Regulatory Trends in Computer Systems Validation and Data Integrity: The Evolution of Gap Assessments, Remote Audits, Inspection Readiness and Remediation during the Covid 19 Pandemic
by: Gaurav Walia, M.S., Senior Global Director, Principal CSV/CSA Consultant and Data Integrity SME @ PQE Group
The Covid 19 pandemic created immense challenges for the Pharmaceutical, Biopharmaceutical and Medical Device Industries, and for companies researching, developing, and manufacturing Rx products around the world. In 2020 and 2021 (and to some degree, continuing today) all processes were dramatically impacted by the pandemic as many employees, consultants, and others were restricted from physically working in the office or manufacturing facility, resulting in skeleton crews and largely remote workers. Critical processes throughout the development lifecycle of pharmaceutical, biotech and medical device products were required to transition from in-person to virtual procedures and processes. And of course, the virtual programs and platforms, which were available but not as widely used prior to the pandemic, required time to be developed or enhanced to a point where they could be utilized properly for the important, and highly regulated, practice of bringing a pharmaceutical or biotech drug, or medical device, to market.
Another major issue affected was on-site Regulatory Inspections and Compliance Review Checks as well as Internal Corporate Quality and other 3rd party Audits/Inspections. As FDA regulators could no longer visit manufacturing facilities due to travel and safety limitations, audits and inspection readiness preparation had to be done remotely, meaning the technologies used for the intense scrutiny by the FDA had to be highly advanced.
Clearly, this complicated things for the FDA. Prior to the pandemic, the FDA performed more than 2,000 audits, mostly in China and India, each year. This year alone, in spite of the easing of the pandemic, only 200 have been completed. As a result, in spite of the fact that people are back to in-person work, the FDA is experiencing a major backlog both internationally and domestically.
Is your company inspection ready?
From an industry perspective, companies have gotten somewhat out of practice in their preparation for audits as it has been awhile since they occurred on a more regular basis, and some generic and over-the-counter (OTC) products have been pushed through the process without recent FDA audits and inspections. We anticipate that the FDA is developing processes for the conduct of remote audits and inspections, or will incorporate elements of remote aspects into more frequent on-site inspections. And while it may take a while for the FDA to develop these processes and procedures, we should expect that this will happen.
There are three general types of FDA rules that arise from audits and inspection readiness; typically, they include Good Manufacturing Practices (GMP) inspections every one to two years, a New Drug Application (NDA) filing, and when issues with the product are found, an immediate product recall.
So how can your organization maintain its product development initiatives to avoid a FDA ruling, such as a 483 warning letter, a product recall or worse, a Consent Decree? How can you prepare for remote inspections, assessments and audits including Inspection Readiness, both internal and external? Are you prepared for remote inspections and data sharing, which also can potentially expose a firm to Cyber Security Risk during the data exchange, which may not yet be fully developed from a technical perspective? How do you ensure that your facility remains clean of contamination exposure when your facility may still not be fully functional? How do you ensure appropriate remediation initiatives are accomplished?
Is your company able to perform gap assessments, which are designed to help organizations clearly ensure that everyone from employees and managers to company executives are in full agreement? While gap assessments are not done by the FDA, your company should utilize these to prepare for FDA audits and inspections, including assessing computer systems (using CSV – computer systems validation) along with DI (Data Integrity Gap Analyses), corporate quality audits, audit readiness, and critically important GxP Technologies, which must be properly qualified, validated and utilized, including incorporation of cyber security into the IT Infrastructure and System Risk/Validation Process.
Clearly, a new era for FDA and industry assessments, audits, inspections and remediation is upon us, having emerged from the Covid 19 pandemic. Even with effective vaccines available (as well as other existing and new products coming to market), on-site FDA inspections may remain limited throughout 2022 and maybe even beyond 2023, but they will continue to happen and will become more frequent.
PQE Group Support
PQE Group’s highly professional subject matter experts can help your organization maintain full compliance in anticipation of a remote audit, assessment, or inspection. PQE offers expert support in preparing for internal audits, and can help you with third-party (supplier) audits, vendor risk management (Technology, Software and Cloud Vendors), inspection readiness, remediation to correct problems, data integrity and more while utilizing new Smart Glasses (augmented reality technology) with proprietary PQE Group remote access technology to access data and systems virtually/remote.
PQE can provide your company the best means in which to share your data (via laptop, phone, or other devices/platforms) and determine how your data is controlled and accessed virtually. In addition, we can help you ensure your IT systems are safe from ransomware, hackers, and other cyber threats. By partnering with PQE Group, you can be confident that your company will maintain FDA (and other regulatory agency) compliance and your product can be safely developed and manufactured – even if done remotely.