As the field of modern medicine is changing, so should the development strategies of new medicines, including advanced therapy medicinal products (ATMPs). Many ATMPs are being developed for rare/orphan diseases with an unmet medical need. The inherent complexity of ATMPs poses several challenges to the translation of these products to the clinic, like not being able to follow standardized CMC, non-clinical and clinical development strategies. Instead, comprehensive and product-specific development programs may be required prior to marketing approval. Altogether, a bumpy road to market authorization lies ahead.
In general, in the translation of an ATMP from research to market authorization, it’s worthwhile to pay careful attention to the following aspects:
In this blog, we will briefly touch upon these areas.
Building a solid business case early is a strong prerequisite for being successful in partnering with investors and co-developers. And as
You need to address essentials like:
In this way, you cover a major investment
A target product profile (TPP) is an important tool to facilitate the interactions with health agencies to align your development with regulatory expectations. In addition, the TPP is also a valuable instrument to facilitate both internal and external communication and can be translated into a Quality TPP (QTPP). Both are dynamic documents that facilitate the integration of all development disciplines into a predefined and suitable process.
ATMPs are usually manufactured using complex biological and technological processes for which many protocols are to be developed
Some things to keep in mind:
Overall, it’s crucial to engage early with regulatory agencies to align your pharmaceutical development, your manufacturing strategy and your comparability plans and discuss the impact on the performed and planned non-clinical and clinical development activities. This not only speeds up the marketing process but also builds confidence in your company and current product for potential investors.
Prior to the clinical administration of an ATMP, adequate non-clinical information should be provided using a relevant animal model. Due to the specific characteristics of ATMPs and differences in regulatory requirements, non-clinical development may not follow a “standardized” approach. Products used in non-clinical studies should be representative of the product that will be administered to humans in clinical studies. In addition, the animal models used should have a predictive value to the clinical use of the product in humans bearing the disease indication in mind.
The final product should be based on the right data. This might sound like a no-brainer, but in reality, products are being developed that aren’t. For instance, during development imposed differences in isolation of cell sources, other vector backbone or differences in matrix preparation can induce a huge discrepancy in outcome parameters and present the risk of not being able to connect your non-clinical development to a product that can be used in clinical trials.
Non-clinical studies should be performed using the most relevant in vitro and in vivo models available, the rationale for the selection of these models needs a solid justification. The animal model needs to be suited to allow for translation to the clinical use of the product. In case a single animal model isn’t sufficient to bridge non-clinical study outcomes to a clinical prediction, various different animal models may need to be employed. Very important notice on this is that early interaction with regulatory authorities has proven beneficial in convincing on the justification of the proposed animal models.
Dosing is always a difficult issue. As ATMPs are being developed in animal models that for example are different in size, metabolism, immunological status compared to humans, the administered dose cannot be translated on a one to one basis for human use. The best you can do is to make an educated estimate on the dose and stay on the safe side. Also, take into consideration the method of administration, as different routes of administration can have different tolerability and efficacy outcomes.
In gene therapies, the risk of viral spreading into the environment should be addressed in non-clinical studies. Non-clinical studies are required to estimate the potential shedding of the viral vector. A challenge in the design of meaningful shedding studies relates to the fact that many viral vectors used in gene therapies do not infect and rarely replicate in nonhuman species. One way to address this is to take advantage of the fact that many vector types have been used clinically with different indications and publically available shedding data may be applied in the environmental risk assessment.
Many ATMPs are first in man clinical trials and/or first in class medicinal products. Consequently, the clinical trial design
These clinical trial design aspects are important considerations as the safety profile of ATMPs can be evaluated only limitedly in non-clinical studies. In some cases, an estimated risk can be accepted when the potential clinical benefit outweighs the potential risk within a specific population. Clinical study design should be able to detect clinically meaningful endpoints but surrogate endpoints can be accepted for example in the context of rare disease indications.
