Regulatory Compliance Excellence

 

 

"Remediating Your Consent Decree, Warning Letter, Multi-483s and Quality System Challenges Right First Time and Fast By Spending Less"

 

 

 Home About Us Services Resume of Projects Client Testimonials Press Room Contact Us

"How to Regain Regulatory Compliance and Reinvent Your Company Right First Time (RFT) By Spending Less: Ten Powerful Steps to Your Guaranteed Success"

  1. Make a company-wide strategic and irreversible decision to "partner" with the FDA, your stakeholders, employees and suppliers for properly and quickly regaining regulatory compliance instead of treating either the FDA or other regulatory body as adversaries. Do not lie to the FDA, do not withhold evidence/data from the FDA that you know it has the right to have, do not falsify and/or destroy regulatory compliance documents/data. 

  2. Focus your resources and diagnose the root cause(s) of each of your regulatory compliance violations properly. Do not waste time trying to challenge the validity of the FDA's observations. Typically, the root cause involves one or more or a combination of the following Quality Systems:

One Fortune 100 pharmaceutical company with multiple divisions and manufacturing sites around the world used simultaneously a 52 page Manufacturing Deviation SOP, a 54 page Supplier Deviation SOP, a 93 page Exception SOP, a 67 page OOS SOP, a 82 page Complaint Handling SOP and a 111 page CAPA SOP under the same Quality System. Countless FDA critical terms  had a different definition in each of those SOPs resulting in regulatory non-compliance. We recommended the replacement of those six non-compliant SOPs totaling 459 pages with one or 2 SOPs of no more than 60 pages total. Another Fortune 50 medical device company used a CAPA SOP that allowed endless time extensions for previously committed deliverables with inadequate justification even though that company used industry's most adopted QMS suite product.

  1. Develop a remediation plan to correct each of the found regulatory compliance deficiencies and secure FDA's approval. Make sure you would be able to complete that remediation plan as you have stated no matter what or the FDA will loose faith, confidence in you and with detrimental consequences. Challenge the validity and adequacy of each of your assumptions. Make sure you have adequate contingencies should things do not go as planned because they typically do. Too often, companies under distress over commit to complete required FDA milestones without realizing the many significant and prerequisite milestones that their original remediation plan has overlooked. It is always wise to under-promise/commit and then over-deliver.

  2. The remediation plan must be scrutinized so it meets specific regulatory compliance, Lean Six Sigma and Quality System Reengineering metrics. Otherwise that company might be setting itself up to spend literally most of its future annual revenues and valuable resources to support a highly costly and complex Quality System which eventually will become again regulatory non-compliant. As we say to our clients: "The remediation plan must irreversibly fix your current regulatory non-compliance deficiencies and simultaneously enable you to implement a Best-in-Class Quality System or reject it." We recall of a company under Consent Decree in 2000-2006 that hired 500+ software and process validation consultants, expended over 75 million dollars to meet a totally unattainable deadline. At the end, the FDA rejected each of the seemingly completed validation documents as inadequate and then another consulting validation company was hired to complete properly that validation task. The company incurred significant expenses plus lost valuable time  towards regaining regulatory compliance.   

  3. Don't be afraid to ask the FDA for extending the time of some of your previously made commitments but be prepared to justify such a request with the progress you have made up to that date plus provide evidence of your unanticipated obstacles. Yet, never wait until one of your deadlines has passed before reaching out to the FDA. 

  4. Each of your Quality System SOPs and your company's Quality System must meet at minimum the following regulatory compliance requirements:

  1. Requirements in each Quality System SOP must always use the clear, objective and actionable word "must - that is our recommendation." The words "shall or will" can be used as substitutes to the word "must" even though experts suggest some differences among them. Requirements of a Quality System SOP can not contain such conditional or optional words as "may, might, should, could, try to, make an effort, when or if possible/ available/ allowed/ permitted/ feasible/ needed, as soon as possible (ASAP), it would be nice to, etc.  because a requirement "must" get complied with; it is not optional. Yet, practically every company we have dealt with in our 30+ years of experience does not 100% comply with this core requirement. Consequently, each Quality System SOP with conditional/optional words in at least one requirement contained within it is in regulatory non-compliance.

  2. Software validation continues to be a significant challenge for many companies in the industry. Thousands of people claim to know how to perform "properly" software validation.  Yet our 30+ years of experience teaches us that only a significantly small percentage  of those experts know and are able to complete properly a software system validation. Why? Because people fail to understand how to apply the GAMP 5 FDA guideline properly.

  3. Software validation must be based on risk primarily to the user, patient and medical practitioner and risk of regulatory non-compliance (which again is indirectly/directly related to the user, patient and medical practitioner.) Development  and application of a proper risk analysis for a software system application requires  proper identification, characterization and documentation of Harm, Hazardous Situation, Hazard and then linkage of that risk to user requirements, product/process specifications, system quality attributes in "no load, load and stress load" conditions/environments over that software system's expected service life. Unfortunately, a significant number of companies have failed to complete a proper risk analysis before starting their various software validation activities. Such a failure is not easy for one to diagnose, yet it typically causes significant company problems: extremely difficult or impossible to properly validate a software system, project cost overruns and milestone completion delays, increased risk, possible regulatory non-compliance.  

  4. The Performance Qualification (PQ) of a software system must comprise validation of its predefined responsiveness, security, stability, scalability, reliability and resource usage against documented user requirement/functional/configuration specifications and under various load conditions/environments. A medical device company was surprised when one of its new products  - comprising an apparatus insert able into a body cavity and an external electronic controller with a TV monitor - exploded into a patient's cavity during a surgical procedure. Subsequent investigation conclusively determined the new product development team of the external electronic controller with a TV monitor failed to properly collaborate with the new product development team of the apparatus insert able into a body cavity so when the finished product was used together it exploded. We say, when others claim to have completed a "Software System Validation" project and afterwards "a train goes through the involved product without anybody noticing it", obviously "Roger, we got a problem."

 bar-blue Home About Us Services Resume of Projects Client Testimonials Press Room Contact Us

Regulatory Compliance Excellence(tm), 403 Christie Court, Stewartsville, NJ 08886 | 908-827-1715 

Copyright © 2012 Regulatory Compliance Excellence(tm). All Rights Reserved. Trademarks | Disclaimer