Unimark Remedies Ltd

Unimark Remedies Ltd
Product: active pharmaceutical ingredients
Date: 9/28/2015

Failure to prevent unauthorized access or changes to data and to provide adequate controls to prevent omission of data.

Your laboratory systems lacked access controls to prevent raw data from being deleted or altered. For example:

a. During the inspection, we noted that you had no unique usernames, passwords, or user access levels for analysts on multiple laboratory systems. All laboratory employees were granted full privileges to the computer systems. They could delete or alter chromatograms, methods, integration parameters, and data acquisition date and time stamps. You used data generated by these unprotected and uncontrolled systems to evaluate API quality.

b. Multiple instruments had no audit trail functions to record data changes.

We acknowledge your commitment to take corrective actions and preventive actions to ensure that your laboratory instruments and systems are fully compliant by January 15, 2015. In response to this letter, provide a copy of your system qualification to demonstrate that your electronic data systems prevent deletion and alteration of electronic data. Describe steps you will take (e.g., installing better systems or software) if your qualification efforts determine that the current system infrastructure does not assure adequate data integrity. Explain the archival process your firm has implemented to address these issues and how you will evaluate the effectiveness of these corrections. Provide a detailed summary of the steps taken to train your personnel on the proper use of computerized systems.

Failure to maintain complete data derived from all testing, and to ensure compliance with established specifications and standards.

Because you discarded necessary chromatographic information such as integration parameters and injection sequences from test records, you relied on incomplete records to evaluate the quality of your APIs and to determine whether your APIs conformed with established specifications and standards. For example:

a. During the inspection, the investigator found no procedures for manual integration or review of electronic and printed analytical data for (b)(4) stability samples. Electronic integration parameters were not saved or recorded manually. When the next samples were analyzed, the previous parameters were overwritten during the subsequent analyses.

b. We found that some analytical testing data was inadequately maintained and reviewed.

i. Your HPLC 14 computer files included raw data for undocumented (b)(4) stability samples analyzed on December 30, 2013, but no indication of where these samples came from and why they were tested.
ii. In a data file folder created on May 22, 2013, 23 chromatograms were identified as stability samples for (b)(4) lots (b)(4), and (b)(4). Results were not documented. More importantly, the acquisition date was July 7, 2013, more than six weeks after the samples were run.
iii. (b)(4) lots (b)(4) and (b)(4) were not in your stability study records at the time of inspection. Additionally, there were no log notes of any samples from the three lots removed from the stability chamber.

You responded that ?the probable reason for this inconsistency in data acquisition was due to some malfunction in the computer system at the time of data acquisition.? Your response is inadequate because you have provided neither evidence to support this conclusion, nor a retrospective review of the effects your incomplete analytical data records may have had on your evaluation of API quality.

In response to this letter, provide your revised procedures and describe steps you have taken to retrain employees to ensure retention of complete electronic raw data for all laboratory instrumentation and equipment. Also, provide a detailed description of the responsibilities of your quality control laboratory management, and quality assurance unit for performing analytical data review and assuring integrity (including reconcilability) of all data generated by your laboratory.

FDA District Office: CDRH

About the author

Amy enjoys researching and writing about developments in medical technology and how that intersects with US law. She received her J.D. from the University of Florida Levin College of Law in 2020 and now works as a Regulatory Associate for SoftwareCPR®, a general-purpose regulatory consulting firm that is recognized globally for their expertise with standards and national regulations pertaining to medical device, mobile medical app, and HealthIT software.

62304 Software Training Course – February 23-25, 2021

IEC 62304 and Emerging Standards and FDA Expectations for Medical Device and Health IT Software – Virtual

This very popular 3-day course provides a clear understanding of applying IEC 62304 standard for medical device software and much more. The course compares and contrasts 62304 with FDA expectations and discusses approaches for alignment. In addition, participants will learn of other relevant standards and technical reports pertinent to medical device software, HealthIT, medical mobile apps, and Software as a Medical Device (SaMD) products (e.g., 82304, 80002-1, 14971, 80001-2-x, 62366).

Participants will gain practical advice and pragmatic experience with all types of medical software. Participants will leave with a clear understanding of how to effectively and efficiently integrate 62304 compliance into their software development lifecycle (SDLC).

Register (click):  EventZilla Registration Site

Need info?  Email us at training@softwarecpr.com

Corporate Office

15148 Springview St
Tampa, FL 33624
Partners located in the US (CA, FL, MA, MN) and Italy.