Potential safety issues may relate to inflammatory responses, immunogenicity, disturbed gene control and off-target effects and there is a potential risk of transmission to third parties. Also, for gene therapies, other concerns relate to the persistence of viral vectors and genomic integration into the host's genome. For cell therapies and tissue-engineered products, specific risks may relate to graft failure, oncogenicity
Given the unique character of ATMPs specific requirements for long-term follow up are demanded. The design of the long-term follow-up regimen needs to be determined on a case-by-case basis depending on the product and the trial population.
A scattered regulatory landscape poses inherent challenges for the development of a globally acceptable development strategy. In many cases, not only the large agencies as EMA and FDA are involved but also different national agencies. So, transitioning from preclinical development to market authorization requires a carefully considered regulatory strategy and close collaboration with Health Authorities (global and local) to support the development of your ATMP.
It’s advised to apply a risk-based development approach as described by EMA in their risk-based approach guideline to ATMPs.
As indicated by EMA in this guideline: “The risk-based approach is based on the identification of various risks associated with the clinical use of an ATMP and risk factors inherent to the ATMP with respect to quality, safety
A solid regulatory strategy will not only expose any regulatory challenges but also create regulatory opportunities. It will allow you to:
This will all be beneficial in guiding your ATMP through the regulatory maze and make sure opportunities turn into reality
To date, only a few ATMPs obtained marketing authorization and most academia and startups are usually more focused on the science and technology than the actual development of these innovative and often complex products. Wrapping up, we stress the importance of creating a development plan that identifies all the interdependencies between non-clinical, CMC and clinical development early on.
Although each ATMP is unique and needs a tailored development and regulatory strategy, critical steps can actually be identified and anticipated on beforehand and a tailor-made regulatory strategy can provide you with the guidance and focus required for successful development. Especially in the early stage of development, engagement with regulatory agencies supports to align development milestones and assure regulatory compliance in the end.
When you realize that all the different aspects of ATMP development are intertwined and changing one might have a huge impact on another, you are on the right track. So get ready to save time and get your development plan and regulatory strategy straight!
Blog by: Harm Hermsen & Merel Stok
The daily business of regulatory professionals involves processing of complex information from inside business and authorities. Today’s validated IT solutions are usually not flexible enough to keep pace with the ever-changing regulatory environment and the need for on-the-spot information. We build RA intelligence tools based on our day-to-day work experience. Our RA consultants translate specific tasks e.g. variation classification into flexible and versatile solutions like the mobile App RegChange.
In this tool, the EU classification guideline is broken down into the individual changes, greatly simplifying navigation through the document. Conditions, notes and documentation requirements directly connected to the selected change and Article 5 changes are included.
Note: RegChange has been made publicly available by the BPI (German Pharmaceutical Association) and is used by over one hundred professionals daily.
Date: 26.09.2018 | 8:00 - 16:15
Venue: Strelitzer Straße 60, 10115 Berlin at CQ Beratung + Bildung
Costs/fee: Regular - 90,- € | Early-Bird - 75,- € if you register by July
It is an exciting time for companies developing new and complex biopharmaceuticals. As we gain more experience in the application of highly advanced technologies, as well as in new production processes for biopharmaceuticals, the regulatory landscape and recent strategies for the development of these products are rapidly evolving. It is not an easy task to keep track of best development practices and regulatory requirements.
This interactive workshop will support you in your efforts to better understand these relevant topics based on the vast experience of our speakers who will present case studies in their respective fields. As a highlight of this workshop, a panel discussion will take place to address and discuss questions and issues that you are facing in your daily business.
Outcomes of this workshop: gaining insights into improving your product development regarding timelines, costs and risk management.
Who should attend: Professionals and Managers in regulatory and development functions and Financial Investors.
Presentations will be in English, the detailed agenda can be found here.
Our presenters are recommending 3 blogs for pre-reading:
It’s been looming for a while now: the new MDR. There’s been a lot of talk about how it will affect companies in different ways. For instance, we wrote this blog on “why it’s a good plan to start preparing because otherwise, it’ll probably cost you money in the end”. From this point onwards, we will be sharing blogs on specific topics to help you prepare.
