Bend or break: increased regulatory burden for medical device Own Brand Labelling

#Bend or break: increased regulatory burden for medical device Own Brand Labelling

For medical device Own Brand Labelling (OBL) manufacturers, the regulatory requirements in Europe will change significantly with consequently major impact on the way of doing business. Right now the rules are changing and it will be a bend or break situation.
Private-label products or services are typically those manufactured or provided by one company and sold under another company's brand. This approach is used by a great variety of organizations and also within the medical device industry. In short, the OBL sells the device, while the design, manufacturing, and packaging of the medical device are executed under the full responsibility of the Original Equipment Manufacturer (OEM).

Until now, compliance to the European Medical Device Directive 93-42/EC (MDD) is secured by a CE Certificate of the product of the OEM, which is the objective evidence that the medical device complies with the requirements of the MDD. The OBL only has to generate an abbreviated Technical File (TF), based on which a Notified Body (NB) can grant a CE Certificate to the product of the OBL. The prerequisites for this approach, are that the OEM product is not modified by the OBL, the labelling is essentially identical between the OBL and OEM product and the intended use is also the same. Recently, however, a different view on conformity assessment of OBL medical devices has been developed.

EU Recommendation

It all started with the European Commission recommendation “on the audits and assessments performed by notified bodies in the field of medical devices” that was published four years ago in the Official Journal of the European Union (L253/27-35, September 25th, 2013, 2013/473/EU). Though the recommendation on unannounced inspections was thought to be non-mandatory, many manufacturers were surprised by these audits. Additionally, this recommendation zooms in on the OBL/OEM situation, as can be read in a separate paragraph with the title “General advice in case of outsourcing of the production via subcontractors or suppliers”. It is remarkable to read that the OBL’s approach described above is no longer valid according to the Commission, because “manufacturers do not fulfil their obligation to have at their disposal the full technical documentation and/or of a quality system by referring to the technical documentation of a subcontractor or supplier and/or to their quality system" (meaning, a simple statement that the OEM holds the documentation is not deemed sufficient).

Following this recommendation, the British Medicines and Healthcare Products Regulatory Agency (MHRA) published a draft guidance on this particular OBL/OEM topic last year (Own Brand Labelling, Version 1.0, April 22nd, 2016). In this guidance, the Commission’s recommendation was fully embraced by the MHRA. In the introduction, it is also stated that review of an abbreviated Technical File was not deemed feasible not only by the British authority but also by the other EU Member States. The MHRA is quite clear and detailed on the responsibilities of the OBL with respect to compliance to the current MDD, and any OBL manufacturer will recognize that this will increase the workload of its regulatory department. The MHRA ends the guidance with a cliffhanger:“MHRA recognizes that in some cases Notified Bodies will take different views regarding own brand label and original manufacturers.”. This draft guidance was replaced just last month by a final guidance. Although the title has changed to “Virtual Manufacturing replaces Own Brand Labelling for medical device manufacturers” (Version 1.0, March 2017),the goal of the guidance remains unchanged. So the main question right now is: What are the Notified Bodies doing about this??

What now?

Although it is too early to speak of a game change, it is apparent that (some) Notified Bodies are already following suit to the Commission’s recommendation and the MHRA guidance. This is understandable because both institutions are of high reputation. It is also understandable from another perspective; the current legislation for medical devices will soon be succeeded by the so-called Medical Device Regulation (MDR). The MDR is much more detailed and clearer on many issues than the MDD. One of these issues is that the text of the Medical Device Regulation (MDR) supplements the lack of clarity in the Medical Device Directive on the roles and responsibilities of an OBL. Article 10(4) of the Regulation does not leave much room for the OBL, as it reads “Manufacturers of devices other than custom-made devices shall draw up and keep up to date technical documentation for those devices.”; no exceptions are granted for the OBL. The Regulation will be published in May this year and it is not expected that there will be any changes in this part of the proposed text as known today. So it is understandable that Notified Bodies will already tune their conformity assessment approach to the successor of the MDD.

One of the reasons to generate the MDR is given in the preamble of this regulatory document: “At the same time, this Regulation sets high standards of quality and safety for medical devices to meet common safety concerns regarding these products”, which is easily understood when one recalls the fraud case in France regarding leaking breast implants and the turmoil it created throughout Europe. The MDR will fully replace the current medical device legislation, i.e. the MDD, within a three-year transition period. During this transition period, a medical device manufacturer has the choice to either comply with the MDD or with the new MDR, and the CE Certificate issued by the Notified Body will refer to the chosen legislation. But it can be expected that some Notified Bodies will already enforce the stricter OBL obligations defined in the MDR, the MHRA guidance, and the Commission’s recommendation, even if the OBL manufacturer chooses to comply with the MDD and likes to continue their business as usual.

Steps to take

As a result, the OBL manufacturer should be planning for additional regulatory work in the three years to come or even sooner. The regulatory effort should be spent to the following main topics:

  • the current abbreviated Technical File for the medical device product should undergo an overhaul, with more emphasis and details on amongst others risk management;
  • a detailed quality agreement with the OEM needs be made up (not only the general aspects regarding distribution and pricing need to be spelled out);
  • detailing the various roles and responsibilities of both the OBL and EOM;
  • the OBL should engage in performing activities for Post Market Surveillance (whereby not only a reactive approach is followed but also a pro-active).

Continuing business as usual will not seem to last much longer; CE Certificates for new products or renewals will most probably be taken care of by Notified Bodies in a way that differs substantially from the past.

Concluding, regulatory burden for medical devices put on the European market by an Own Brand Labeler will increase in the future and this future is near. The OBL could argue that this increased effort will not increase the safety of the products, but the Notified Bodies decide in the end, and their new direction has become clear recently. Because the activities involved will require a substantial lead time, it is time to act now in case of the medical device OBL manufacturer.

Author: Marc Klinkhamer - Principal consultant

5 zaken om op te letten bij een Richtlijn 7 meting

#5 zaken om op te letten bij een Richtlijn 7 meting

Nog steeds heerst binnen ziekenhuizen veel onduidelijkheid over het toepassen van de Richtlijn 7. Diverse beroepsverenigingen hebben er een mening over. Het opheffen van de WIP in de huidige vorm heeft hier geen positief effect op en het toetsingskader luchtbeheersing operatieafdeling van de IGZ maakt u als OK-managers onzeker over het mogelijke resulterende beschermde gebied. Want wat als er een (te) klein beschermd gebied als meetresultaat tevoorschijn komt. Is opereren dan nog toegestaan? Verschillende meetbedrijven komen met uiteenlopende conclusies en ook bij her-metingen verandert het beschermd gebied van grootte. Wat is nu waar? En welk bedrijf heeft er nu goed gemeten?

Laten we één ding vooropstellen; het doel is het verkrijgen van het optimale beschermde gebied. Dit gebied is afhankelijk van een veelheid aan parameters. U als OK-manager samen met de technische dienst en de Deskundige Infectie Preventie zijn verantwoordelijk voor het goede beheer van deze parameters. Een meetbedrijf bepaalt de eisen niet, dat doet u zelf.

In het werkveld valt er nog veel te winnen op het gebied van validatie en RL 7 metingen, het is dan ook vaak het geval dat in ziekenhuizen de OK-managers geen andere keus hebben dan afgaan op wat meetbedrijven zeggen. Het is niet voor niets dat er veel symposia georganiseerd en druk bezocht worden over dit onderwerp.

Een Richtlijn 7 meting leidt niet tot afkeur

Met een richtlijn 7 meting wordt aangetoond wat het werkelijke beschermd gebied is waarin relatief veilig geopereerd kan worden. Wanneer er ook instrumententafels, apparatuur en mensen in het beschermd gebied aanwezig zijn waardoor de ruimte als te klein wordt bestempeld moeten er maatregelen worden genomen.
Dat kan op verschillende manieren, maar eerst terug naar de basis: een Richtlijn 7 meting zal niet tot afkeur leiden van een operatiekamer, maar zal ook niet altijd het verwachte beschermd gebied opleveren.


Een OK wordt ontworpen op basis van ontwerpspecificaties met als oorsprong gebruikerswensen, wettelijke eisen en omgevingsfactoren. Het is belangrijk om op de hoogte te zijn van de ontwerpspecificaties, want op basis van deze parameters zal een RL 7 meting worden uitgevoerd. Wanneer er in verloop van de tijd parameters, zoals temperatuur, vocht en drukinstellingen, zijn veranderd (en hopelijk gevalideerd), zullen deze als uitgangswaarden gebruikt worden bij de RL 7 metingen.

Wat belangrijk is om te weten voor u als gebruiker

Als gebruiker moet u weten tegen welke parameters wordt gemeten voordat de meting plaatsvindt. Hoe gaat er gemeten worden? En welke werkwijze past het meetbedrijf hierbij toe?

Sensoren (zoals temperatuur, vocht en druk) dienen gekalibreerd te zijn. Wat is kalibreren? Kalibreren is het vergelijken van een meetstandaard of instrument met onbekende nauwkeurigheid met een andere meetstandaard of ander instrument met bekende nauwkeurigheid met als doel alle afwijkingen in nauwkeurigheid van de meetstandaard of het instrument met onbekende nauwkeurigheid te ontdekken, aan elkaar te relateren, te rapporteren en zo nodig en mogelijk te elimineren door justering.
Kort gezegd: Het te bemeten instrument samen met een herleidbare referentiestandaard plaatsen in een bron waar je verschillende waarden mee kan creëren. Bijvoorbeeld een temperatuurkalibratie op 10-20-30°C creëren in met een bron, aflezen op het monitoringsysteem en referentiestandaard.

In de praktijk betekent dit dat de meetmethode, ranges met afwijking van de sensoren, ingestelde gevalideerde parameters moeten worden vast gelegd in het luchtbeheersplan van de OK en opdekruimte. Ook moet hierin dus worden vast gelegd hoe er omgegaan wordt met veranderingen (Change Control) en storingen.

5 zaken om op te letten dat u als verantwoordelijke met een gerust hart een Richtlijn 7 meting laat uitvoeren.

  1. Zorg dat u, het OK-complex leert kennen. Wat zijn de ontwerpeisen geweest of met welke ingestelde waarden wordt de meting uitgevoerd;
  2. Vraag de uitvoerder van de meting om uit te leggen wat hij/zij gaat doen. Bij voorkeur in een protocol omschreven. U moet het eens zijn met de methoden van werken;
  3. Een te klein beschermd gebied leid niet tot afkeur. Ga opzoek met specialisten naar een oplossing. Dit zit niet altijd in grote verbouwingen of andere kostenverhogende oplossingen;
  4. Zoek een partner met verstand van zaken die u verder kan helpen dan alleen het uitvoeren van de meting en die u kan adviseren op het moment dat het bepaalde beschermde gebied te klein is.
  5. Zie een Richtlijn 7 meting als uitgangspunt om verder te kunnen bouwen aan een patiënt- en werknemerveilige omgeving.

Een Richtlijn 7 meting uitvoeren om alleen de omvang van een beschermd gebied in de OK en/of opdekruimte te bepalen is het basisniveau. Een reproduceerbare Richtlijn 7 meting uitvoeren vraagt meer expertise. De echte toegevoegde waarde zit in het verkrijgen van het inzicht waarop verder gebouwd kan worden om het beschermd gebied zo groot mogelijk en werkbaar te maken voor de gebruiker. Om verder te komen dan alleen een meetresultaat is het van groot belang de juiste kennis en ervaring in huis te halen om een robuuste oplossing te ontwikkelen voor een optimaal veilig gebied.

Auteur: Alex van den Berkt - Managing consultant 

Why we love the Lean Game (and you should too)

#Why we love the Lean Game (and you should too)

Tight schedules and high stakes are pretty common in the Life Sciences industry and due to this continuous pressure, we sometimes forget to ask ourselves the right questions and challenge processes which have been in place for so long. When is the last time you asked yourself this like: “It may be effective, but how efficient? And what does it mean in terms of costs? And does it even increase certainty?”

• We always get the drug product manufactured in time, no matter what it takes!
• We deliver the project results, but it takes a lot of hard work to get everybody aligned.
• We filed the regulatory dossier, but it was a very complicated and extensive process!
• As logistics department, we are the last one in the chain and therefore our timelines are always tight and mistakes are easily made.

If any of these quotes seem familiar you and your colleagues might benefit from a Lean Game. Experience these sorts of practical examples in a Lean Game customised for the Life Sciences Industry!

Most industries are applying Lean Six Sigma principles in their projects and processes in order to optimise results and to deliver robust and optimal solutions. Originally part of Toyota’s Just-in-time Manufacturing, this strategy is now also widely implemented in biotech, pharmaceutical, and medical device companies in which waste reduction, time-saving and process improvement can make a significant difference, not just to the manufacturing processes but also to product and process development, Quality Assurance and laboratories. To experience these situations, we have developed a Lean Game specifically for Life Sciences companies. The Lean Game is a practical example of all the challenges we face in our daily work life. The Lean Game is about applying five principles consistently and rigorously. In short: produce exactly what and when the customer needs, without any waste.

