IDT Australia Ltd.Henan Lihua Pharmaceutical Co. Ltd.
2. Failure to maintain complete data derived from all laboratory tests conducted to ensure your API complies with established specifications and standards. You used a (b)(4) instrument (FK03011) for stability testing for multiple API, including (b)(4) and (b)(4). You subsequently used the same instrument and software to perform in-process analytical testing. Our investigator reviewed the audit trail on this instrument and observed that the software was configured to permit continuous use of the “preview run” function and routine overwriting of previous runs. Only the final “preview run” (b)(4) in each project folder was retained. Our review of the audit trail demonstrated that multiple distinct (b)(4) were performed and that the length of each (b)(4) was consistent with the time required to perform blank, sample, and standard (b)(4). It is essential to retain raw data to ensure the ability to reconstruct CGMP activities and to review raw data, as necessary, for CGMP control testing. In your response, you stated the software did not allow retrieval of “non-data acquisition (b)(4),” and you did not realize that you needed to retain the preview run data. We acknowledge that you intend to replace the affected (b)(4) instruments. However, procuring new instruments, installing new and upgraded data acquisition software, and enabling various features on software are not sufficient alone. These steps will be effective only if you implement appropriate procedures and systems to ensure that you retain data as required so that your quality unit can review production and control data and associated audit trails as part of evaluating whether your API complies with all established criteria for in-process and stability testing. Data Integrity Remediation Your quality system does not adequately ensure the accuracy and integrity of data to support the safety, effectiveness, and quality of the drugs you manufacture. We acknowledge that you committed to using a consultant to assist in meeting FDA requirements. In response to this letter, provide the following. A. A comprehensive investigation into the extent of the inaccuracies in data records and reporting. Your investigation should include: A detailed investigation protocol and methodology; a summary of all laboratories, manufacturing operations, and systems to be covered by the assessment; and a justification for any part of your operation that you propose to exclude. Interviews of current and former employees to identify the nature, scope, and root cause of data inaccuracies. We recommend that these interviews be conducted by a qualified third party. An assessment of the extent of data integrity deficiencies at your facility. Identify omissions, alterations, deletions, record destruction, non-contemporaneous record completion, and other deficiencies. Describe all parts of your facility’s operations in which you discovered data integrity lapses. A comprehensive retrospective evaluation of the nature of the testing and manufacturing data integrity deficiencies. We recommend that a qualified third party with specific expertise in the area where potential breaches were identified should evaluate all data integrity lapses. B. A current risk assessment of the potential effects of the observed failures on the quality of your drugs. Your assessment should include analysesof the risks to patients caused by the release of drugs affected by a lapse of data integrity, and risks posed by ongoing operations. C. A management strategy for your firm that includes the details of your global corrective action and preventive action plan. Your strategy should include: A detailed corrective action plan that describes how you intend to ensure the reliability and completeness of all of the data you generate, including analytical data, manufacturing records, and all data submitted to FDA. A comprehensive description of the root causes of your data integrity lapses, including evidence that the scope and depth of the current action plan is commensurate with the findings of the investigation and risk assessment. Indicate whether individuals responsible for data integrity lapses remain able to influence CGMP-related or drug application data at your firm. Interim measures describing the actions you have taken or will take to protect patients and to ensure the quality of your drugs, such as notifying your customers, recalling product, conducting additional testing, adding lots to your stability programs to assure stability, drug application actions, and enhanced complaint monitoring. Long-term measures describing any remediation efforts and enhancements to procedures, processes, methods, controls, systems, management oversight, and human resources (e.g., training, staffing improvements) designed to ensure the integrity of your company’s data. A status report for any of the above activities already underway or completed.