In this one, we will provide you with some strategies to prepare for the increased need for clinical data & evidence to CE mark your device. So let’s get started:
Initiation of the increased requirements for clinical evidence was actually already initiated with the last revisions of the MEDDEV guidance documents with the MDD still being in place. The further increase in the number of articles referring to clinical evidence in the MDR illustrates this huge increase of focus:
Medical Device Regulation (MDR)
Medical Device Directive (MDD)
CHAPTER VI: CLINICAL EVALUATION AND CLINICAL INVESTIGATIONS: Article 61 to article 82
CHAPTER VII: POST-MARKET SURVEILLANCE, VIGILANCE AND MARKET SURVEILLANCE: Article 83 to article 92
And associated annexes XIV, XV
Article 15 with reference to Annex X: clinical evaluation requirements
The increase in requirements for clinical evidence is also visible in the behavior of the Notified bodies. When manufacturers currently submit their technical files for obtaining the CE mark, they already experience that the need for more robust clinical evidence is requested. More importantly, manufacturers also experience the increased need for clinical evidence during re-certification of their device. Examples are already available about manufacturers that aren’t granted prolongation of the CE mark on their device with the result that it has to be withdrawn from the market. These examples are not limited to small start-up companies or to high-risk class devices: there are also established companies that were faced with no prolongation of certification until they were able to provide the necessary clinical evidence. Moreover, there are examples of low-risk class devices that lost their CE mark too.
It can even be that manufacturers with low-risk devices are more at risk regarding the extension of the CE mark because the gap been new requirements and the available clinical evidence might be bigger than for high-risk, class III, devices.
All currently certified Medical Devices must be re-certified in accordance with these new requirements. Because certification might be for a period of 3 years, the result is that a device that is CE marked just before May 2020 under the MDD may bear the CE mark for the next 3 years up to 2023. However, the MDR implies that PMS activities (Chapter VII) apply in full force as of May 2020. That means that when the PMS activities show that the clinical data is not sufficient your medical device needs a design change (or change in Instructions For Use) or is at risk for losing its CE mark. Also, the new MDR does not allow for grandfathering meaning that products that are currently on the market will not automatically be approved to stay on the market.
So what steps do MD companies need to undertake?
First, companies are well advised to perform an analysis of their current clinical evidence (Clinical Evaluation Report) in reference to the MDR. Three likely outcomes could be:
This implies that companies with products on the market within the European Union who find themselves in the second category will need to come up with a transition plan to be compliant with these new rules and they have until May 25th, 2020 to do so. In a previous blog, we already explained the options and respective consequences (MDD -> MDR) suggesting that action should be taken in a timely fashion.
Based on the assessment outcome, a clinical strategy proves to be very useful. The clinical evaluation plays a central role in this process. The MDR describes that the process is started with a clinical evaluation plan during the development process of the product. During this phase of the products life cycle, the clinical evaluation used to be finalized and included in the submission package to the NB, under the MDD. Under the MDR, the process of clinical evaluation continues during the life cycle of the product, and depending on the risk class of the product, needs to be updated regularly. E.g. for class IIB and III, this needs to be done annually, even when your device is CE marked under the MDD as described above.
We could identify several main options depending on the extent of the necessary upgrade. The clinical evaluation report needs updating:
To extend the clinical data or evidence, you can perform an investigation or post-market follow up study (PMCF). In case you are considering to extend the intended use, this might be the best moment to start a clinical investigation. It will help you to increase the clinical evidence but also broaden the intended use at the same time. If you only need to increase the clinical data, a PMCF might be more applicable and cost-effective.
As a manufacturer of CE marked products, you should carefully plan to ensure that the most efficient solution for meeting the requirements for clinical evidence is found and implemented in time. You do not want to lose your CE certificate and thereby access to the marked and your revenue. A timely upgrade of your clinical evaluation to meeting the MDR requirements will lead to the highest chances for success. It will also help you to identify if additional actions are required to collect the clinical evidence.
Wrapping up we’d like to emphasize that it all boils down to timing from this points onwards, Beware that the deadline of May 2020 is less than two years away. Being aware of the upgrade requirements for your medical device assures business continuity.
If you would like some more specific information on the clinical strategy in line with the regulatory requirements, do not hesitate to leave us a message.