The set-up

Pretend we have a pharmaceutical company, Xendo Pharma, which produces Xendolor tablets of 1, 2, and 5 mg. We get orders from our customer, GB Pharma which brings Xendolor to the market in 3 different countries. Your staff is divided into groups of about 8 players and each player represents an employee with a different role within the company; and one customer.


• A demanding customer
• A manager with a lot on his mind
• A meticulous planner – who takes orders from the customer and ensures the production planning
• Primary Packaging operator “does what is told” – responsible for the first line of packaging
• Secondary Packaging operator – responsible for the second line of packaging
• Internal transport - carries all materials to the various locations
• Warehousing – stores all of the product
• Distribution - handles customer orders and delivers the products
• Qualified Person – takes his QA role very seriously
• Improvement Engineer – enjoys improving all the time

These roles all have fictive actions similar to real-life experiences like gathering different tablets and creating batches, adding product labels and expiry dates, and continuously keeping up with documentation. After a brief explanation, three rounds are to be completed, with the ultimate goal of delivering the right quality at the right time to our demanding customer. Between round, each team has its own improvement workshop “kaizen” to figure out how to remove unnecessary motion, improve flow and to come up with an improved process and demonstrate it in the next round.


Another important aspect is the discussion between the different groups to come up with best practices. It’s all about speed and flexibility versus compliance and documentation. In fact, dilemmas we normally encounter in real life, also pop up during the game. Of course, all throughout the game, participants have every possibility to ask questions to the Black Belt who facilitates the Lean Game to learn as much about Lean Six Sigma and how it might apply to their daily activities.
The game is concluded with a break-out session on how we can apply the principles learned in our daily work; this way you can put your newly found knowledge to the test immediately. The average length of a Lean Game is approximately 3 hours after which your team is educated and motivated to start improving efficiently.The outcome of a Lean Game is an enthused team with higher team spirit, a general awareness of lean principles and the possibility to identify improvement opportunities in your daily work.

When you are interested in learning what Lean can do for your organisation, or when you are interested in a team building exercise with your department or company, use the contact form on the right and we will get back to you to discuss the possibilities. We invite you to challenge yourself, your colleagues, and your processes and try our Lean Game.

LBSP Singelloop 2017

#LBSP Singelloop 2017

Xendo and Leiden Bio Science Park organize a charity run during the ‘Leiden Singelloop’ on 14th  of April. This year we will be raising funds for the Xenia Hospice in Leiden. Both companies and individuals can join.  Last year we had more than 50 participants and we hope to see more enthusiasts join us this year!

If you want to join please register by making use of our contact form on the right; including your personal info and whether or not you will be sponsored by your company.

We are looking forward to seeing you at the Singelloop in April.

More info here. Please feel free to forward this event to your colleagues!

Last year's runners!

Argus Safety Database

#Argus Safety Database

Oracle Argus is regarded as the ‘golden standard’ pharmacovigilance safety database. By applying a multi-tenant approach and by using the Argus workflow manager Xendo has lean processes in place enabling us to offer this software as a cost-effective solution. With this state-of-the-art database, reports for case processing can be generated independent of the size of a corporation. With the Argus Safety Database, Xendo offers the wide scope of activities to biotech, pharmaceutical, and medical device companies of all sizes looking for a cost-effective Adverse Event Management solution.


The focus on risk management and early signal detection have significantly increased, extending across the entire life-cycle of a product. Together with diminishing R&D budgets and a highly specialized environment, it has become a challenge to match the regulatory requirements of an effective pharmacovigilance system, and to ensure the minimization of possible risk to patients.


In the ARGUS database, safety data are stored and can be extracted for signal management and periodic reports. It also allows to process substantial data sets of clients in a secure and efficient way, support the automation of the reconciliation and compliance reporting, and support the invoicing process, as the database is able to provide such task-specific reports.

Companies with a dataset are strongly advised to have a safety database from early development onwards, as this allows them to manage their safety data in a structured way, which is in line with the expectations of regulatory authorities. With the ARGUS safety database, we offer clients access to a first-class database managed, maintained and validated by professionals (Foresight), ensuring business contingency and management of their safety data fully compliant with regulatory standards.

The expedited reporting of ICSR to the different authorities is a regulatory requirement for sponsors of studies (SUSAR reporting) and MAHs of human and/or veterinary medicinal products and medical devices. Depending on the company and involved products we offer tailor-made solutions.

PV Query Tool

Additionally, we also provide our customers with the possibility to query the Global Safety Database to enable analysis of the safety data captured. This is a specific functionality offered by using the PV Query Tool, enabling provision of optimized datalistings, that would normally only be available to the larger companies. Using the tool allows additional ad-hoc querying and reporting against the Argus Safety MT database.

The Query Tool allows the user to create, execute, save and load ad hoc and client specific queries, which result in a case series/hit list being created when executed. The data is presented in an easy-to use interface, where the querying fields that are selected (like Receipt Dates, Drugs, Event Terms, SMQs, Study Information, Submission Information) can be presented on one single screen and capability to add additional tailor-made listings. The fields to be included is variable, which offers a high flexibility on the data presented. These queries can be run according to the clients need for data output.


  • Self-service for end users
  • Reduced external dependency
  • Fewer custom reports / improved query response time
  • Improved response to unplanned queries (audits/inspections)
  • Ensures data quality and consistency
  • Increased insight into your data
  • Ensures data availability (querying and reporting on almost all Safety case data fields)


Dedicated Xendo AEM team

Our dedicated Adverse Event Management team is optimally integrated with other Xendo teams, like  Medical Safety Science, Auditing, QPPV and Regulatory Affairs, combining over 25 years of experience. Additionally, we are experienced with the various agencies (including PMDA, Japan), and can ensure global compliance in an ever-changing regulatory landscape.This places us in the unique position to support our clients with an end-to-end solution to pharmacovigilance. 


As Argus is very adaptive, all process steps can be managed by Xendo but clients can also choose to perform any of the steps internally (e.g. medical review, QC). Another possibility is that the client grants access to its own database, allowing our staff to process data on their behalf.


Configuration, validation, and migration are often rather challenging due to a very specific need for expertise. Therefore, our services include planning and execution from your current database to the Argus Safety Database.


  • Single global safety database
  • Data migration
  • Case processing
  • Case reconciliation/sharing – partners
  • E2B and ICH-compliant
  • Support data extraction for periodic reporting
  • Advanced querying and reporting
  • Visibility of KPIs and case processing metrics
  • Datasource and support for signal detection on Argus AEs

Demo & Additional information

Please use the contact form to request a demonstration of Argus or receive additional information on how this solution might benefit your company. 

Learn how SMB reduces downstream processing costs

#Learn how SMB reduces downstream processing costs

Simulated Moving Bed Adsorption significantly reduces downstream processing costs

This paper gives an overview of industrial SMB chromatography and focusses on the strategy how to develop a purification system either in the early development phase of a product or to assess whether a batch process can be optimised and scaled into a continuous process.

Biotechnological fermentation processes are widely used in industry to produce an abundant range of organic products which often need to be purified in order to meet high-quality standards.
Typical bioprocesses comprise:

  • upstream (USP, e.g. prior to, and including fermentation)
  • downstream (DSP following the fermentation-harvesting, e.g. purification and crystallisation)

Industrial Bioprocesses can be characterised by a few common rules of thumb:

  • Typical fermentation broth contains many compounds (product, sugars, proteins and biomass residuals)
  • Downstream processing is necessary for purification and accountable for the highest process costs

Reducing downstream process steps can reduce capital investment and operational costs and reduce the overall energy consumption of an industrial process.

Downstream processing: the basics

Conventional downstream processing involves biomass separation from the soluble fractions of the fermentation broth as a first step (e.g. filtration, centrifugation). Hereafter, other downstream process steps follow, depending on the required product purity and concentration. Decolorization is often necessary to remove the brownish colour of a fermentation broth, caused by degenerated sugar and proteins. Adsorption chromatography is widely used to bind the product of interest or the impurities to a specific resin (sorbens), packed in a column (packed bed). The bound product is then eluted and can be used in further processing like crystallisation. After elution, the resin/column is regenerated and cleaned (CIP-Cleaning In Place).

A typical process flow diagram is shown in the figure below.

Conventional bioprocesses can be summarised by the following steps:

  • Biomass removal (e.g. flocculation, filtration, centrifugation)
  • Decolorization
  • Adsorption Chromatography
  • Concentration and Crystallisation

Simulated Moving Bed Chromatography

In adsorption processes, the adsorbent is held in a (pressure) vessel, most often called a resin vessel. The stationary phase is referred to as a packed resin bed. As the process fluid flows through the vessel, the resin attains an equilibrium with the process fluid, resulting in a mass transfer zone that gradually moves through the bed. If the mass transfer zone has reached the exit of the resin bed, the bed is saturated and “breaks through”. The resin needs to be washed and regenerated before it can be loaded again. As a consequence, continuous processing of the liquid requires at least two fixed beds, but usually, three beds are installed.

In the previous century, the advantages of continuous countercurrent processing have been recognised for adsorption processes, as well as for other mass transfer processes.
In SMB technology, the chromatography material is kept inside columns or vessels. The transport of the chromatography material is obtained by periodically switching in- and outlet positions.
In the 1980’s, the SMB concept was originally developed for binary fractionation processes, where a stronger and weaker binding component are present in the feed solution and are separated into two product streams:

  1. Extract phase, which contains the stronger binding component.
  2. Raffinate phase, which contains the weaker binding component.

A state of the art example of such fractionating system is the production of High Fructose syrup fractions in the sugar industry. Here the Fructose is the monosaccharide with a stronger affinity towards the resin compared to Glucose.

At a somewhat later stage, the same concept has also been developed for bind and elute systems. Bind and elute systems typically comprise –at least- the following zones:

  1. Adsorption of the active ingredient or, in some case, impurities
  2. Adsorption wash, to replace the mother liquor (from fermentation broth) by water. This is to prevent contamination between elution and adsorption zone
  3. Elution, to desorb the active ingredient that has been adsorbed in zone I
  4. Elution rinse, to prevent contamination between product- and feed stream (zone I)

This zone distribution is not restricted to the four as mentioned, for instance, regeneration and cleaning in place have been frequently applied.
Bind and elute SMB systems are designed in carrousel configuration, featuring a central rotating fluid distribution valve, and a static vessel configuration featuring a valve block for each individual resin vessel. Each valve block is identical and comprises a number of valves accommodating all in- and outlet flows that have been defined for the chromatographic cycle.

The below figure represents a typical conceptual flow diagram for a bind and elute system.

Bind and elute IX chromatography systems based on the SMB principle has opened a huge field of applications where valuable products are recovered or purified on a continuous basis thereby saving substantial water consumption as well as elute and regenerant agent.
Xendo has the experience and capability to design and build custom-made SMB continuous Ion Exchange and Chromatography systems under the product name XPure™.

Development studies

In general, a process development study can be approached from different angles and started or initialised in different stages of the study.
When developing a production process first the target objectives should be defined; what is the required yield and purity of the target compound; what is the composition of the starting material (feed); which recovery or purification process is most beneficial in terms of energy (including clean water) and material consumption and gives the least waste production; what is the scale of continuous operation.
If industrial (IX) chromatography could be a (or one of) potential route, we then start surveying the literature on the presence of similar or equivalent applications for the particular compound or molecule under study.
If literature cannot elucidate the case, based on the molecular structural or other adsorption relevant characterisation, a resin screening study can be conducted. The outcome would be one or several resin functionalities that are preferably commercially available.
A lab scale column test on a representative feed sample – a so-called pulse-response test- repeated for a few different resin species will obtain a strong indication of the effectiveness of a specific adsorption system.
Depending on the specific adsorption capacity of the target molecule onto the resin, further column tests – so-called breakthrough tests- will produce data on the resin capacity and information on how to elute (buffer composition, treatment ratio) the target molecule.

In the case, that potential resin candidates can be identified for the purification job the column tests can be elaborated with further break-through or pulse-tests at variable process conditions that cover the window of operation in a full-scale industrial setting. Typically this is conducted on one or two best performing resin candidates from the previous stage.
Here a Design of Experiment approach combined with the rationale of experienced chromatography engineering practice is used to define how many column tests will be conducted and what parameters will be varied at different levels.

Based on the data from the extended tests a preliminary process design and CAPEX/OPEX estimate can be made. Here we have developed our design tool where all relevant parameters can be put in and the outcome shows a full-scale SMB configuration and equipment dimensions. Dimensional data refer to a number of individual resin cells, dimensions of resin cells, line and valve sizing and pressure drop per distinct zone.

