9/10 March 2022
On 30 September 2021, the US FDA issued a Warning Letter to Missouri Analytical Laboratories, following an inspection conducted on May 3 to May 19, 2021. In this Warning Letter among others numerous issues related to data integrity (DI), computer access authorization and records review activities are cited.
The source of this Warning Letter is: Warning Letter to Missouri Analytical Laboratories Inc., dated September 30, 2021.
The following is a breakdown of this Warning Letter focusing on the cited DI issues which are linked to the provisions of 21 CFR Part 211.68(b) and the Guidance for Industry "Data Integrity and Compliance With Drug CGMP". Further observations related to incorrect handling of OOS-Results which are also cited in this Warning Letter are covered in a separate GMP News.
The US FDA observations related to 21 CFR Part 211.68(b) and are the following:
"Your firm failed to exercise appropriate controls over computer or related systems to assure that only authorized personnel institute changes in master production and control records, or other records (21 CFR 211.68(b))."
211.68(b) in the manufacturing of drug and finished pharmaceuticals is associated with the automatic systems performing CGMP functions. Concerning e-records integrity it provides the following principles:
Missouri Analytical Laboratories Inc. did not have adequate access control and, subsequently, security of e-records for the system in question. Unique user accounts and the associated access levels were not assigned to individual users to the application software and the operating system. In addition to the above situation, the analysts had access to delete and overwrite data. The investigators found approximately 36 deleted data files or folders in the recycle bin.
As an example, in process automation, digital signals are generated to data points after saved to a repository for e-records under records management control for disposition and access purposes. An e-record becomes a CGMP e-record when the e-record is generated to satisfy a CGMP requirement. The system must save the data at the time of performance to create a record in compliance with CGMP requirements according to the Guidance for Industry "Data Integrity and Compliance With Drug CGMP". These original CGMP e-records (Original records - The first or source capture of data or information e.g. electronic raw data file from a computer system) are also called CGMP raw data (Raw records - Original records and documentation, retained in the format in which they were originally generated i.e., paper or electronic, or as a "true copy"). All CGMP raw data must be retained and be available for review.
Regarding the deleted data, it was stated by the regulated entity that "The deleted files on the desktop were working copies of the original data files. The original data files were still in the database." The US FDA expected an impact assessment of the potential impact to the deleted data actions.
In addition, the analysts used individualized non-validated spreadsheets to calculate assay, impurity, content uniformity, and dissolution test results for a variety of drug products.
Users must only have access to the system functionality that is appropriate for their job role. The system owner must establish, via procedural controls, diverse authority for the operation and system management. The system owner or representative is the responsible person that should match corresponding responsibilities, and should not be given to normal users on the system the authority of the system administrator. There must be a segregation of duties.
During the review of the recycle bin of the system in question, the investigator observed that 36 data files were deleted by the analysts.
Another observation found by the inspector was that calculations to critical quality-related parameters of drug products were performed using unqualified spreadsheets.
The software qualification of spreadsheets demonstrates that the management of the required information is consistently and complete. The qualification for the intended purpose ensures that the steps for generating the output accurately reflect those described in the data verification procedural control and that the output is consistent with the procedural steps for performing the subsequent review.
Documented objective evidence shall be present showing that the spreadsheets perform as intended following a documented system lifecycle process.
During of review of control records, the regulated entity failed to detect and investigate falsification of records in a logbook.
As the result of not correctly assigning the access level to users, the absence of the qualification of a critical tool to determine quality attribute from s product, and the failure to detect falsification of records, the firm quality system does not adequately ensure the accuracy and integrity of the data to support the safety, effectiveness and quality of the manufactured drugs. Without complete and accurate records, this firm cannot assure appropriate decisions regarding the batch release, product stability, and other matters that are fundamental to ongoing assurance of quality.
In the response of the regulated entity to the observations, it was stated that the regulated entity planned to upgrade the system in question. However, the regulated entity did not provide a CAPA plan for interim controls to prevent the occurrence or recurrence of the data and file deletion or modification. Also, the regulated entity stated in its response that "The deleted files on the desktop were working copies of the original data files. The original data files were still in the database." Your response is inadequate. You did not perform a retrospective review to assess potential impact and ensure data integrity.
The firm's answer to the observations was inadequate. For the above simple but critical observations, the FDA expectations are:
For more detailed information about FDA's documentation requests please see the original Warning Letter.