Blog by: Jan Bart Hak
You have built a fantastic Excel sheet and successfully finalized the validation. However, are you able to use/operate your Excel sheet and keep its flexibility and familiarity that comes with it up to date as well? In addition, preferably without suffering from validation chaos? In this blog, we’ll explain how to do just that.
“No matter the popularity of spreadsheets, when used improperly or incorrectly, or without sufficient control, spreadsheets pose a greater threat to your business than almost anything you can imagine.” – Phillip Howard, Boor Research
First off, is your Excel sheet validated already? If not, you might want to start out by reading our previous blog:
After you have finished this one you want to ask yourself the following questions:
Thinking about these questions, make sure that your validation documentation is complete and covers all applicable regulations and guidelines. As soon as this is accomplished, your Excel sheet is ready for deployment and ready for its operational phase.
First, make sure that all necessary QMS (Quality Management System) documentation for the maintenance of the Excel sheet is present and up to date such as Incident Management, Audit Trail Review, Periodic Review, etc. The frequency for the periodic evaluation of these procedures should be determined based on a Risk Assessment.
Additionally, an inventory list may provide you with a clear overview of all your Excel sheets. Your inventory list may contain:
By noting down these items the list will help you to keep track which Excel sheets have been validated, where they are being used, and for what.
Is your Infrastructure qualified and in a state of control that would satisfy your Excel sheet validation? Once the validated Excel sheet is in its operational phase, all records and evidence produced to meet the regulatory requirements must be stored and/or archived over the entire lifecycle of a product, often over decades. Therefore, it is always good to think about the building of your infrastructure and check if it can provide a huge amount of data e.g on a daily basis.
Now you can start implementing your Excel Sheet. To achieve that, follow your deployment procedure and make sure that your validated and approved Excel spreadsheet has been released properly. Store your template and the data entered into the spreadsheet in a secure location with access limited to selected authorized users. If your site policy requires storage of an electronic copy of the Excel sheet application file, the file should be stored under a new name in a designated area on the server.
To be able to demonstrate (to inspectors and auditors) that your Excel sheet is always in compliance during its operation you may need to have in place:
To be able to demonstrate (to inspectors and auditors) that your Excel sheet is always in compliance during its operation you may need to have in place:
I. A User Administration Procedure which should include:
II. A User Work Instruction which should provide information about:
Even a perfectly validated Excel sheet needs changes from time to time, for example, due to changes in your working method. You should always document all changes made in the Excel sheet, as part of the change control, and keep track of these changes using version numbers. This ensures that each version is easily referenced and traced. Never delete older Excel sheet versions. Old versions should be decommissioned and stored separately from the active ones. This is important for tracking changes, mistakes, etc. and is a major point to regulatory authorities during their inspections and audits. The inventory list may help you to keep track of traceability of all changes performed on the Excel sheet.
Is it necessary to re-validate the Excel Sheet after a change has been performed? When and what do you need to re-validate?
In general, any change performed on a validated Excel sheet template may cause a significant harm, especially during operation and maintenance. In order to be able to analyze possible impacts on Patient Safety, Product Quality
It doesn't matter whether your Excel sheets are used for the administration of production equipment, recording and graphical presentation of cleanroom monitoring data or for conducting statistical analyses in quality assurance. Once these activities are related to GMP requirements, your Excel sheets need to be validated and will most likely draw the attention of
So, wrapping up here’s the list key points to look into when developing, validating and maintaining your own Excel sheets for GxP environments:
Keep in mind that this blog isn’t meant to be exhaustive and we encourage you to contact us if you have any remaining questions!
Blog by: Silviya Della Chiave
NEW: We invite companies who are looking for an efficient way to validate their Excel sheets in an optimal way. You provide the necessary information and we'll provide you with a compliant sheet. Check it out!
Today, 25 May 2018, the new General Data Protection Regulation (GDPR) 2016/679 came into force in the European Union, replacing Directive 95/46/EC. The GDPR regulates "the protection of natural persons with respect to the processing of personal data" (Art. 1), insofar as this takes place in the context of the activity of a branch in the EU (irrespective of whether the processing takes place in the EU) or itself the persons concerned are in the EU (see Art. 3). At the same time with the GDPR, an adapted Federal Data Protection Act (BDSG-new) came into force in Germany, which should take into account the new GDPR.