The design tool is based on the 2-film mass transfer kinetics model which is the principle for which we have created an algorithm. The design tool further features the (universal) Kremser equation for counter-current contacting.
A set of physical and mass flow-related variables have been accounted for. The most important parameters are:
Resin porosity, particle size (specific area) and evidently the most important -- specific adsorption capacity; diffusivity in both liquid and stationary phase; void fraction of resin bed; bed velocity; fluid viscosity and temperature.

The design tool could also be deployed if the adsorption system is a state of the art process, or close to this. In that case lab scale column tests could be skipped, and the specific feed characteristics need to be combined with the (specific) resin type that could do the purification/recovery job.

The output of the design tool can be used to do preliminary cost and value engineering. The outcome is essential to evaluate the purification/recovery process.
In the case of a positive decision, i.e. a (IX) chromatography process is the most beneficial and cost-effective route, the process can be optimised on a (slightly) larger scale.
Here we can enter two different scales for piloting.A mini pilot or lab-SMB system featuring small resin cells up to 1-inch column diameter and on average 200-500 mm bed height that still can be operated on a lab scale.

1. A mini pilot or lab-SMB system featuring small resin cells up to 1-inch column diameter and on average 200-500 mm bed height that still can be operated on a lab scale.

2. A large pilot SMB system featuring a bit larger resin cells from 1-4 inch column diameter on average 400-1000 mm bed height.

The selection merely depends on the availability of adequate feed and buffer volumes, any uncertainties that may not adequately be identified on an industrial scale, for example, impurities presence and identification, the presence of suspended solids or temperature variations.
The large scale pilot system typically works on site, close to the operating plant or at a pilot facility.

The outcome of a pilot study will be a robust design of the industrial scale process also featuring chemical consumption figures, product yield and purity. From the design data, the basic engineering of auxiliary equipment –like pumps, inter-stage tanks, piping, instrumentation etc.- can commence. Ideally, a commercial design proposal is the final delivery of a pilot study. The client/end user can now make a final assessment of the chromatographic process, possibly comparing this –if any- with alternative purification processes (e.g. batch wise adsorption, crystallisation, evaporation, distillation et cetera)


Simulated Moving Bed has distinct benefits over classical single column systems with significantly higher yields / productivity and lower consumption of chemicals, water, and energy.  Also, it lowers production cost due to the lowered column volume and diminished use of chromatographic separation medium (resin) and, of course, less labour.

This continuous production system is increasingly used on industry scale and also becoming more popular in the pharmaceutical, fine chemicals and food sectors due to its capability to be integrated into production plants, where it contributes by delivering high concentrations of product under the beneficial circumstances mentioned before. Because of these advantages, we see a bright future for this technology for separation, purification and recovery, turning simplistic batch separation operations into profitable continuous processes. Next to these advantages, SMB fits seamlessly into the developing trend of sustainable solutions and the realisation of a bio based economy.

If you’d like to investigate what SMB could mean for your production processes don’t hesitate to contact us or have a look at our currently available systems: XPure-C & XPure-S. We also have a wide variety of pilot studies available for those interested.

6 essentials to introduce Lean Six Sigma in Life Sciences

#6 essentials to introduce Lean Six Sigma in Life Sciences

6 essentials to introduce Lean Six Sigma in Life Sciences

We have come a long way in lean manufacturing since its introduction by Toyota and we apply it in most industries today. We take into account many relevant factors, such as costs, efficiency, supply reliability, quality, and compliance, and we define, measure, analyse, improve and control them. Our field, the Life Sciences, is as diverse as it is well-regulated, meaning it is most certainly a challenge to comply with ever-changing regulations and guidelines (which may or may not contribute to patient safety, quality and/or efficacy). But though it may be challenging, there are most certainly gains to be made here.

To assist in the first steps of setting up lean manufacturing processes we have some best practices lines up for you to try out in your organisation:

1. Engagement

Make sure that everyone, from CEO to supervisor is engaged. It is like an upside down pyramid where the top enables improvement at the bottom. First of all, demonstrate your commitment. You know about biotech, pharma. Learn about Lean Six Sigma and combine these. It’s not only about the processes, metrics, and the production system, but most of all it’s about mindset and behaviour. We are all very much aware of GMP and compliance in life science. Combine with Lean 6 sigma and integrate. Try to implement it in your daily routines. Do regular walk-throughs in the areas where it all happens. The real improvement doesn’t happen in the manager’s office or a meeting room. Ask questions and listen. Be present at opening and close-outs of improvement workshops (kaizens) and be present at daily stand-up (tier) meetings. In other words, people in the work place have the most extensive knowledge about ongoing processes and experience with daily activities. Don’t come up with solutions by yourself, but make it work with them.

2. Sponsorship

Lack of sponsorship is the most likely reason for failure, so just a few more words on promoting taking responsibilities, the right mindset and behaviour. In the old hierarchical way of doing things the boss knows best and tells you what to do and how to do it. In the inclusive approach, you should ask questions such as ‘What is the problem? Where is the problem? Are you able to solve it? Do you need others? How much time do you need? How can I help you?’ The role of the sponsor is to ask these questions all the time and to make sure they get answered. If we’ve learned anything from programs on badly run restaurants, it’s that 9 out of 10 times the manager (sponsor) is the root cause of the problem. Again, ask integrative questions, e/g what does the change imply for GxP? Have we considered the regulatory impact?

3. Stabilize first

Deviations are symptoms of processes not running smoothly. However, in life sciences, we have made compliant procedures for handling deviations. Make sure to get rid of deviations by searching for and solving true root causes, not just fight the symptoms. A practical approach is a kaizen, a workshop of a couple of days to define the problem exactly, to look for true root causes and solve these. When done properly, they give a lot of positive energy and, of course, annihilate deviation recurrence. The concept is not new, however. Therefore, green and black belts should have the proper background to prepare and facilitate kaizens. In my view, those belts should also have an understanding of life science and the processes at hand. It is the way to connect with people and to gain support for improvement. Again, sponsorship is essential to make a team available and continued support for implementing and sustaining solutions.

4. Activate

Introduce visual management and short (15 min) daily stand-up meetings – and become actionable. In many meetings, we talk about things. You will be amazed that just standing in a meeting rather than sitting will make the mood more actionable. It also allows you to escalate any issues within a day to senior management. Applying visual management enables you to make problems more apparent and once visible you can start solving them. It usually starts with a shift transition at production (tier 1): Are we meeting our production schedule? Are we experiencing any issues with people, safety, quality, delivery, and/or costs? What do the facts and figures show us? Ok or not ok? Can we solve all issues or do we need to escalate? At the next level (tier 2), the supervisor discusses the more substantial problems with the production manager, QA, logistics and others who might be involved. Also, metrics at a higher level are shown. Finally, the production manager meets with the management team at tier 3 for escalation of major issues. And this is all done within one day. And once again, it is the integrated approach that works, not Lean Six Sigma for the sake of saving costs. Lean processes are also more GMP compliant, safer, and yield better quality at lower costs. On top of that, people working in these improved environments are generally experiencing less stress and more satisfaction in their work.

5. Shift the paradigm

Introduce a system where everybody in the organisation focuses on solving problems definitively, not just fire-fighting, tweaking, and fixing. Not just the green and black belts for solving the major issues, but for everybody, at yellow belt level, is continuous improvement part of the DNA and their daily job. Solving many small problems can also add up to a large sum. Again, it is the mindset. In one example, 30,000 A4 paper was saved every year, just by asking the question: Do we need to print all this? And not just: we need to do this to be GMP compliant. In lean companies, everybody is trained as a yellow belt. This the entry level of belt training. And it is also their daily work to improve small things. Link this improvement process with the stand-up meetings to ensure follow-up and to measure success.

6. Continue improving

Always, all the time, everywhere, everybody. And sponsor!

In the next blog, we will show examples of effective deviation reduction, while maintaining GMP.

If you want to learn more about applying Lean Six Sigma principles in the Life Sciences, please contact Xendo or take a look at the courses we provide together with the Biotech Training Facility (Yellow Belt & Green Belt).

Blog by: Marc Stegeman - Principal Consultant & Black Belt 



We are pleased to announce that after being named an FD Gazelle two times in a row (Dutch Financial Times award), we are now also in the Top 250 Fastest Growing companies in the Netherlands; an initiative by the Erasmus Center for Entrepreneurship (ECE) and 'NL Groeit' (NL Grows).

A place in the Top 250 is awarded to companies who were economically active on January 1st 2012 and have realised a turnover and/or employee growth of over 20% a year.


Outdated facilities – bring back the ‘c’ in cGMP

#Outdated facilities – bring back the ‘c’ in cGMP

New rules, old facilities. How do these two meet? Is it a big black hole or is there light at the end of the tunnel?

When you work in an older facility, you are probably acquainted with one-liners like:

“We have been doing it for years, how can this be wrong”, “never change a winning concept”, “the Agencies approved this before, they cannot suddenly disapprove it”.

Maybe you already faced an inspection, resulting in observations due to aging facilities, processes or procedures. It is a known fact that legislation can change, new developments change the expected ‘state of the art’ solutions. This evolution takes place faster than your facilities do. You probably already experienced that the ‘c’ in the GMP status needs to be brought back into your facility, processes or procedures and it looks like a big hurdle to overcome.
Quality Risk Management
With every recent change in Legislation, the term “Quality Risk management” (QRM) was introduced. Therefore, every Inspector takes it into account during inspections, and they should, because they are looking for evidence that their trust in you is valid. A good understanding of your processes enables you to base your quality-related decisions on solid risk assessments, which is usually beneficial regarding the outcome of an inspection.

Should you also apply this approach in regard to (older) facilities? Should you bother assessing the risks of a facility that you know by heart? Yes, you probably should! Not just to please the inspection, but because it is a useful instrument to assess if your aging facility is in compliance with the current GMP.

Use QRM to answer the question “Is my facility still suitable to my current activities”. How do you start? How do you organize a process like this? The best idea is to take it step by step. Take the time to learn, take the time to assess. Use the knowledge available across your organisation, it is one of your biggest assets. Most likely many risks have already been assessed, but you just never realised, nor documented it. You will definitely face hurdles, but also realise they can be overcome.

Potential hurdles – don’t let them scare you
Bad archiving practices (in the past and present) of both paper-based and electronic information are major bottlenecks in this process. Staff changes mean that some knowledge gets lost and this is usually regarding process history and where to find available information. The archiving bottlenecks can become enormous in these cases, trying to find information in old archives. But that shouldn’t keep you from accomplishing your goals, every outdated facility is facing similar issues.

Identification of gaps and opportunities
First of all, you need to assess your current gaps against cGMP. Ask yourself “What is required for my current activity?”, “What control mechanisms do I have in my process?”. Use QRM to assess the gaps in your facility’s design and its cleanability. Bring in a pair of ‘fresh eyes’ during the assessment, take a step back and dare to re-assess why you do it the way you do. During this process, unnecessary practices may become known. It’s possible that time-consuming activities can be replaced by more efficient practices or can become obsolete altogether. Maybe you can shorten process times because you realise that you overdo your controls. You will certainly gain some opportunities from these assessments. You will lose some, but you will definitely learn things that went unnoticed before.

Define potential risks and wins
Translate gaps into risks. Quantify problems, issues and potential risks. Include, amongst others, the qualified status of equipment, process robustness, knowledge from e.g. deviations, maintenance records, periodic equipment and utility reviews, environmental monitoring program and results. But please also, document why certain gaps are no risk at all!

Translate opportunities into wins. In lean six sigma terms, define the waste!

Analysis of identified risks
Next, you use QRM and you can apply lean six sigma techniques to identify what you really need to do to run your current activities. Define what is causing the biggest problems and wins, rank potential risks and wins in order to focus on the right points. Dare to break with traditions.

Risk Mitigation
Third, come up with a plan to get back into compliance. Even though GMP changed over the years, the fundamental principles have not. Outdated facilities are mostly engineered and commissioned using common sense, but rationales have not always been properly documented. Based on the outcome of your assessments, you can define your risk mitigation actions and this forms the rationale of what to repair or redo.

Set a realistic horizon. Document your thoughts and doings. Make sure you do what is needed and don’t overdo. Also, don’t be afraid to discuss your findings and plan with your inspectorate. Showing progress and willingness to improve can increase the understanding of your current situation.


Legislation changes, though not as fast as it sometimes seems, because it follows the industry. Best practices are gathered over time and form a new baseline. Quality Risk Management is not something new and fancy, but an instrument, applied for ages, just not always formally documented. Make the change and assess your facilities with risk management principles and start to focus on repairs. This is the moment to diminish waste, lower costs, enhance process robustness and stay compliant.
The above exemplifies the risks involved with an ageing facility. When assessed with the right knowledge of legislation, inspections, and manufacturing, these risks can be remediated with a lean six sigma focus, observations can be prevented, and the ‘c’ can be brought back into your GMP status.

