Global Quality Assurance and Regulatory Compliance: The Business Case for an Enterprise-Wide Strategy

November 1, 2008

A centralized quality control strategy may be the best solution.

For the biopharmaceutical industry, product quality and regulatory compliance are fundamentals of business operations and profitability. In recent years, the industry has become increasingly global. Factors contributing to this globalization include dispersed physical manufacturing locations, the reliance on outside partners such as contract manufacturing organizations (CMOs), and the use of multiple active pharmaceutical ingredient (API) suppliers. As the biopharmaceutical manufacturing industry becomes increasingly global, it faces new quality and compliance challenges.

Denise Queffelec

Many biopharmaceutical companies maintain decentralized, global networks of virtually independent plants with the following: varying operational and management processes; diverse monitoring and reporting systems; dissimilar equipment or infrastructure; and multiple local or regional suppliers, contractors, and vendors. However, these companies recognize that, just as their sales and distribution programs have evolved to meet global opportunities, their quality assurance and regulatory compliance programs must change.

With ultimate responsibility for assuring the quality and compliance of their products, sponsoring companies must manage a complex web of assets in an ever-changing regulatory framework. Biopharmaceutical companies are confronted with a growing list of requirements imposed by organizations such as the European Medicines Agency (EMEA), and the US Food and Drug Administration (FDA). The US, the European Union, and Japan have an ongoing goal of creating a harmonized regulatory compliance standard, and the International Conference on Harmonization (ICH) has produced its Q8, Q9, and Q10 guidelines to address quality assurance and risk management issues. Meanwhile, in the US, two FDA programs—Pharmaceutical cGMPs (current good manufacturing practices) for the 21st Century, and the Pharmaceutical Quality Assessment Pilot—both of which focus on risk-based analysis, remain works in progress. The FDA is also revising its cGMP regulations, and it intends to publish the revisions this year.

Some biopharmaceutical companies have already turned away from the traditional methodology of assigning quality and compliance responsibilities to individual facilities or partners, because this approach often produces inconsistent results. These companies have embraced a new, enterprise-wide strategy for quality assurance and regulatory compliance. This strategy helps achieve quality and compliance goals and creates a competitive advantage.

BEST PRACTICES FOR INTEGRATED QUALITY AND COMPLIANCE

Companies pioneering enterprise-wide quality and compliance initiatives maintain a series of best practices anchored by centralized quality-management controls. Returns on investment arise not only from product quality and regulatory compliance, but also from optimized resources and profitability. Company experiences, combined with the observations and knowledge of industry experts, provide a blueprint for implementing best practices in achieving a global GMP compliance program based on quality. Key elements of that blueprint include: consistent messaging and common nomenclature, certifications of employees and subcontractors, enterprise-wide training, centralized documentation and distribution, vendor certification, integrated systems management, and quality systems inspection approach.

The Return on Investment (ROI) of Best Practices

Consistent Messaging and Common Nomenclature

Consistent messaging and common nomenclature are critical for any organization that has the following: dispersed facilities; employees of different cultures and language; a changing workforce with varying levels of skills, education, and industry experience; and a growing reliance on outside partners. The mergers and acquisitions commonplace in the industry during the past five years have further complicated the task of creating an enterprise-wide culture of quality and compliance.

For one company, a change in corporate ownership produced a significant challenge and an important response. The merger of two pharmaceutical firms was quickly followed by an acquisition by a third company. The resulting organization was immediately responsible for 50 plants around the world, more than 60,000 employees, and three distinct corporate cultures, each with its own policies, procedures, and philosophy. The new firm's response was to create an enterprise-wide culture built on quality and compliance. More than 70 standard operating procedures (SOPs) from the different companies were completely rewritten to create a single harmonized standard of quality for the new organization. The company developed an online training program that enabled global distribution of the new SOPs to more than 5,000 managers. Each manager was expected to set up meetings to review the documents and integrate their cultural messages communicating with employees about the new standards and expectations. This year-long initiative produced an organization with a cohesive, reinvigorated workforce that shared a common culture, heard the same messages, and performed to the same standards.

Certifications of Employees and Subcontractors

Optimum performance requires the demonstrated competency of employees, subcontractors, and suppliers. To ensure that competency, a company must follow a multistep process of initial assessment to accurately identify knowledge gaps and competency levels, develop role-based curricula, and target distribution of relevant training materials, testing for comprehension, and certification of the qualifications necessary for specific job functions.

With the goal of reducing human error and assuring compliance with corporate standards and regulatory requirements, a biopharmaceutical company has developed a unique online operator certification solution that integrates training with the company's manufacturing execution system (MES). System parameters are set to recognize whether operators have completed training and met defined proficiency thresholds. If not, the system denies equipment access to those individuals.