Beforehand, the debate on the new laws has already been heated up by highlighting possible sanctions: companies risk dramatic fines of up to four percent of last year's sales or EUR 20 million if they fail to comply with the new data protection rules. How serious are the changes at all, and what is actually changing within the pharmacovigilance practice? Let’s have a look at four essential areas of the pharmacovigilance practice:
If personal data is to be processed by a service provider, the qualification of the contracting party must be checked before the processing of an assignment is made and a written processing contract (Data processing Agreement) must be concluded in accordance with Art. 28 GDPR. The qualification is assessed by reviewing the technical and organizational measures and their documentation by examining certificates or similar evidence that can serve as guarantees (see Art. 32 GDPR). In the case of subcontractors, they are subject to the same data protection obligations arising from the contract between the service provider and the responsible entrepreneur (see Art. 28 GDPR). For the pharmacovigilance practice, this means adapting the contracts with clients and subcontractors according to the standards of the new legal requirements.
According to Art. 9 and 30 GDPR, the processing of personal health data is subject to specific regulations. All data processing activities must be recorded. The record may be kept in writing or electronically and must be provided to the supervisory authorities on request. The GDPR also suggests documenting the action of each data processing operation as well as the data protection compliance measures (see Art. 5 and 24 GDPR). Other new requirements for the processing of personal health data are the data protection impact assessment prior to the start of the data processing (see Art. 35 GDPR) and the reporting requirements of data breaches within 72 hours (see Art. 33 u. GDPR 37). The appointment of a data protection officer is obligatory (see Art. 37 GDPR). For the pharmacovigilance practice, these aspects lead to a slightly higher documentary effort.
The GDPR demands numerous new information obligations to data subjects regarding affected persons: Precise specification of the legal basis for data collection, duration of data storage, naming the responsible person for data collection, name and contact details of the data protection officer, information on the right to complain, information on data transfer to third countries, if applicable (see Art. 12, 13 and 14 GDPR). The basis of adverse event reports is personal data of the affected patients and the reporting persons (physicians, pharmacists, patients).
The German Association of Research-Based Pharmaceutical Companies (
The new legal situation can be interpreted in such a way that in individual cases a post-marketing service provider may be allowed to process personal health data, even if, for example, a person reporting a serious adverse event explicitly disagrees on that.
Personal health data are relevant in pharmacovigilance, especially in the context of clinical trials and the Medical Information Service. The scope of the data collection is a further critical aspect of pharmacovigilance practice in addition to the obligation to provide a huge amount of information about processed data to the affected person (information obligation). The
An adaptation of the German Medicinal Products Act (AMG), which is planned for this legislative period, may be able to eliminate such legal uncertainties.
For the Medical Information Service, the information obligation regarding affected persons means that persons requesting medical information (e. g. patients, pharmacists, physicians) have to be instructed by the service provider (information giver) more extensively than before about their rights.
The consequences of the GDPR (and BDSG-new) lead to a higher amount of work for pharmacovigilance in the processing of assignments, the documentation of processes, the reporting of adverse events as well as in clinical studies, and in regard with the Medical Information Service. In individual cases, excessive bureaucracy and lack of flexibility in the pharmacovigilance practice are criticized. Overall, the changes to the legal requirements do not have a major impact on pharmacovigilance activities.
Simulated moving bed (SMB) chromatography technology is a continuous mode of adsorption with enhanced separation efficiency and productivity. The countercurrent effect of this technology also results in improved purity, reduced resin, and buffer requirement. Currently, as a part of the EU subsidized Horizon 2020 project PRODIAS, Xendo gained extensive knowledge of applications and innovation of SMB technology in both packed bed and expanded bed adsorption (EBA) modes
As a technology developer, we share the vision to not only address new challenges but also to create a platform to share knowledge that can trigger both the industrial and academic world towards practical, efficient and sustainable process solutions. Through this symposium, we would like to bring together experts from different sectors to communicate state of the art knowledge on adsorption based technologies like EBA and SMB. After the talks, we aim to conclude the symposium with a priority list of opportunities to drive future implementations and innovations.