Blog by:

Maud Breitbarth - Consultant at Xendo

If you have any questions don't hesitate to contact us, we can be your pair of ‘fresh eyes’!

I4H 2017

#I4H 2017


Like last year, we will also be organising a raffle for one of our customized Xendo VANMOOF bikes! We are looking forward to meeting you there and don't forget to hand in your ticket at our booth (no. 34)!


Innovation for Health is the premier event on healthcare innovations in the Netherlands. It provides a unique opportunity to meet leading innovators, to catch up on the latest trends, to present cutting-edge innovations and to engage leaders and decision makers in healthcare innovation. Innovation for Health features renowned speakers, displays high impact innovations, highlights best practices and demonstrates inspiring developments in healthcare. By bringing together key players and stakeholders across the healthcare & Life Sciences spectrum, and fostering dialogue between research, markets, and policy makers, the event aims to contribute to the future of sustainable healthcare.

Xendo BV acquires Sofus Regulatory Affairs AB

#Xendo BV acquires Sofus Regulatory Affairs AB

Xendo, the Life Sciences consultancy company, is pleased to announce that it has acquired the Swedish consultancy company Sofus Regulatory Affairs AB. Sofus is based in Stockholm and provides regulatory affairs services for all phases of the pharma and biotech development, from early development projects to post-approval services including pricing and reimbursement issues, and has a strong position in the Nordic countries. This acquisition will strengthen the two companies to continue providing the highest levels of consultancy services within the Life Sciences industry. Through this collaboration, both companies will be able to offer new services to their customers in an expanded region.

Xendo was founded in 1990 and is now a leading, independent consultancy and project management organization in the (bio)pharmaceutical, medical devices, and healthcare fields. Xendo currently employs over 150 experienced and highly educated professionals. The areas of expertise include a.o. Regulatory Affairs, Pharmacovigilance, Compliance & Validation, and Engineering & Technical Support.

Sofus was founded in 2002 and is the leading Nordic regulatory consultancy, supplying comprehensive regulatory, quality and safety solutions, to both multinational corporations and small businesses in the Nordics and in Europe. Sofus currently employs around 55 people.

André van de Sande, CEO, Xendo comments: “I am delighted to be leading Xendo in this next phase of growth. The addition of Sofus to Xendo will strengthen our position as a trusted advisor in Life Sciences. We operate in an exciting market and this acquisition offers a real opportunity to further develop Xendo’s services and extend our geographic reach. I am looking forward to working with Linda Thunell and her team.”

Linda Thunell, CEO, Sofus added: “This was a natural step for us in the further development of our business. As part of the Xendo group we will be able to strengthen our presence on the international market and at the same time offer a broader range of services to our clients. Our companies are a good match and together we will be able to offer more of the very best services to our clients.”

For further information, contact:

André van de Sande – CEO Xendo
T: + 31 (0) 71 524 4000



How to classify your Medical Device or In Vitro Diagnostic under the new regulation

Medical Devices have been classified under the Medical Device Directive as 1, 1m, 1s, 2a, 2b and 3. With the increase of the class, the inherent risk increases too. As a result, the regulatory requirements will increase too, not only in number but also in nature. Under the new Medical Device Regulation this approach remains.

For In Vitro Diagnostics the new IVD Regulation will also apply a risk-based approach, which could be regarded as a paradigm shift with respect to the IVD Directive. The classes for IVDs range from A to D, with D the highest risk class. Also for IVDs the new approach will result in stricter regulatory requirements for higher class IVDs.

To assist you in your efforts to classify your IVD or Medical Device we have put the criteria according to these novel regulations in a flowchart.

Feel free to contact us in case of additional questions!

View chart here.

Contact: Marc Klinkhamer - Principal Consultant at Xendo


Xendo announces management buy-out supported by Sovereign Capital

#Xendo announces management buy-out supported by Sovereign Capital

The investment will strengthen the company’s position as a leading consultant and it will have a positive effect on the continuity of business. Current customers will continue to seamlessly enjoy existing services, and Xendo will be able to seek to expand its services and geographical reach, both through organic growth and complementary acquisitions. With a strong track-record as a ‘Buy & Build’ specialist, Sovereign Capital will provide the financial support to grow, develop and expand Xendo.

Under the new ownership the business will continue to operate under its own name. We are also delighted to welcome CFO, Arjen Huijs (previously Jacobs Douwe Egberts) to the current management team.

Read more

Xendo makes the Dutch Financial Times (Financieel Dagblad)

#Xendo makes the Dutch Financial Times (Financieel Dagblad)

BIO International Convention 2016

Xendo CEO, André van de Sande, brought one of our customized VANMOOF bikes to this years' BIO International Convention in San Francisco.

BIO International Convention 2016

Approximately 400 participants showed that the raffle was a huge succes and attracted a large crowd. We wish to congratulate this years' winner, Ruud Smits of NautaDutilh. We are very much looking forward to another succesful BIO again next year!

Biotechbedrijven dromen zich rijk na megadeal Acerta

Xendo makes the Dutch Financial Times (Financieel Dagblad) again!

#Xendo makes the Dutch Financial Times (Financieel Dagblad) again!

Xendo's recent management buy-out by Sovereign Capital has grabbed the attention of the Dutch Financial Times, which placed an article about it today.

In response to questions by FD-journalist Thieu Vaassen,  André van de Sande (CEO) gives insight in Xendo's successful turnaround over the past 5 years.

To read the article (in Dutch) follow this link.

Xendo – Vigilex accepted as candidate for Deshima Business Award 2016

#Xendo – Vigilex accepted as candidate for Deshima Business Award 2016

The Deshima Business Awards are granted to Dutch companies in recognition of successful business achievements in the Japanese market and are awarded by the Netherlands Chamber of Commerce in Japan.

Xendo-Vigilex has shown rapid development, having grown from 60 to over 150 employees over the past years. Next to realizing excellent growth of our European offices, this candidacy shows Xendo-Vigilex is also successful with our Japanese operation. Xendo-Vigilex offers a full scope of pharmacovigilance activities and is successfully supporting many Japanese (bio)pharmaceutical companies, who conduct clinical studies or market their product(s), or intend to, in the EU or US. Besides visiting our customers face-to-face several times a year and having local representation, Xendo-Vigilex also organizes a yearly seminar in Japan, which focuses on understanding EU PV related legislation and guidance on how to implement this in daily business.

Even though the market is competitive, we continuously see growth opportunities for our business and the nomination for the Deshima Business Award confirms this.

Xendo awarded for the second year in a row as FD Gazelle

#Xendo awarded for the second year in a row as FD Gazelle

Xendo was named an FD Gazelle 2016, meaning we belong to the fastest growing companies in the Netherlands again. The Gazelle Awards, an initiative of the ‘Financieele Dagblad’ (Dutch Financial Times), are awarded annually to the fastest growing enterprises, where the main criterion is a turnover growth of at least 20% per year during a three-year period.

André van de Sande (CEO, Xendo) says:

We have realised excellent growth over the past years and we have grown from 60 to over 150 employees. This is the second year we have been awarded a Gazelle, meaning we are showing robust growth of our company. Although we are operating in a competitive market, our clients increasingly know how to find us and we would like to thank them for the trust they place in Xendo.

IDMP compliance: 7 channels to get informed

#IDMP compliance: 7 channels to get informed

Starting from mid-2018, all pharmaceutical companies having medicinal products registered on the EU market will have to have submitted IDMP-compliant data for these products. IDMP stands for identification of medicinal products and refers to five ISO standards defining terms and structures to uniquely identify medicines. While big pharmaceutical companies usually have projects started to ensure IDMP-compliant submission and maintenance of the data, SME companies are mostly still in a phase of orientation.

SME companies are currently analysing the requirements to create their own company approach towards compliance and to estimate the cost of it. Most SME companies plan to start projects in 2017 when detailed guidelines for IDMP requirements are to be published by the EMA.

SME companies usually face the following challenges on their way towards IDMP compliance:

Internal Resources

  • Usually no dedicated function for master data management/ regulatory data management
  • Limited resources available to train employees on IDMP requirements and to keep up to date with changing information


  • Limited financial resources for additional software
  • Limited resources (FTE/external costs) for data collection/ submission/ maintenance

Lack of Benefit

  • No internal business case for IDMP compliance: IDMP compliance is cost only

Limited Official Information

  • Final timelines not published by EMA yet
  • Final requirements not published by EMA yet
  • EMA database not published yet

However, IDMP compliance is not a mystical quest that cannot be solved by common sense. This post will describe 7 different channels of how to stay informed about IDMP requirements and implementation plans of the EMA and will compare their efficiency for SME.

Information Channels for SME Companies

One major challenge for SME companies is to stay informed about authority plans and requirements for IDMP compliance. While requirements are being defined and implementation plans are being changed by the EMA, direct information from EMA has been very scarce over the last years.

The following sources to stay updated about IDMP should be considered:

1. EMA website

EMA publishes official information regarding IDMP implementation on its website. The website also includes a webinar given by the EMA in August 2016 as well as meeting notes from the IDMP task force.

2. ISO standards and implementation guides

The ISO standards and ISO implementation guides can be bought online. They are currently under revision and new versions are expected in 2017 (for standard 11615 and 11616 in the second quarter, for standard 11238 in the fourth quarter, for implementation guide for ISO 11238 in the first quarter, for implementation guide for ISO 11615 in the second quarter of 2017).

The ISO standards ISO implementation guides will serve as a basis for the EU implementation guides. The EU implementation guides will define the actual requirements for the EEA and are currently created by the IDMP task force.

As long as EU implementation guides are not available, ISO standards and implementation guides give the most detailed information on which requirements for IDMP compliance can be expected. Special attention should be paid to the standards of the medicinal product and substances as well as the technical implementation guides.

3. Direct via IDMP task force

The EU IDMP task force consists of representatives of EU institutions like the EMA and NCAs, representatives of the pharmaceuticals industries and other interest groups like vendors. The task force is developing and implementing IDMP requirements in the EU. For big pharmaceutical companies and vendors in the area of RA data organisation, participating in the IDMP task force also serves as a direct channel to the implementation of IDMP. However, even within the task force, a lag of information delivery from EMA to industry/vendor representatives prevailed.

Participating in the IDMP task force does not only require sufficient time but also specific knowledge in the field. Therefore, it seems natural that this is not the information channel of choice for SME companies. However, information from recent task force activities can be found on the EMA websites in the task force meeting minutes and are also exchanged via the IRISS forum as described in point 2.1.6.

4. Conferences, external training

Since 2014, the number of conferences and professional training focusing on IDMP has steadily risen. Speakers from industry, vendors, and authorities can give valuable insights to their IDMP implementation projects. However, again mostly big pharma companies are attending, as conferences and training are costly and SMEs lack functions dedicated to the subject. Bigger companies already involved in internal IDMP projects are often updated by vendors and consultancies part of the project team.

SME companies not starting IDMP projects yet might consider using an in-house training held by experienced consultancies to inform all involved functions about IDMP instead. 

5. Informal networking

As official information from the EMA has been scarce, direct information from task force members has proven a helpful source of information. Informal exchange based on personal contacts also is highly helpful when implementing IDMP within the own organisation. Related functions in other companies usually face similar problems and solutions and experiences can be exchanged. Again, big pharma companies with functions dedicated to the subject have been in advantage here while RA departments often feel responsible for IDMP in SME companies. Nevertheless, exchanging experiences regarding IDMP implementation with related functions in other companies can be a highly useful, cost- and time-efficient source of information for SME companies as well.

6. IRISS forum

The IRISS forum refers to itself as “A Non-Profit Dedicated to Implementation of Regulatory Submission Standards Around the World”. Related subjects are discussed within topic groups and webinars, members come mostly from industry and vendor organisations. The IDMP topic group meets in a monthly t-con. The agenda usually focuses on recent activities of the EU IDMP task force and of the ISO technical committee currently updating the ISO standards. Speakers usually are members of both organisations. IRISS members can add questions, issues regarding xEVMPD activities are discussed as well. Records, as well as notes of the meetings, are published afterward. The forum also conducts surveys and collects feedback for the EU IDMP task force from its members.

As membership is comparatively inexpensive, SME companies should consider it as a cost- and time-efficient source of up to date information.

7. EMA efforts to cascade information

In its August webinar, EMA described its approach to set up a change network to cascade information regarding IDMP more efficiently. EMA will appoint industry change liaisons. Industry change liaisons will come from the IDMP task force. They are meant to cascade information and best practices directly and interactively to industry as well as to give feedback to EMA change network if additional communication is needed. They are meant to work together with key contact points at industry organisations to identify suitable communication channels like conferences or forums where they can present and communicate about IDMP. The industry is asked to get in touch with industry change liaisons if opportunities are identified that they can communicate with a wider range of industry stakeholders.