Enterprise-Wide Training

For an enterprise with dispersed facilities and personnel of different cultures and languages, online training as part of a blended learning program is virtually indispensable in assuring consistency of knowledge throughout the organization. The term training is typically associated with skills training. However, it also applies to a range of educational needs that are likely to confront any organization. These needs may involve issues as diverse as SOPs, regulatory updates, equipment operations, and non-GMP requirements such as sexual harassment and facility security.

Failure to follow established SOPs is one of the most frequently cited violations in FDA 483s and warning letters. The frequency of SOP-related violations points to the need for all regulated companies to review their SOPs, their methods for distributing compliant SOP training curricula, their methods of validating receipt and testing for comprehension of the materials, and their documentation of SOP training activities. Additionally, enterprise-wide training programs must include automated methods for new employee onboarding, and for annual refresher training.

Centralized Documentation and Distribution

Centralized documentation organized in an audit-ready format enables rapid access to requested data by regulatory inspectors. It also minimizes the risk of lost, unavailable, or incomplete records. This centralized documentation and distribution is especially important for regulatory updates. As regulations change—and they do so with great frequency—it is critical that the changes be disseminated to those people whose work will be affected. It is also vital that changes be accurately validated and documented, particularly in a company with dispersed facilities and partners. A company cannot afford to base its product quality and regulatory compliance on a system that is vulnerable to the limitations of paper-based records, illegible signatures, and lost validations.

Vendor Certification

With regulatory attention now focusing on CMOs and other suppliers, some sponsoring companies require contractors to adhere to the same quality and compliance systems as those implemented for employees. By promoting the use of common training curricula, distribution, and tracking systems with audit-ready documentation, the sponsoring company supports a seamless extension of its own activities, thereby minimizing risk. Equally important is a centralized database that confirms vendor qualifications, because such information can assure any facility in the enterprise that a given vendor has been adequately vetted.

Integrated Systems Management

Enterprise-wide quality and compliance can be streamlined by a single database and management structure, or through a system of integrated tools. Information about training, vendor qualifications, subcontractor competency, and any quality deviations must be monitored from an enterprise perspective, instead of from a plant-specific view. Most importantly, problems identified at one plant can be investigated and resolved proactively at other plants; this can prevent a significant finding that can lead to a citation during a regulatory audit. Interoperability of the quality and compliance functions with other IT-based systems such as purchasing, human resources, document management, and enterprise resource planning, assures consistency of the quality program and promotes cohesive oversight of all functions.

For example, many companies are integrating document management with their training systems, enabling a document update to automatically trigger actions for employees. This solves the compliance challenge of how to efficiently distribute and track new and updated SOPs and other critical documents. Once alerted, typically by email, an employee must not only read the SOP changes, but must demonstrate understanding by passing a quiz; this increases operational efficiency and document-based compliance. Because hundreds of changes a year to SOPs are not uncommon, a manual approach to distribution is unmanageable and is a significant area of risk for the company.

Quality Systems Inspection Approach

The FDA has recently embraced a risk-based approach designed to minimize consumer safety hazards caused by quality problems. The approach prioritizes risks to optimize the FDA's inspection and enforcement resources. This risk-based approach signals a focus on enterprise-wide inspections that span country boundaries based on violations found at a single plant.

A similar strategy can be integrated into a company's compliance programs. Doing so enables the company to take immediate action when problems uncovered in one facility may exist at other plants using similar processes, equipment, or vendors. This method also facilitates compliance with FDA requirements. A commitment to consumer safety is shared by regulators and pharmaceutical companies. By sharing a common approach to quality, both regulators and the companies they regulate enhance consumer safety while minimizing the likelihood of product recalls, plant closings, or suspension of production.

MEETING THE CHALLENGE

Agility and cohesive thinking are critical for any biopharmaceutical company facing the volatility of the global marketplace, regulatory expectations, and scientific discoveries. What had been a collection of national and regional economies has emerged as a single, interconnected, interdependent global economy. What had been a local workforce, in which longevity and stability were prized, has become a dispersed network of employees with vastly different levels of experience, knowledge, and seniority. And what had been a relatively stable business environment for the industry now reflects an explosion of mergers and acquisitions that necessitates cultural integration, overlapping regulatory requirements, and increased use of outside contractors and subcontractors.

As globalization and a changing workforce become drivers of today's economy, biopharmaceutical companies seek a better way to manage people, plants, and processes while keeping their promise to consumers of quality and safety. That better way is an enterprise-wide quality-based compliance approach that satisfies the needs of consumers, regulators, and the company's stakeholders.

Denise Queffelec is a life sciences practice leader and David Peterson is a director of GMP and quality solutions at Kaplan EduNeering, Princeton, NJ, 609.627.5300, denise.queffelec@kaplan.com