The talks are driven by following key attributes while focused on EBA and/or SMB technologies:
Approved delegates will be provided with registration details for the symposium and enjoy a complimentary networking dinner and full accommodation.
27th June 2018, Castle Oud Poelgeest, Oegstgeest (close to Leiden), The Netherlands
As the deadline for the implementation of the safety features stipulated by the Falsified Medicines Directive (Directive 2011/62/EU) approaches, marketing authorisation holders (MAHs) should have long started preparing for the introduction of the unique identifier (UI), a two-dimensional barcode, and anti-tampering device (ATD) on the outer packaging of their medicinal products. So let’s have a look at the regulatory implications.
By 9 February 2019, all prescription-only medicines, except for those listed in Annex I of Commission Delegated Regulation (EU) 2016/161, and the non-prescription medicines as per Annex II of the same Regulation must bear the safety features for the purpose of authentication, identification, and verification that the packaging has not been tampered with.
The European Medicines Agency (EMA) and Heads of Medicines Agencies (CMDh) have already provided guidance on how to introduce the safety features and the impact thereof on the marketing
This blog post summarises the regulatory requirements for the implementation of the UI and ATD and offers several points regarding the planning of submission that you want to consider.
REGULATORY REQUIREMENTS FOR THE UNIQUE IDENTIFIER
In order to facilitate the introduction of the unique identifier (UI), the Quality Review of Documents (QRD) template has been revised to include standard statements in sections 17 and 18 of the
For existing marketing
REGULATORY REQUIREMENTS FOR THE ANTI-TAMPERING DEVICE
As the anti-tampering device (ATD) is to be placed on the outer packaging, it is expected that its implementation will not have any impact on the product information. Should there be no outer packaging, the ATD has to be placed on the immediate packaging. In this case, if it affects the container closure system, the dossier has to be updated and a variation submitted. However, if the placing of the ATD on the immediate packaging does not have any impact on the container closure system, no regulatory action will be necessary. It should be noted that an Article 61(3) notification should be submitted if the ATD interferes with the readability of the information on the immediate packaging.
POINTS TO CONSIDER WHEN PLANNING REGULATORY SUBMISSIONS
This list is not exhaustive but can form a general basis for your planning. Since the requirement to implement the safety features can affect the entire portfolio of a company, strategic decisions need to be taken for the efficient and timely handling of the regulatory submissions to ensure compliance with the provisions of the Falsified Medicines Directive and the Delegated Regulation.
Blog by: Tin Choi Lam
While clinical trials used to be predominantly paper-based, technology is taking over the management of clinical trial data. Nowadays we often make use of electronic patient diaries, Case Report Forms
Digitalisation has certainly introduced more efficiency and better insight into clinical trial data, but it has also brought new challenges. How do we ensure that trial data and results are and remain reliable? How do we deal with a mixture of paper and electronic records, and/or a combination of different systems? This blog gives insight in some of those challenges with references to the recently adopted ICH E6 (R2) guideline for Good Clinical Practice (GCP).
This blog described six important challenges you may face with the
This blog made clear that the use of more and different electronic systems results in a need for additional efforts to ensure the integrity of a trial. However,
It is clear that the digital clinical trial evolution has not yet come to an end.
Blog by: Henrieke de Bie
If you would like to learn more about this subject, have a look at a blog that focuses on data integrity and Quality Management System compliance:
Data integrity: 5 ways to be GxP compliant.
You may wonder what all the flows and diagrams are about. It’s a value stream map! In Lean Six Sigma, we really love putting these down on flipcharts and post-its. For a good reason though; it promotes cherry picking.
Value stream mapping is one of the most-used Lean Six Sigma tools. It’s the process where a representative supply chain from supplier to customer is mapped. This is done in close cooperation with stakeholders such as Production, QA, Logistics, and Planning. Data on the process, like process steps, lead time, waiting time, inventory, # of operators, is collected and presented in visually.