EMA promised to publish contact information of industry change liaisons soon. It needs to be evaluated how effectively they will improve communication. SME companies might want to contact their industry organizations regarding any related activities planned.

According to EMA, the SME office is also responsible for cascading information to SME and registered SME companies can submit questions there as well.


In August 2016, the IRISS forum conducted a survey of its members about their IDMP compliance activities. The results are publicly available:

One of the questions asked was how companies stay informed about IDMP compliance.  Most of the 29 industry members answering the survey reported that they received information about IDMP implementation either directly from the task force, via the IRISS forum or from vendors and consultancies. When asked about their preferred source of information, however, almost all companies reported that they wish to receive information directly from the authorities.

While it is unclear whether more information directly from the EMA will be available in the future, companies currently are still asked to use various other information channels.

For SME companies the following approach can be helpful.

  1. Start with an in-house workshop to bring all involved functions to the recent level of IDMP information. The workshop should also answer all open questions regarding the contents of the ISO standards and ISO implementation guides. Xendo offers workshops as part of its IDMP consultation services. Please contact us for more information.
  2. Stay informed about new information using the following channels:
    The EMA website should be checked regularly for any updates
    Appoint a function to follow the discussions on the IRISS forum

Network with peers to get informed about experiences from organisations similar to your own.

Feel free to get in touch for some additional information!
Blog by: Almut Holz - Managing Consultant at Xendo 

Using Scrum to Validate Software during Agile Development

#Using Scrum to Validate Software during Agile Development

Scrum is an increasingly popular way to develop software, a methodology to implement Agile Software Development.  Though Scrum has been coming up for a few years now, it’s not always clear how to validate software that is being developed this way. Specifically for pharmaceutical and biotech companies it’s valuable to show deliverables of incremental sprints in Scrum can be combined with the deliverables expected by the GAMP 5 guide.


There are several accepted definitions of SCRUM, but for now, let’s go with the following:

“Scrum is a development framework in which cross-functional teams develop products or projects in an iterative, incremental manner. It structures development in cycles of work called sprints.”


Sprints are blocks in which Scrum-teams deliver their product. They are iterations of no more than four weeks each (the most common one being two weeks), and take place one after another without pause. These sprints are time boxed, meaning they end on a specific date whether the work has been completed or not, and they are never extended.

Usually, Scrum teams choose one sprint length and use it for all sprints. Though, if they improve they might decide to use a shorter cycle.  At the beginning of each sprint, a cross-functional team selects items (customer requirements) from a prioritized list.  Subsequently, the team agrees on a collective target of what they believe can be delivered at the end of that sprint. The benefit being that the work scope is small and there is a commitment from all participating team members.

During the sprint, no new items are added; changes are put on the product backlog and prioritized for execution in future sprints. At the beginning of every day, the team gathers briefly to inspect its progress and adjust the next steps needed to complete the remaining work in time.

At the end of the sprint, the team reviews the sprint’s results together with the stakeholders and demonstrates what has been built. In the case of software, this would mean a system that’s integrated, fully tested, end-user documented, and potentially shippable. The obtained feedback can lead to changes or additional requirements that are added to the product backlog.


Good Automated Manufacturing Practice (GAMP) is a set of guidelines for manufacturers and users of automated systems in the pharmaceutical industry.

More specifically, the ISPE guide for Validation of Automated Systems in Pharmaceutical Manufacture describes a set of principles and procedures that help ensure that computerized systems, including software, are fit for purpose.

One of the core principles of GAMP is that quality cannot be tested into the computerized system, but must be built into the computerized system during each stage of its development. As a result, one of the key features of GAMP is computer system validation.

Computer System Validation

Computer System Validation (CSV) establishes documented evidence providing a high degree of assurance that a specific computerized process or operation will consistently produce a quality result, matching its predetermined specifications. In other words, CSV is demonstrating that the computerized system is consistently doing what it should be doing and that the data it produces is reliable.


Normally the “V-model” is used to execute this kind of validation. In GAMP this model demonstrates the relationships between each phase of the development life cycle and its associated phase of testing.  The left axis represents the stages of a specification and the right represents the stages of verification or testing. Steps in the V-model are sequential, following the arrows, and every next step should only be started when the previous one is completed. During software validation, the deliverables of each step are checked

Validation starts by combining all requirements in a User Requirements Specification (URS). When this URS is approved, the Functional- and Configuration Specifications (FS and CS) are drawn up and the software can be developed afterward. After development, it can be validated together with its accompanying procedures. Only when everything is according to the URS and applicable procedures the software should be released.

Combining both methods

On first sight, combining Scrum and GAMP doesn’t seem possible, because Scrum is an incremental process, i.e. software is delivered in working parts, and validation according to GAMP is sequential i.e. the software is delivered in a whole working package.

However, when confronted with this problem, you can decide to treat each Scrum sprint as a separate “GAMP V-model”. This way, you can perform validation while the software is being developed and this is in line with both ways of working. To have a potentially shippable product it needs to be validated and to validate this product the specifications, functionalities, and documentation all need to be checked.

To establish this, the validation documentation is aligned with the scrum documentation according to the table below:


By combining GAMP and Scrum like described, it’s possible that a cross-functional (development, testing, and validation) team is able to deliver functioning and validated software in a timely matter while meeting all predefined top priorities. Since time is usually fixed, lower priorities might not always make it in the first production release, but this is actually one of the strengths of Scrum; focusing on what must be implemented.

Most software developing companies do not work according to the V-Model anymore and have embraced Scrum. Pharma companies, however, often state that GAMP or the V-Model needs be followed. It is worthwhile to seek some flexibility on both sides to make it possible to start implementing Scrum while maintaining benefits of the V-model. Our experience is that Scrum can definitely help to successfully execute projects on time with the required functionality and quality.

Please feel free to contact us if you have any questions!
Blog by: Anton van Rosmalen - Consultant at Xendo
Contact: Joost Havers - Managing Consultant at Xendo

COGEM advice on MI classification when using Single Use Bioreactors

#COGEM advice on MI classification when using Single Use Bioreactors

Earlier this year the Commission on Genetic Modification (COGEM) commissioned Xendo to investigate the current vendor and user experiences concerning the containment risks when using Single-Use Bioreactors (SUBs) in combination with Genetically Modified Organisms (GMOs)

Based on this Xendo report COGEM has written a letter of advice to the state secretary of Infrastructure and Environment (I&M), concerning use of SUBs in large scale industry. In this letter, it is stated that production in SUBs by the current standard is performed under classification MI-III.

Following these events, we received questions regarding the report and the letter, so we’d like to summarize the outcome of the Xendo research report and present COGEM’s advice to the state secretary and how this should be interpreted. Also, we’ll show what Dutch regulations concerning genetically modified organisms state about MI classifications (Micro-organisms Industrial scale) with respect to the interpretation of the COGEM advice.

Summary Xendo Report: “Updated GMO Containment Risk Evaluation Of Single-Use Bioreactors”

SUB technology has developed significantly since the first assessment in 2010, with increased experience at both the user and vendor side, many improvements have been made that reduce risk for loss of containment (e.g. operator handling errors or SUB control system errors).

Since 2010 interaction between SUB vendors and end-users has resulted in increased knowledge concerning SUB bag integrity. One example is a visual anomaly database in which anomalies are classified according to their impact on bag integrity. SUB bag production processes are qualified and validated. Shipping and transport also occur according to validated methods. Training is provided extensively to users of SUB systems at purchase and when significant design changes have been made. SUB production has improved, yet between vendors, there still is a different approach to SUB bag integrity assurance.

Users often rely on the expertise and quality assurance of the vendor for bag integrity. Most users do not employ dedicated integrity tests (e.g. pressure decay), but instead use a media-fill-test as their pre-inoculation bag test. Users also recognize that maintaining a high level of operator skill, through (vendor) training and use of appropriate equipment, is critical to successful and safe use of SUB technology without containment events like spillage or leakage.

It is anticipated that small defects located in the headspace of SUB bags (pinholes) pose a (theoretical) risk for containment, especially when producing viruses which are transmissible through aerosols. Pinholes in the headspace are not easily found using a media fill test. A pressure decay test may not be able to indicate these holes as they have a minimum detectable defect size based on bag volume.

It is concluded that the use of SUB technology in combination with GMOs generally does not pose an increased containment risk compared to stainless steel vessels. This is based on the following:

  • Any bag defect that could constitute a containment risk is typically spotted during the pre-inoculum phase. (Except the mentioned pinhole defects in the headspace)
  • Operators are properly trained and use the appropriate and validated equipment.
  • Vendors have good control over their production process and raw material supply.
  • Vendors and users freely and openly communicate experience and information and engage in continuous improvement of this technology.
  • Between different types of SUB bag configurations, no significant differences have been observed.

COGEM advice letter

COGEM presented the report to the state secretary of I&M and in the offer letter, COGEM explains the outcome of the Xendo research that has been done concerning the use of single-use bioreactors (SUBs) for large scale production. Throughout the letter, the increased safety and experience of users and vendors is explained and the residual risks related to pinhole defects in the SUB headspace were addressed.

In the letter, COGEM indicates that accidental escape of GMOs through pinholes cannot be excluded and that operators should be made aware of the risks of pinhole defects. Nevertheless, COGEM indicates that, following the current classification regulations, large scale culture of GMOs in reactors and SUBs should be performed in an MI-III environment.

MI-III implies that besides the SUB itself there is a second level of physical containment. In MI-III classification the likelihood of GMOs being released into the environment is considered to be minimal, even when GMOs would escape from the SUB through accidental pinholes.

It should be noted that this classification advice has not changed with respect to the current classification of similar activities, indicating the Xendo report has confirmed the suitability of current classification guidelines.

Regulations concerning large scale production using GMOs

In the applicable Dutch regulations concerning genetically modified organisms (Besluit & Regeling genetisch gemodificeerde organismen, wet milieubeheer 2013) the following 4 classifications are listed for process installations for large scale industry:

  • MI-I areas are for dealing with ML-I organisms that comply to certain criteria (very low risk). Inactivation of the biomass before disposal is not required.
  • MI-II areas are meant for dealing with ML-I organisms that do not comply to the IAB criteria. Inactivation before disposal is required.
  • MI-III areas are for ML-II organisms, and
  • MI-IV areas are for ML-III organisms

Noticeably, when used at laboratory scale, all ML-I and ML-II organisms are classified at MI-III in industry. This is contradictory to classifications concerning PKM (Plants) and DM (Animal), where levels I to IV correspond to ML-I to –IV depending on the ML classification of the organism in laboratory scale work.

Appendix 5 chapter 5.7.1 states that:

  • A. Dealing with organisms that are classified as ML-I in laboratory scale are classified as MI-III in industry.
  • B. Dealing with organisms that are classified as ML-II in laboratory scale are classified as MI-III in industry.
  • C. Dealing with organisms that are classified as ML-III in laboratory scale are classified as MI-IV in industry.

In general, the containment measures of MI classifications in the workspace entail the following:

  • MI-I: Use of physical containment (Bioreactor).
  • MI-II: Use of physical containment (Bioreactor) that limits the spread of GMOs. Filters in off-gas are mandatory.
  • MI-III: Use of physical containment (Bioreactor) that strongly limits the spread of GMOs. Hydrophobic absolute filters in off-gas and means to collect and inactivate the total content of the system are mandatory.
  • MI-IV: Use of physical containment (Bioreactor) that prevents the spread of GMOs. Further use of containment measures in the process area like a HEPA Filtered ventilation system, entrance through an anteroom containing a shower and gowning areas, a negative pressure regime, leak free or ventilated seals, hydrophobic absolute filters in off-gas and vacuum systems, and means to collect and inactivate the total content of the system are mandatory.

Also, procedural demands increase when the MI classification is higher. For further details see appendix 9 of the regulations concerning GMOs.


When applying for a license using ML-I or ML-II organisms at lab scale, always an MI-III classification is applied for in the industry. However, when dealing with low-risk organisms, following appendix 6 of the Dutch GMO regulations, a downgrading to MI-II or MI-II can be requested at the GMO office after the first MI-III permit is granted. Each application will be evaluated on a case by case basis often involving COGEM to advise on the related risks for the environment. The COGEM advice letter does not alter this procedure.

The GMO office and COGEM have confirmed that their advice does not change the current classification rules and regulations. Downgrading is still possible when safety is assured.

Downgrade examples when using SUBs

Numerous applications for downscaling have been evaluated in the past. A number of positive COGEM advices, on the acceptability of downscaling handling of GMOs on an industrial scale when using SUBs, are published on the COGEM website.


The outcome of the Xendo report is that use of SUBs overall does not pose a higher containment risk in comparison to stainless steel bioreactors. However, pinhole defects in the headspace of the bag are difficult to identify and therefore pose a (theoretical) risk of loss of containment, especially when using viruses that can be spread through aerosols.

