13/14 December 2023
In October 2020, the ECA offered the Live Online Training "The GDP Compliance Manager". During the Q&A sessions, many interesting questions were posed to the speakers' team. The ECA would like to share a selection of these Q&As sorted by topic.
Below you will find the fifth set of questions which have been answered by the speakers' team. A combined document containing Part 1 to 5 and further Q&As will be published soon. All answers reflect the opinion of the speakers based on their experience.
Question 5.1: Do we always have to open a deviation in case of damages or temperature excursion during distribution?
Question 5.2: In big companies, the RP can't approve all deviations himself due to the high numbers of deviations. Can he delegate this approval?
Answer: Yes, but he should ensure those approving deviations are fully trained, and the RP receives reports of these deviations and is aware of critical and major deviations. The RP has final responsibility for GDP deviations.
Question 5.3: The RP does approve critical/higher risk deviations only from my experience. I think it is efficient to not involve RP in all steps if possible. Otherwise you will create a bottle neck in your organization from my experience.
Answer: We agree, but remember the final responsibility remains with the RP. Minor deviations usually develop to more serious ones in time, therefore the RP should be aware of trends of these deviations and take appropriate actions when required.
Question 5.4: Is there any requirement for trending of deviations?
Question 5.5: Is it mandatory that the RP approves a deviation? Or would it be sufficient to align with the RP verbally, mention this alignment in the deviation description and the approval will be conducted by QA personnel?
Answer: It is not a GDP requirement that the RP approves deviations. However, the RP is responsible for ensuring an adequate deviation system is in place. Furthermore, the RP should be made aware of deviations impacting on GDP. Verbal notification is difficult to verify, a better approach may be notifying the RP through email, and then attaching a copy of this email to the deviation. This approach may be challenged from a data integrity perspective, so it should be ensured that email communication is in compliance with your data integrity practices.