Based on this map, you select projects that you think will offer the highest added value. Basically, it assists you and your company in selecting the best improvement projects. In addition, it results in a concrete understanding of all key stakeholders how everyone’s tasks and responsibilities interrelate with those of others. Value stream mapping has two main elements: preparation and data collection.
Having a sponsor in place and with whom you agree upon the scope of the value stream mapping and who should participate in it.
Tip: Don’t step head over heels into a complex issue.
Start with a small process first, a simple and stable, preferably one product, and later on you may extend to other products and customers. It’ll probably be an eye-opener how many opportunities for improvement you can identify. Might even turn out that the process isn’t as stable as you thought it to be. Some examples of good starters for pharmaceutical companies are:
This may be a cumbersome task. If you collect too much, your team may be pretty critical. And if you collect too little you’ll probably encounter the same problem. So, what kind of data are we looking for? Remember that the objective of a value stream mapping is identifying waste and determining where in the process an improvement is most effective. It is after all, not for the sake of collecting data and making impressive charts (and putting them on flip-charts). It’s usually best to go out and actually observe together with your team what’s going on in your processes. Some examples to get you started:
One of our customers requested us to do a mapping of one of their production processes. They chose a process which they considered to be pretty much stable. The team consisted of more than 10 people from production (media preparation, drug substance, drug product and packing), logistics, warehousing QC and QA.
First of all, all process steps were mapped, from the receiving of materials until their shipment to customers. Based on this map, we decided what data to collect.
After the data collection, the first job was to “validate” the data. A critical step, to make sure that your decisions are data-driven rather than subjective thought like: “I really think that…”, “I believe that...”, “I strongly feel that…” etc. Decisions based on the latter aren’t usually the most constructive kind.
Next up, we had brainstorm sessions for each of the steps we determined, e.g. for drug substance preparation:
Tip: Organise a kaizen for validating the data with the team and determine where to improve.
Together, we collected our top 3 improvements and voted for a final list of priorities and actions to be improved upon. And you may expect this from a lean fanatic, like me. But what did the team say?
“Very positive: can only become better”
“Brings a lot”
“Nicely shows the interactions”
“Excellent overview of the specific supply chain”
Finally, we presented the whole workshop planning, process, and outcome to senior management, by showing them around in the meeting room filled with flip charts.
So, what did it show? A lot! You may have noticed the triangles on the map. They represent waiting time/storage and, therefore, waste. The actual process time is less than 20 days while the whole process, or the lead time, takes over 200 days. Just imagine the value of all that (intermediate) stored product; or, as you could put it, money not paid by the customer. Some of the more recognizable findings were:
And yes, of course, there were many other opportunities for improvement: the process planning; transportation to and from the warehouse; decreasing waiting time of the drug substance, and change over time at packing (the list goes on).
The only step left is to actually start improving on all your new improvement projects! If you’re getting the feel of lean you might want to read about the DMAIC-methodology (define-measure-analyse-improve-control). This methodology will help you and your team to be data-driven, focused on bottlenecks and result-driven.
Blog by: Marc Stegeman - Principal Consultant & Certified Black Belt at Xendo
Are you always ready to be inspected for your (GxP) activities in your facility? Is compliance and data integrity implemented firmly in your QMS? Are the systems in your (GxP)
It’s evident that you should always be ready for a(n) (un)planned internal/external inspection. Preparations for these external audits can be done by planning internal ones to ensure that both compliance and performance are controlled and corrective actions can be taken at an early stage. This way you and your colleagues are all prepared to face to the inspectorate as they make their way through your facility and documentation.
Although there are various types of audits and inspections, there is a trend that shows the inspectorate is focusing increasingly on data governance and data integrity.
So, what do we mean when we mention data integrity? Most usually it refers to the ALCOA+ principles, a commonly used acronym for:
It puts an additional emphasis on the attributes of being complete, consistent, enduring and available (implicit basic ALCOA principles).
Data integrity standards are met if the degree to which a collection of data is complete, consistent, traceable and accurate. The data is considered to be integer assuring that the accuracy and consistency of data over its entire life-cycle are always guaranteed.