COGEM has reported the outcome of the Xendo report to the state secretary of Infrastructure and Environment (I&M) indicating the risk of pin hole defects. However, COGEM states that under the standard MI-III classification risk is adequately managed because of the 2nd layer of containment besides the reactor itself.

The Dutch regulations concerning GMOs follow a standard classification of MI-III for industrial scale applications for organisms that on a laboratory scale are classified at ML-I or ML-II. It also states that a downgrade to MI-II or MI-I can be applied for at the GMO office.

The GMO office and COGEM have confirmed that, although the risk of pinhole defects in SUBs is acknowledged, there is no change in the classification of industrial application of SUBs. Furthermore, applications for downgrading to lower containment levels can still be submitted and will be evaluated on a case-by-case basis following current standards.

Feel free to contact us if you have any questions.
Blog: Bert Wielders - Consultant at Xendo

The new Medical Device Regulations, are you ready?

#The new Medical Device Regulations, are you ready?

Are you ready for the new Medical Device Regulations? While writing this, it is almost impossible to respond to this question 100% positive. But all manufacturers will need to review their product portfolios in order to determine if their products are covered by these new legislations and comply, or still comply, with all their requirements.

Discussions between the European Parliament, Council and Commission have taken a long time and resulted in two vast documents, no less than 400 pages each, i.e. the Medical Device Regulation (MDR) and the In Vitro Diagnostic Medical Device Regulation (IVDR). The official sign-off and publication of these two Regulations is expected to be Q1 or Q2 2017. And even then, further details in the form of Common Specifications and implementing Directives will need to appear in the coming years.

The combined info of the Proposals of the European Commission for the two Regulations (September 2012), publicized information, and discussions in- and outside Brussels and Strasbourg, show a clear picture of the most critical aspects. Important to know is that the new Regulations have taken a fivefold from the size of the Directives for Medical Devices and IVD-Medical Devices which they are to replace. So, it might be wise to develop a certain tactic if you plan on reading them and you have a specific product in mind. Beneath you find a pragmatic approach on how to assess the status of a product under the new Medical Device Regulation:

  1. Check the scope of the legislation (Article 1, Annex XV);
  2. Compare the manufacturer’s description of the product with the definition of Medical Device (Article 2) and with Annex XV;
  3. Determine the particular roles and responsibilities of the Economic Operators, with some newly defined entities such as the importer and the distributor (with Article 2);
  4. Re-determine the risk classification of the product taking its Mode of Action into account (Article 41, Annex VII);
  5. Select the preferred Conformity Assessment Procedure (Article 42);
  6. Identify the applicable “Essential Requirements” (Article 4, Annex I);
  7. Generate or supplement the Technical Documentation (Annex II);
  8. Apply the applicable Conformity Assessment Procedure (Annex VIII, IX, X or XI);
  9. Complete the Declaration of Conformity (Article 17, Annex III);
  10. Affix the CE Mark (Article 18, Annex IV), now showing compliance to the Regulation.

A “warm welcome” to manufacturers of products without a Medical Purpose

Manufacturers of non-Medical Devices will also have to become familiar with the new legislations because a series of products without a Medical Purpose has been brought into its scope. Although not complying to the general definition of a Medical Device, the application of these products carry many, if not all, aspects of the use of a real Medical Device. Examples of such products are colored contact lenses or other articles intended to be introduced onto or into the eye; substances intended to be used for dermal or mucous membrane filling by injection; equipment for liposuction, all kinds of light emitting laser equipment intended for skin treatment, or cosmetic implants (under Annex XV).

It is expected that their safety will be assessed as if they were classified in line with the best matching classification. Their manufacturers will need to start developing Technical Documentation. Notified Bodies will need to focus on risk separately, as opposed to a risk-benefit ratio where they usually compare residual risks to proven clinical benefits. For presenting compliance to the requirements, Common Specifications will be provided.

Other eye-catching issues

Discussions around these new legislations predominantly focused on improving the organisation of the system, i.e. on stronger supervision and intensified oversight of Notified Bodies by national authority personnel with proven qualifications; more thorough testing and regular checks on manufacturers, including commonly applied Un-announced Factory Inspections; the mandatory implementation of a rotation scheme for Notified Body assessment staff and permanent proven "in house" expertise in the Notified Bodies’ organisation, especially in the field of clinical experience.

Between the many critical elements in the new Regulations, improved device traceability throughout the Supply Chain using UDI systems and the extended registration requirements in the EUDAMED database need to be mentioned. The database focuses on the certificates issued, suspended, withdrawn, refused and restricted by Notified Bodies, on Clinical Investigations, on vigilance data, such as Field Safety Corrective Actions and Field Safety Notices as well as on market surveillance measures taken by Member States. Manufacturer registration and UDI will probably be moved into a separate system.

Significant are the stricter requirements for Clinical Evidence. Clinical evaluation reports are mandatory for all classes of Medical Devices. What changed particularly, are the terms of Clinical Evidence for high-risk devices. The evidence should predominantly be based on data sets with a focus on Clinical Performance Studies covered by detailed described GCP-principles. Class III devices manufacturers will also need to enhance their active and systematic analysis of data on quality, performance and safety using Post-Market Surveillance and Post-Market Clinical Follow Up. They need to report on with Periodic Safety Update Reports, continuously monitoring the Risk/Benefit-Ratio.

Classification and Technical Documentation content of existing products to be re-assessed

Manufacturers should be aware that their current products have to be re-assessed in order to confirm that they still conform to the requirements. Or to determine the gap to be resolved before being allowed to continue marketing their products in Europe. Fortunately, they have three years, or five for IVDs, to perform this re-assessment.

Although they will be able to perform this assessment themselves or with specialized support, a Notified Body is needed for the official confirmation of conformance.

Please note, all Notified Bodies will need to be accredited for these new Regulations before being entitled to assign CE-certificates. To this purpose, the capacity of the joint audit teams of the authority Accreditation Bodies that oversee Notified Bodies has been enlarged. One of the implementing acts prescribes how this should be managed. Probably, Notified Bodies who audit high-risk devices will be able to start relatively early, given the requirements that are being introduced for such products. Having these certifying organisations accredited on time will, most likely, be a challenge for the Accreditation Bodies of the Member States.

In conclusion

Even though the new regulation has not been published yet, and three years for implementation seems far away, it is strongly advised to start your assessment against the new regulations as soon as possible. There are many topics to address and the more time you have available, the easier it is to ensure conformance of your products within the set timeframe. Therefore, do not hesitate and take the ten step approach above, and you will have a quick insight to where you stand with your products.

If you have any questions, feel free to contact us!
Blog by: Louis Habets - Senior Consultant, Xendo

Emerging genetic engineering in medical biotechnology

#Emerging genetic engineering in medical biotechnology

Emerging genetic engineering in medical biotechnology

After the DNA helix was uncovered in 1953 and in 1968 Rogers and Pfuderer demonstrated a proof-of-concept for virus-mediated gene transfer, about two decades ago the first gene therapy trials were performed. In 2003 the sequencing of the human genome was completed, which provided new opportunities for further development of molecular medicine. In 2003 Gendicine was the first gene therapy product approved for clinical use in humans in China. In July 2012, the European Medicines Agency recommended Glybera for approval, which was the first recommendation for a gene therapy in either Europe or the United States. With the increased understanding of molecular medicine, the field is now developing even more specific and efficient therapeutics that repair gene function, which is now producing clinical results.

Commissioned by the Ministry of Infrastructure and Environment (Ministry of I&M) and the GMO office (Part of the Netherlands Institute for Public Health and the Environment, RIVM) Xendo executed a scientific literature evaluation on novel and trending molecular genetic techniques applied in medical biotechnology.The GMO Office is responsible for the processing of license applications with respect to GMO handling on behalf of the Ministry of I&M and it is intended to develop new policies for medicine based on new molecular biotechnologies. 

Trending themes within molecular medicine such as genomics-based medicine, epigenetics, nanomedicine, personalized medicine and synthetic biology are all impacted by the development of techniques that facilitate and improve genetic engineering. Four technology areas were identified: genome editing, epigenome editing, gene expression regulation and gene delivery. Within these technology areas, the following technologies were identified: ZNF (Engineered nuclease), TALENs (Engineered nuclease), CRISPR/Cas9 (Engineered nuclease system), siRNA and miRNA and Modified Antisense Oligonucleotides.  The table below presents the technology areas and the underlying techniques as well as possible applications.


Genome editing by engineered nucleases (ZFN, TALENs and CRISPR/Cas9) is of great value in research to understand functions of individual genes but also as medicine for genetic disease treatment. Currently, genome editing strategies are developed as therapeutic agents. A critical breakthrough for gene targeting approaches was the discovery that by creating a site-specific DNA double-stranded break (DSB) at the targeted locus it is possible to strongly stimulate genome editing by homologous recombination. Engineered nucleases are not only used to introduce permanent deletions or insertions in the host genome but can be re-designed to control epigenome modification and gene expression. Engineered DNA binding domains of artificial endonucleases can be fused to functional domains of chromatin-modifying enzymes or a transcription activator/repressor. This type chimeric protein is able to control chromatin modification status, or regulate gene expression at the transcriptional level.

Small noncoding RNAs

Micro RNAs (miRNA) and Small Interfering RNAs (siRNA) have been discovered two decades ago and added a new dimension to our understanding of complex RNA-mediated gene regulatory networks.  These RNA molecules can exert regulation of gene expression. As such, molecular medicine base on these small RNA molecules can be applied at an additional level, for example, to regulate developmental and physiological processes or to treat a wide range of disorders including cancers and infections.

Antisense oligonucleotides

Therapeutic oligonucleotides (including small noncoding RNAs) that intend to have an effect on gene expression in general need to be able to enter the targeted cells and stay biologically active to be able to reach their DNA or RNA target sequence. As nucleotides composing RNA and DNA are linked to each other by phosphodiester linkages that are easily cleaved by endo- and exonucleases such molecules often are not suitable for the intended medical use. Many types of modifications have been described, and besides backbone modification; sugar modification (Locked Nucleic Acids, Bridged Nucleic Acids), nucleobase modification (Base Analogues), and terminal modification (coupled sugar, lipid, and peptide) have been applied to improve oligonucleotides properties.

Delivery systems

In most cases, the described technologies and their future development depend on efficient delivery systems. About 70% of gene therapy clinical trials carried out so far have used modified viruses to deliver genes. Although they have substantially advanced the field of gene therapy, several limitations are associated with viral vectors, including patient safety issues and difficulty of virus production. The development of non-viral vectors is attractive because of advantages such as fewer safety issues and fairly simple manufacturing processes. Many non-viral systems have been developed for delivery of genetic material, including the injection of naked DNA alone or in combination with physical methods such as gene gun, electroporation, hydrodynamic delivery, sonoporation, and magnetofection. These techniques are generally less applicable to systemic gene delivery in humans than in small animals such as mice. Therefore, a range of synthetic delivery vectors has also been developed, including lipids and liposomes, polymers (linear and branched polymers, dendrimers and polysaccharides), polymersomes and inorganic nanoparticles.

Paradigm shift

The most attractive aspect of the novel therapeutics based on the technologies described is their ability to target virtually any gene(s), which may not be possible with classical small molecules or protein-based drugs. While the efficacy of these novel therapeutics has been successfully demonstrated in vivo, several technical barriers still need to be overcome in order for many clinical applications. The novel therapeutics allow for direct and sustained interference with disease related gene expression and gene regulation, in most cases without the necessity to change the endogenous sequences of the genome itself. The ethical and safety concerns of changing genome sequences are herewith in most cases circumvented and a clear paradigm shift from gene repair and replacement to gene regulation can be observed. Nevertheless, some concern remains related to the transgenerational effects of medical treatments in general and specifically for treatments that strongly affect gene expression. New insights into epigenetic mechanisms revealed a new high-speed evolution system independent of random DNA changes: epigenetic evolution by chromatin modifications, such as acetylation and methylation, in response to environmental changes including medical treatments and even psychological experiences, which are transmitted between generations.

With the recent surge in intensive research investigating new therapeutic mechanisms and combinations of new tools, it can be expected that significant advance will be made for their future role in therapeutics.

To read the full report follow this link.

Feel free to contact us if you have any questions.

