Lately, I’ve run into a surprising number of experienced and highly educated industry professionals who, off the record, and right or wrong, swear they’ll never take a generic drug, or who are looking to, or even growing, natural alternatives to branded medications for Type 2 diabetes and other ills.
Is this the result of seeing first hand what can go wrong in a drug manufacturing plant? Could it be that, for drugs, as Bismarck said of laws and sausages, it’s better not to see them being made—or, at least, made wrong?
In the last few months, we’ve seen recalls of children’s OTC staples such as Motrin and Tylenol by a trusted manufacturer with a strong quality culture. July brought the public release of an almost farcical 483 involving that same manufacturer and its joint venture partner, another firm with a tradition of quality. Pass the Pepcid. Please. Or maybe not.
This week, I received a surprise call from a newswire reporter working on a piece about ongoing industry recalls and 483’s. So used to being on the other side, and asking the questions, I groped for clear and succinct answers. I told her that C-level pharma executives often weren’t directly connected to compliance, especially where GMPs are concerned, mentioned risk management, the patent cliff and cost issues. Even PAT came up.
But she wanted to know: Are manufacturers cutting corners to cut costs? Should the public be worried?
I tried to reassure her that the issue boiled down to the need for manufacturers to better understand risk and improve process understanding and control. FDA is now savvier about risk management and prioritizing inspections, so they’re finding problems more effectively now. “It’s not that manufacturers are becoming more lax,” I said.
She wasn’t satisfied. Nor should she be.
One thing uniting many of the recent 483’s is the fact that they bring data integrity, and accessibility, into question. On the GMP side, consider a 483 for J&J Merck Consumer’s facility in Lancaster, Pennsylvania, which makes products its plant manager and quality team likely sought often during the inspection: Pepcid, Imodium, and Mylanta.
And forget, for the moment, about such niceties as process understanding and control. How about basic document retrieval?
FDA inspectors say they had to ask several times for annual reports (which took a week to receive), and for data as basic as lists of new, discontinued and reject products. Inspectors had to wait a full week, and ask about 10 times, before they received a basic organizational chart showing the chain of command at the facility.
Inspectors asked for a list of CAPAs, but only received those that were entered into the facility’s new computer system . . . it took four more working days to get a list including previous ones on the older system.
Requests for maintenance logs for the HPLC and dissolution apparatus apparently never made it in time. The facility’s QC team leader’s classic response? “Maintenance logs are all electronic, but no one in the lab has access.”
This was an extreme example, perhaps, but even the best facilities run the risk of having data access and integrity problems, due to organizational silos and lack of a point person in charge of data integrity. Is it IT’s responsibility? QC’s?
This facility had changed over to a new computer system. If it’s like most drug manufacturing plants, staffers had also left or been downsized, including staff most familiar with the IT.
Given cases like this, it may be no surprise that FDA now plans to conduct a series of focused inspections to evaluate manufacturers’ compliance with and understanding of 21 CFR Part 11, which covers the transmission of digital records and signatures.
The Agency issued guidance on Part 11 enforcement seven years ago. Could new guidance be on the way?
Maybe, but the problem is not with Part 11. In the end, it’s really all about data integrity. And data integrity affects every aspect of drug R&D and manufacturing.
Your GMP and other documentation must stand on its own, even when inspectors are examining processes and records from years ago, which predate existing IT and software.
Remember, your reputation is on the line.