If your data falls short of these standards (after an inspection or gap assessment), you have encountered a data integrity issue; an action or event that could cause, or is evidence of false, misleading, inaccurate, or incomplete data and/or documentation.
You really don’t want this to happen and should always try to be avoided regardless of the costs. These issues have serious consequences for your facility, compromising your company’s legal status/leaving you vulnerable to lawsuits. Government agencies actively conduct audits on this topic and enact fines.
Data integrity and compliance are entangled to such an extent that good data integrity management has become an important component of the pharmaceutical industry’s responsibility. It’s being integrated
Setting up a basic QMS is a vital first step and the basis of a company’s assurance that it delivers what it promises. The main challenge here is to keep it up to date at all times. As a fundamental part of the QMS, data integrity needs to be documented properly in it and follow the ALCOA+ principles.
CLASSIFY YOUR DATA
Data can be classified by its level of sensitivity, value, and criticality regarding your facility. This classification of your data will help you to determine baseline security controls for the protection of your data. For example, confidential data is a generalized term that typically represents data classified as restricted to authorized persons only. This term is often used interchangeably with sensitive data. The way that your company classifies data should be documented in the QMS.
KEEP TRACK OF DATA FLOW
Keep in mind that all your activities regarding data handling in a controlled data lifecycle environment must cover the following aspects:
This list above for data management and GxP records is applicable to all personnel involved in e.g. research, design and development, sourcing, production, testing, retention, shipping, distribution, installation, service, marketing, and post-market surveillance of any pharmaceutical product.
All activities performed within above-mentioned aspects need to traceable. You always need to be able to reconstruct a complete roadmap of a drug or medical device’s history and you’re accountable to be able to resolve who has contributed what to which activity where and when.
IMPLEMENT ACCESS CONTROL
Working with a computerized system in a controlled environment forces you to have access controls for systems and audit trails in systems (technical measures) in place. This is to ensure that only authorized people can log in with their credentials using only the role(s) there have been assigned. This role is assigned based on personal training and a level of activities to be performed in the system. To ensure access can be granted correctly, appropriate policies, procedures, and controls need to be in place (in the QMS) to remain compliant with the applicable legal requirements.
Once logged into the system, the software should have an up to date audit trail which is basically a chronological record of activities performed in the system. It’s considered sufficient when you’re able to reconstruct, review, and examine the sequence of activities surrounding or leading to each event from inception to the final output.
On a regular basis, an audit trail review needs to be performed. So, what does that mean for your facility? You need to arrange for a periodic assessment that should include a sample of relevant audit trails, raw data, and metadata as part of self-inspection to ensure on-going compliance with relevant policies and procedures. The way of performing the assessment should be written down in a work instruction which is maintained in the QMS.
In the pharmaceutical industry, training of all personnel is key, so an understanding of data integrity principles and issues should be included. If your personnel is trained adequately, they’ll be able to identify possible data integrity issues while performing their own assigned tasks and duties; use this to your advantage. Like everything else, these training sessions are recorded in a training record and consequently stored correctly and can be presented to the inspectorate if necessary.
PREPARE FOR INSPECTIONS
Ideally, you should have a stable situation in your facility where a complete QMS, containing work procedures, describes and guides all your processes. By having this QMS in place, trained personnel create various integer deliverables according to predefined processes. And the inspection should only be a confirmation of this.
Obviously, nobody’s perfect and probably no QMS is either. With this in mind, it’s encouraged to demonstrate that you have remedied possible data integrity issues by hiring a third-party auditor to determine the scope of the problem and by implementing a corrective action plan. This yields extra confidence that you are proactively closing gaps in processes related to your facility, equipment, personnel or procedures.
Consider this take away message for your daily agendas:
Look at inspections and inspection results. Frequently, deficiencies relating to data integrity are the ones leading to GxP Non-Compliance. Subsequently, data integrity is not only an IT topic; it includes all handling of information in GxP environments. Every change to data has to be initialed and dated by an authorized person, the reason for change need to be crisp. The original data has to stay legible despite all changes performed, this for paper documentation and electronic records.
Feel free to contact us to with any other questions on data integrity or have a look at one of our other blogs on the topic.
Blog by: Ton de Ridder