Blog & report by:
Harm Hermsen - Managing Consultant
Paul Joosten - Sr. Consultant 
Xiaoxi Zhu - Associate Consultant


A Secure way to maintain Data Integrity while using Shared User Accounts

#A Secure way to maintain Data Integrity while using Shared User Accounts

Data Integrity

According to the US Food and Drug Administration (FDA), “ensuring data integrity is an important component of industry’s responsibility to ensure the safety, efficacy and quality of drugs” *1 and in recent years the FDA has found increasingly more violations involving data integrity. Because data integrity is a too broad of a topic to deal with in a single blog we will focus on one specific aspect of it: data integrity for systems that use shared user accounts. Furthermore, we will focus on addressing the requirement that data must be retained as “original records”, “true copies” or “other accurate reproductions of the original records” (“reliable and accurate data”).*1

The FDA defines data integrity as:

”The completeness, consistency and accuracy of data. Complete, consistent and accurate data should be attributable, legible, contemporaneously, recorded, original or a true copy and accurate (ALCOA)”. *1

During development or production of pharmaceutical products it is important that all used data is correct, available, accessible by authorized user only, and therefore can be relied on in decision-making. To achieve this, data integrity must be ensured.

If data integrity cannot be ensured, than the possibility exists that the produced /developed products do not meet the quality requirements and/or do not work as intended. Or worse, the pharmaceutical product may have properties that have a negative effect on patients’ health. This is why regulatory authorities are currently focusing on data integrity.

Thus, the importance of reducing your data integrity risks, and ensuring controls are correctly implemented and appropriately managed throughout the entire record life cycle is very clear.

Shared User Accounts

Data integrity while using shared user accounts is a difficult one. Shared user accounts could be an Operating System (OS) - or application user account that are not specific for one user, but are used by more instead. 

Some computerized systems are used with shared user OS accounts e.g. because the application software must be running 24/7, other software is only working when it is run with an administrator account (this is a user account with all possible user rights) or an account with elevated rights (more user rights than a normal locked down user). This results in increased data integrity (and security) risks.  Using such a computerized system gives the users the possibility to (accidentally or deliberately) alter or delete data stored on local hard drives.

Furthermore, if someone is logged in with a shared user account it is not registered which specific user it is. If a user is editing data, it is only logged that that shared user account did the editing, and not which actual user. So it cannot be checked who was the one responsible. Therefore, measures must be taken to avoid this.

Security software

One of the measures to  implement is to install security software that is designed to limit the rights of the users on the computerized system, while the rights of the application software stay the same.


  • User rights: A set of rules defining what a user can or cannot  do and for what folders of a computerized system  these rules apply, such as read, write and delete.
  • Software rights: A set of rules defining what an application can or cannot do and for what folders of a computerized system these rules apply, such as read, write and delete.
  • Both sets of rules can be set independently.

The security software acts as a ”point-police man” between the operating system (Windows) and the application software regulating the users and the application software, so to speak. With this security software, it is possible to:

Set the rights of the application software:

  • Define which folders the application software can access and with which rights;
  • Define which Windows dialog screens the application software is allowed to use (e.g. “Save As” window).

Set the user rights

  • Define which applications can be used;
  • Define which folders the user can access;
  • Define if executable files can be started or not;
  • Define network access (network folders, intranet and internet).

How the security software enforces the rules to meet compliance can be configured too:

  • Define if the application software is started automatically or a menu with several applications is presented.
  • Define if besides the applications software other software or the explorer may be used.
  • Define which phericals (USB sticks, DVD, Mobile Devices, etc. may be connected to the system.

To illustrate this theory pretend you’re using application software (DataPro900) that is run under a shared OS user account with elevated user rights. The steps taken to configure the security software would be:

  • Configuring the security software in such a way that its interface is started on booting of the system. Users can only start DataPro900 or File Manager which is a secure replacement for Windows Explorer;
  • Selecting which folders the users can access using File manager, in this case the directory with the data files of DataPro900. File Manager is configured in such a way that these files can only be read; no files can be edited or deleted. No executable files (e.g. .exe, .com, .bat files) can be executed.
  • Blocking system critical key combinations
    Blocking system critical key combinations
  • Blocking internet access, but allow intranet access.
  • The users cannot get on internet and accidently download a virus or download software that could compromise the integrity of the computer and therefore also data integrity;
  • Locking CD/DVD drives and blocking USB drives.
  • The users cannot accidently introduce malware or a virus from a CD/DVD, Phone, USB drive or use those media to install software that could compromise the integrity of the computerized system and therefore the data integrity;

When the system is rebooted after this configuration, the following start-up screen is presented:

As you can see the system is completely locked down, only the DataPro900 application software and File Manager can be started.

The security software has an interface that makes configuration rather straightforward, you just have to tick or untick the options you want to set for the software. The interface has several screens where you can set the different options you want to use for your software.  This security software stores its configuration in HTML language. The main advantage of the use of the interface is that no prior knowledge of HTML is required to configure the software. 

Ofcourse, knowledge of the application software and the system it is run on is needed because this knowledge is needed to guarantee the best possible protection when using this security software.

For an example of one of the interface screens, see the picture below.


In the case described above it is possible to make computerized systems with shared user accounts more secure, reliable and compliant with GxP regulations, when using security software. 

Data integrity is maintained because users have “reliable and accurate” *1 data to work with, which cannot be altered from outside the software application or the File Explorer.

Shared user accounts need to be assessed on a per system basis. E.g. The above procedure will not completely fix the problem when the application software uses shared accounts, like accounts based on roles (e.g. Analyst, Study Director, Lab Administrator). Then the application software itself is not compliant and that cannot be fixed by installing the security software. The advice then is to investigate new application software and make sure it has all functionality before taking it into use. At Xendo we developed and use standard lists to check if systems comply with 21 CFR Part 11 and Annex 11 for this purpose. Ideally, when starting from a  green field, infrastructure and application should both be assessed before deciding upon a computerized system to use.

*1 FDA Data Integrity and Compliance With CGMP Guidance for Industry DRAFT GUIDANCE

Blog by:  Anton van Rosmalen - Consultant at Xendo
Contact: Joost Havers - Managing Consultant at Xendo

Quality by Design in the development of biopharmaceuticals – how Regulatory Affairs can mitigate bottlenecks

#Quality by Design in the development of biopharmaceuticals – how Regulatory Affairs can mitigate bottlenecks

If you are involved in (early) development of biopharmaceuticals, have you ever experienced serious delays because of problems arising from tech transfer? Or because of the first pilot scale batches not meeting important criteria of the specification that was adopted early in the program? Or because of a serious comparability issue between non-clinical, clinical and commercial scale batches? Or because the Agency does not agree with the proposed strategy, when your company finally decided to obtain Scientific Advice? A big chance you experienced not just one, but several of these “bottlenecks”.

Biopharmaceutical development necessarily requires a multidisciplinary approach, that is sometimes at odds with the realities of corporate structures and experience available in (smaller) companies. It is a challenging task to understand inter-dependencies between different pharmaceutical-technical aspects of a development program, together with the organizational aspects of a multidisciplinary approach. Once a development issue is noted by an individual, it can be difficult to translate this into action by the organization. Regulatory Affairs is arguably the single function where it all comes together; from technical CMC issues to nonclinical and clinical safety and efficacy studies, their interrelationships, and how to translate such issues in an efficient regulatory strategy.

When making an analysis of the many challenges in biopharmaceutical development four main bottlenecks can be identified: specific aspects of drug development that represent common root-causes for either delayed, over-budget or failed development programs. This blog will focus on these bottlenecks and how regulatory affairs specialists, working closely together with all relevant disciplines in the company, can offer advice and hands-on support to recognize and navigate through these successfully.

Manufacturing Process Development: tech transfer, scale-up and modifications

CMC development of a biopharmaceutical involves highly-experienced specialists that are very competent at their main task which is, necessarily, only a small piece of a complex puzzle. The first bottleneck regards the integration of the different pieces of the puzzle which typically requires involvement of regulatory specialists into the process.

Early involvement of regulatory people and thinking is essential to ensure that all aspects of the CMC development are integrated, aligned with nonclinical and clinical development and carried out according to an efficient regulatory strategy. For instance, regulatory specialists can enable a company to better manage tech transfer and scale up activities (which typically involves contract manufacturers and labs) by providing advice on the differing requirements from health authorities around the world for such activities, or to implement Quality by Design (QbD) concepts more efficiently by ensuring that the development is aligned with the regulatory strategy and QbD principles.

From QTPP to CQAs to Specification

The ICH Q8 Guideline describes the process by which pharmaceutical development progresses from concept to control strategy. According to the Guideline, a company first identifies a Quality Target Product Profile (QTPP) for the product to be developed and then identifies specific attributes that are critical to the quality of the product in accordance with the QTPP (critical quality attributes or CQAs). The essence of QbD (or the enhanced approach) described by ICH Q8 is the stepwise and iterative process needed to translate the QTTP to a product specification. According to this approach, first a risk assessment is expected to be carried out to systematically analyse all CQAs. Since the manufacturing process of biopharmaceuticals is complex, this necessarily involves many technical disciplines and can be a quite lengthy process. The risk assessment is followed by development studies to verify criticality and interrelationships of the many materials and process variables, normally using design of experiment studies. Based on the results of these DoE studies, the list of CQAs and the risk assessment is updated (reflecting the iterative aspect of the approach). As part of the DoE, a design space may be constructed, though the latter is not an essential part of the enhanced approach.

ICH Q8 covers a complex, multidisciplinary area that was identified as a common bottleneck due to the fact that many companies struggle to carry out their development projects in a focused and consistent way over the many years such a project takes. Instead they tend to operate more empirically and ad hoc. The concepts introduced in ICH Q8 (either the traditional or enhanced approach) are now seen as regulatory requirements in many cases. For instance, EMA biosimilars guidance states that “The QTPP should form the basis for the development of the biosimilar product and its manufacturing process.” Regulatory specialists can typically guide and drive these complex projects because they know what agencies expect and because they can communicate with all disciplines involved at a sufficient knowledge level. They can help establishing the (interrelated) development, control and regulatory strategies that adhere to global regulatory guidance.


Ensuring that your product remains comparable after manufacturing process changes during the complete product life cycle may be one of the most important challenges of drug development , and is the cornerstone of all CMC development and maintenance. (According to ICH Q8, development concerns the complete product life cycle, including the time that the product is on the market.) Comparability is a typical development bottleneck due to the fact that issues with it are a major source of Agency major objections to Marketing Authorisation, Extension and Variation Applications.

It is critical to prospectively determine acceptance criteria and design robust studies capable of detecting differences between pre- and post-change product. (Such a prospective approach would “automatically” follow from a QbD approach as described above.) Additionally, care should be taken to identify CMC changes that could impact product safety and/or efficacy, as it is well-documented that relatively minor changes can have serious effects. Regulatory specialists are well-placed to advise on the types of changes that alert the Regulatory Authorities.

Scientific Advice

When companies underestimate the importance of early Scientific Advice meetings with Agencies, this can often create a bottleneck in development if the outcome of such meetings means that a company needs to adapt a strategy/program that has already been initiated. This could have been avoided, had the meeting been sought earlier in development. In larger organisations there usually is sufficient experience in this field and it is common practice to prepare intensively and conduct rehearsals for these meetings. In contrast, this type of preparation slips by the wayside in smaller companies, to their potential detriment, as these meetings are a great opportunity to get valuable information about the viability of your development program, and thorough preparation enables a company to maximize the benefit they receive from the meeting.

Regulatory specialists are used to communicating with Agencies and, as a consequence, have the expertise to determine what questions are likely to elicit useful information from the agency, write the briefing book to the standards expected by the agency, to consult on meeting formalities, and to design rehearsals. 

The above examples illustrate four typical bottle necks that can seriously slow down development programs of biopharmaceuticals. But these examples also illustrate how strong involvement of Regulatory Affairs specialists early on in the project can make a big difference toward solving or preventing them.

Blog by:  Frank Hermens - Sr. Consultant at Xendo
If you have any questions don't hesitate to contact us!

How Risk Management is integrated in the revised ISO 13485:2016

#How Risk Management is integrated in the revised ISO 13485:2016

The word “risk” is mentioned over 15 times in the revised ISO 13485:2016; which is considerably more compared to the previous version, where it is mentioned twice. In the ISO 13485:2003, risk management was applicable for activities related to product realization, including the design and development of medical devices.  The revised ISO expands risk management to more processes; e.g., purchasing and training. This means quality management systems need to be updated.

In the new ISO 13485:2016 clause 4.2.1 it is mentioned: The organization shall apply a risk based approach to the control of the appropriate processes needed for the quality management system. Anything that affects the quality system needs to be viewed from that risk perspective. This is nothing new, but what are appropriate processes? In general the revised ISO requests companies to make risk-based decisions related to purchasing and product realization activities and other aspects of the quality management system, like training.

