference in Bethesda, MD, in June 2016. He noted that FDA is seeing fewer problems at “top tier” pharma companies, but more violations in China and other foreign countries. FDA and industry experts further discussed key components of FDA data integrity requirements and industry best practices at a special data integrity workshop held in conjunction with the quality conference. 

Dealing with such problems can carry high legal costs, noted attorney Neil DiSpirito of Ballard Spahr LLP at the May 2016 annual meeting of the Food and Drug Law Institute (FDLI) in Washington, DC. Consequently, the importance of fixing data problems is drawing more attention in executive offices and prompting more corporate initiatives to prevent and fix data problems. The International Society for Pharmaceutical Engineering (ISPE) is developing a white paper to make a strong business case for investing in systems able to ensure that all data are appropriately recorded and reviewed and that appropriate controls can detect any problems. The impact of data breaches and compliance problems are now “hitting the bottom line” at pharma companies, pointed out Frances Lipp, president of Lachman Consultant Services, at the FDLI conference. Situations involving falsified data, she noted, can lead to delays in product launches, recalls, and major overhauls of information systems.

PDA offers guidelines
The Parenteral Drug Association (PDA) has formed a task force to address the “spectrum of issues” related to the complexities manufacturers face in ensuring the integrity of processes generating key production and regulatory information, reported PDA president and CEO Richard Johnson at the FDLI conference. A lack of accountability in production systems has led to improper data manipulation, adjustment of time clocks, record backdating, exclusion of adverse information, and trashing of original records, Johnson observed.

To remedy these problems, the PDA group has developed guidelines to help manufacturers develop internal codes of conduct for ensuring data integrity. Such policies can emphasize to employees, suppliers, and contractors the importance of meeting requirements for ensuring the accuracy of information and records. They apply to organizations that conduct clinical trials and laboratory tests and that contract to provide services to bio/pharma companies, as well as to manufacturers.

The PDA task force also is preparing a points-to-consider document on the fundamental concepts for data integrity, as well as technical reports on ensuring data accuracy in laboratory systems. The aim is to assist manufacturers in establishing mechanisms for detecting and remediating non-compliance situations, to encourage harmonized standards for ensuring data integrity in different regions, and ultimately to restore confidence of regulators and the public in quality production systems, Johnson said. PDA will discuss its guidelines for company codes and other related initiatives at a workshop on data integrity in September in Washington, DC (in conjunction with its annual FDA/PDA regulatory conference) and at similar workshops in Berlin, Germany, and San Diego.

In the old days of paper records, it was relatively easy to destroy or replace production files. Today’s computerized systems require audit trails for every operation, which make discrepancies easier to detect-by both manufacturers and by FDA investigators. Thus it is important for biopharma companies to ensure that all contractors and suppliers-for IT, manufacturing, and clinical trials-understand and follow the rules, and report quickly when problems emerge.

References
1. FDA, Data Integrity and Compliance With CGMP Guidance for Industry, Draft Guidance (CDER, CBER, CVM, April 2016).
2. FDA, Warning Letter to Polydrug Laboratories Pvt. Ltd. Corporate Office, April 14, 2016.
3. FDA, Import Alert 66-40, FDA.gov. 
4. "FDA Bans Drugs From India’s Polydrug Labs, Citing GMP Issues," FDANews.com.
5. FDA, Warning Letter to Sri Krishna Pharmaceuticals Ltd.-Unit II, April 1, 2016. 

Article DetailsBioPharm International
Vol. 29, No. 7
Pages: 8–9

Citation
When referring to this article, please cite it as J. Wechsler, “FDA and Manufacturers Intensify Concerns about Data Integrity," BioPharm International 29 (7) 2016.