FDA Warning Letter: Lab Data Integrity still in the Focus
Register now for ECA's GMP Newsletter
In April, the U.S. FDA issued the Warning Letter to a US American contract testing laboratory “International Trading Pharm Lab Inc” due to significant violations of cGMP regulations for APIs.
According to the FDA Warning Letter, the Quality Unit failed to ensure that drugs are appropriately tested and that the results are reported to the respective client. Especially the lack of quality oversight regarding the laboratory operations is underlined by the US FDA.
In addition, the Warning Letter mentions that the company failed to establish and follow written procedures for investigating critical deviations and that they failed to ensure that methods used for analyzing drug samples had been verified as suitable for their intended use.
Furthermore it is listed that the company lacks controls to assure the integrity of electronic test data generated by high performance liquid chromatography (HPLC) and gas chromatography (GC) systems and that audit trails were not enabled. In relation to the Data Integrity violations, the U.S. FDA now expects a Data Integrity remediation. Some of their expectations are listed below:
A comprehensive investigation into the extent of the inaccuracies in data records and reporting. The investigation should include:
1) A detailed investigation protocol and methodology; a summary of all systems to be covered by the assessment; and a justification for any part of their operation that they propose to exclude.
2) Interviews of current and former employees to identify the nature, scope, and root cause of data inaccuracies. The U.S. FDA recommends that these interviews be conducted by a qualified third party.
3) An assessment of the extent of data integrity deficiencies at the facility. Identify omissions, alterations, deletions, record destruction, non-contemporaneous record completion, and other deficiencies. Describe all parts of your facility’s operations in which you discovered data integrity lapses.
4) A comprehensive retrospective evaluation of the nature of the testing data integrity deficiencies. The U.S. FDA recommends that a qualified third party with specific expertise in the area where potential breaches were identified should evaluate all data integrity lapses.
A current risk assessment of the potential effects of the observed failures on the quality of their test results. Their assessment should include analyses of the risks to patients caused by testing affected by a lapse of data integrity and analyses of the risks posed by ongoing operations.
A management strategy for the firm that includes the details of their CAPA plan. Their strategy should include:
1) A detailed corrective action plan that describes how they intend to ensure the reliability and completeness of all the data they generate including analytical data and all data submitted to FDA.
2) A comprehensive description of the root causes of their data integrity lapses including evidence that the scope and depth of the current action plan is commensurate with the findings of the investigation and risk assessment. They should indicate whether individuals responsible for data integrity lapses remain able to influence CGMP-related or drug application data at their firm.
3) Interim measures describing the actions they have taken or will take to protect patients and to ensure the quality of their drug testing, such as notifying their customers and conducting additional testing and drug application actions.
4) Long-term measures describing any remediation efforts and enhancements to procedures, processes, methods, controls, systems, management oversight, and human resources (e.g., training, staffing improvements) designed to ensure the integrity of the company’s data.
5) A status report for any of the above activities already underway or completed.
The FDA strongly recommends engaging a GMP consultant to rectify the deficiencies and may withhold the approval of pending new drug applications or supplements listing the firm as a supplier until the deviations are corrected. A re-inspection may occur to verify that the company has completed the corrective actions.