The term risk, used in the standard, pertains to safety or performance requirements of the medical device, or meeting applicable regulatory requirements. Failure Mode Effect Analyses (FMEA) are typically used to assess design or production controls, but can also be used to incorporate other aspects of the quality system. Below, several chapters of the ISO 13485:2016 are highlighted, the italic phrasings are literally from the standard, and it is explained how risk management can be implemented pragmatically. Clauses regarding risk management that were already addressed in the previous version of the standard, are not dealt with as they are already known for many years. But first, to define the right mind-set, the definition of risk and risk management, according to the revised standard, is the following:

Clause 3 Terms and definitions

Definition: risk

"combination of the probability of occurrence of harm and the severity of that harm" - [SOURCE: ISO 14971:2007, 2.16]

Definition: risk management

"systematic application of management policies, procedures and practices to the tasks of analysing, evaluating, controlling and monitoring risk" - [SOURCE: ISO 14971:2007, 2.22]

Clause 4 Quality management system

4.1 General requirements


When the organization chooses to outsource any process that affects product conformity to requirements, it shall monitor and ensure control over such processes. The organization shall retain responsibility of conformity to this International Standard and to customer and applicable regulatory requirements for outsourced processes. The controls shall be proportionate to the risk involved and the ability of the external party to meet the requirements in accordance with 7.4. The controls shall include written quality agreements.

When processes are outsourced, the standard requires that the controls that are going to be put in place for suppliers should be considered from a risk perspective. It starts with the selection of the supplier. Consider that the purchased item is a critical component for the device, what will be the risk if the supplier does not have a Quality Management System, including aspects like a complaint handling process? And when the supplier is selected, what happens if the supplier doesn't meet the specifications of the purchased components? How will that affect the final device? The standard determines that organizations should consider such risks and that they should have risk controls in place to mitigate possible hazards.


The specific approach and activities associated with software validation and revalidation shall be proportionate to the risk associated with the use of the software.

For some cases where software is used, the approach is straightforward. If electronic batch records are used, the risks of the software should be considered, which is normally routine. Also for implementing ERP-software systems, a risk-based approach is appropriate in the organization. But what if data of equipment is sent to a server and used in an Excel-spreadsheet to determine the process capability of the equipment, should that be validated? Software validation can be very complex and organizations often do not know what exactly, or how to validate the software. Therefore, a risk based approach to determine the criticality of the software is strongly recommended, it provides justification that any possible hazard of the software has been anticipated.

Clause 6 Resource management

6.2  Human Resources

The methodology used to check effectiveness of a training is proportionate to the risk associated with the work for which the training or other action is being provided.

The risks should be considered if the given training is not fully understood. Consideration should specifically be given to what could be the consequences, if employees interpret the essence of a certain training incorrectly and what the subsequent impact could be on a product’s quality.

The aspect ‘proportionate’ is clarified further by the following comparison:  Training on the job in the field of final inspection of a medical device should be properly checked for effectiveness, as the risk of an improperly performed inspection is fairly obvious. However, if an employee wishes to improve his or her level of the English grammar, then the check of the English course that was followed is of less importance. However, if it is a desire to have all procedures in English and the employees are not native English speakers, the risk can be considered to be higher. An ineffective training could have consequences for the safety of the device and the hazard involved. Therefore, the organization should have risk controls in place to avoid mistakes and should have preventive procedures in place also for training.

Clause 7 Product realization

7.4 Purchasing

7.4.1 Purchasing process

The organization shall document procedures to ensure that purchased product conforms to specified purchasing information. The organization shall establish criteria for the evaluation and selection of suppliers. The criteria shall be proportionate to the risk associated with the medical device. And non-fulfilment of purchasing requirements shall be addressed with the supplier proportionate to the risk associated with the purchased product and compliance with applicable regulatory requirements.

The extent of verification activities shall be based on the supplier evaluation results and proportionate to the risks associated with the purchased product. When formulating a risk-based approach to evaluate new or existing suppliers, it is important to first identify the critical control points for the purchased component. These are the points in the process, where failure could result in significant harm to patients and to the business. FMEA can also be used to identify areas of significant risk at suppliers that demand special attention, and to ensure that the risk stays as low as possible.

Clause 8 Measurement, analysis and improvement

8.2 Monitoring and measurement

8.2.1 Feedback

The organization shall document procedures for the feedback process. This feedback process shall include provisions to gather data from production as well as post-production activities. The information gathered in the feedback process shall serve as potential input into risk management for monitoring and maintaining the product requirements as well as the product realization or improvement processes.

With feedback obtained from users, patients and other stakeholders, an organization could consider to change the design of a medical device or certain processes, e.g. production, shipping, etc. In the case where a device should be stored and distributed in a temperature range of 15 - 25 °C, which is assumed “room temperature”, consider what would be the harm to the safety and performance of the device when it is shipped by plane under “normal” conditions. Is the impact negligible when shipped at higher or lower temperature? So the question is whether the actual situation is aligned with the required temperature range? And if not, would this result in negative feedback from the user? Feedback needs to be evaluated and could be an input to risk management, bearing in mind the safety of the patient and performance of the device.

8.3 Control of non-conforming product

8.3.4 Rework

The organization shall perform rework in accordance with documented procedures that takes into account the potential adverse effect of the rework on the product.

The heading of this sub-clause is new in the standard, however the clause itself remains the same. The word “risk” is not mentioned in this clause, but “adverse effect” can be understood as a risk. Certainly something to focus on; if rework of the device can occur before or after delivery, it should be considered which risks are introduced into the device. For example the device is packaged and during inspection there is an irregularity in the seal, could the device be re-packaged? And how many times is re-packaging allowed? And what is the effect of the device during re-packaging? Is extra heat treatment safe for the device and will the device still function according to the requirements? Are the features of the whole batch of devices completely equal with the included reworked devices and what is the hazard of having differences of these features in one batch?

Also, if the device has been delivered and is returned due to a non-conformity (e.g. equipment for analyzing purposes), the potential risks should be considered, before being returned back into the field.


From the above explanation of several clauses of the revised ISO 13485:2016 standard, it is clear that the new standard puts more emphasis on risk management; there are more but also different sorts of activities, in comparison to the previous standard. Selected software for supporting the product realization processes should be challenged with risk management. Focus should also be kept on training. Could this training affect the safety or performance of the device, and what are the risks and hazards if the training is misunderstood or wrongly interpreted. And further, what will be the impact on the device when selecting a new supplier or when the device is reworked? With a pragmatic approach and the examples given above, each organization should be able to update its quality management system appropriately. The result will not only be compliance to the risk management requirements of the new standard, but also better allocation of the organization’s resources, i.e. the activities that would benefit most, will be appropriately addressed.

For consideration:

Although the standard mentions nothing about risk management regarding management reviews, these meetings are a huge opportunity for achieving improvements. When conducting management review meetings, it should be specifically addressed how risk management is incorporated into the areas under review. As mentioned before; all Quality Management System processes can be approached risk based.

Blog by: Claar van Berge Henegouwen , Consultant at Xendo

The revised Annex 16 on QP  Certification and Batch  Release, are you prepared?

#The revised Annex 16 on QP Certification and Batch Release, are you prepared?

As far as changes in GMP legislation effect our daily work, the revised Annex 16 might prove to be quite a transformation. To account for rapid changes in the pharmaceutical landscape, the revision has been adapted substantially to include just about every development in the last fourteen years as well as new legislation coming into force. Especially the Qualified Persons (QP) will most likely see their workload increase to be able to ensure that batches are certified in a GMP compliant manner prior to their release. Because schedules are tight as it is, we have summarized some significant changes to the revised Annex 16 to get you up to speed.


After considerable time, on 15 April 2016 the revised version of Annex 16 will replace the one that has been in effect since January 2002. The revision process started back in October 2011 with an EMA Concept Paper on Revising Annex 16  followed by a Public Consultation from 5 July to 5 November 2013 for which no less than 30 reactions have been received. Finally resulting in a document which should probably last for quite some time.

Structure of the document

One of the changes that is difficult to miss, is the restructuring of the document. Sections containing different scenarios related to the origin of manufacture and possible existence of a mutual recognition agreement (MRA) have been omitted and the order has been changed to reflect the process of certification of a batch followed by GMP assessment by third parties, handling of unexpected deviations and finally the release of a batch.

Complexity of the supply chain and falsified medicines

Supply chains can be increasingly complex as more and more countries are involved, even in the EU. Each manufacturing site in the EU is obliged to have at least one QP (1.4) and Appendix I is added to prescribe the contents of the confirmation statement on the partial manufacturing (transfer of QP responsibilities between sites). The contents of a batch certificate needed for the certification are described in Appendix II.

The entire supply chain has to be documented, in a diagram for example (1.7.2).  Risks should be determined through risk assessments and safeguards should be built in to reduce the risks of falsified medicines finding their way into the supply chain ( 1.5.7). All arrangements between sites and parties should be in the form of written agreements.

For companies operating outside of the EU Annex 16 has another effort at hand. For medicinal products manufactured outside the EU and destined for release in the EU or for export, the complexity of the supply chain and locations of manufacturing sites is even higher. So basically the same process of certification is applicable, however with additional requirements (1.5). Mentioned specifically, are the storage and transport of a batch and any samples taken at the manufacturing site, for instance. This is allowed as long as these samples are fully representative for the batch. Formal quality risk management is required to support this assumption and the procedure should also be justified and documented (1.5.6).

New legislation for active pharmaceutical ingredients and excipients

In 2013, the import of active pharmaceutical ingredients (APIs) from outside the EU has been subjected to additional measures according to the ‘falsified medicines directive’ (2011/62/EU).  APIs can only be imported if they are accompanied by a written confirmation from the competent authority of the exporting third country stating compliance of the manufacturing process and the manufacturing site with EU GMP.  

Also in 2013 the revised GDP guidelines (2013/C 343/01) came into force,  containing requirements for GDP to cutback the number of falsified drug substances and drug products and requiring additional tasks for the supply chain that should be covered in quality agreements. Recently, legislation for excipients has been issued (Guidelines 2015/C 95/ 02). It is now required to carry out formalised risk assessment for ascertaining the appropriate GMP for excipients of medicinal products for human use.

The QP has to assure compliance with all legal requirements mentioned above.

Investigational medicinal products

The revised version specifically mentions inclusion of investigational medicinal products (IMPs) whereas the previous Annex 16 may be applied for IMPs.

Responsibilities of the QP

The revision specifies the responsibilities in much more detail. According to section 1.6, the QP must now personally ensure that several operational responsibilities are fulfilled prior to certification of a batch. These comprise of:

  • permission for certification under the terms of the manufacturing and importation authorisation (MIA)
  • compliance with national legislation
  • use of a register to record the certification.

In addition, the QP has the responsibility for ensuring that 21 points  are secured. In comparison to section 8 of Annex 16 of July 2001, at least 10 additional items have been added:

  • supplier management of starting materials and excipients (1.7.6)
  • GMP and GDP compliance of APIs (1.7.7) 
  • importation of APIs (1.7.8)
  • manufacturing of excipients (1.7.9)
  • TSE status (1.7.10)
  • finished product quality control (1.7.13)
  • regulatory post-marketing commitments (1.7.14)
  • technical agreements (1.7.18)
  • self-inspection programmes (1.7.19)
  • arrangements for distribution and shipment (1.7.20)
  • safety features of the packaging (1.7.21)

It is evident that all these duties may be delegated to other (trained) personnel or third parties. As a result of this the QP should have on-going assurance that reliance on the pharmaceutical quality system is well founded. In case third parties are involved this assurance should be done in accordance with Chapter 7 of Volume 4. Special attention is given to audits and the use of risk assessments to determine the critical aspects to be audited and the frequency of repeated audits (2).

Continuous training

More emphasis is placed on the requirement for the QP to have detailed knowledge of the product(s) and the processes as well as technical developments and GMP and should be able to prove continuous training regarding these aspects (1.2).

Handling of unexpected deviations

New to Annex 16 is the inclusion of the EMA 2009 reflection paper on dealing with unexpected deviations and the effect on batch certification. The QP may consider certification of the batch only when all specifications present in the MA are met, the impact has been assessed via a quality risk management process, a thorough investigation has been carried out and the root cause has been corrected. In other words: the manoeuvring space for the QP is limited, but clear.

What has not changed?

The principles of Annex 16 have not changed regarding the role of the QP in certification and subsequent batch release of medicinal products for human or veterinary use holding a MA or made for export. As always, the QP is still responsible for ensuring that each individual batch has been manufactured and checked in compliance with national laws of the Member State where certification takes place, in accordance with the requirements of the marketing authorisation (MA) and with Good Manufacturing Practice (GMP). Emphasised in the revised version of Annex 16 is that the marketing authorisation holder (MAH) has the ultimate responsibility for the performance of a medicinal product over its lifetime, its safety, quality and efficacy, as also laid down in Chapter 1 of Volume 4 

In conclusion

Several new aspects have been added to the revised edition of Annex 16, next to the restructuring of the entire Annex. As a consequence there is an increase of the  responsibilities of the QP within the EU to ensure compliance of the pharmaceutical quality system  with the requirements laid down in the MA, GMP and national legislation. To be able to do that is a challenge for pharmaceutical companies. So again, are you prepared?

Read the full text here: