Cost-Contained Regulatory Compliance E-Book

Table of Contents

Cover

Title page

Copyright page

PREFACE

CHAPTER 1 CONTROLLING REGULATORY COSTS

1.1 INTRODUCTION

1.2 CLEAR OPERATIONAL DEFINITIONS

1.3 AUDITS

1.4 QUALITY BY DESIGN6

1.5 ELECTRONIC SUBMISSIONS

1.6 OUTSOURCING

1.7 EMEA COORDINATION

1.8 FDA VISITS

1.9 RISK ASSESSMENT

1.10 SUMMARY

CHAPTER 2 CLEAR OPERATION DEFINITIONS OF REQUIREMENTS

2.1 INTRODUCTION

2.2 OPERATIONAL DEFINITIONS

2.3 WRITING COST-CONTAINED STANDARD OPERATING PROCEDURES

2.4 EXAMPLE: COMPLIANCE WITH 21 CFR PART 11 IN A QA LABORATORY

2.5 RISK ASSESSMENT

2.6 SUMMARY

CHAPTER 3 PREREGULATORY AUDITS

3.1 INTRODUCTION

3.2 AUDITOR CRITERIA

3.3 ADVANTAGES OF AN INDEPENDENT AUDITOR

3.4 COST CONTAINMENT

3.5 SUMMARY

CHAPTER 4 QUALITY BY DESIGN

4.1 INTRODUCTION

4.2 QbD FACTORS

4.3 THE MODEL

4.4 QbD COST CONTAINMENT

4.5 QbD IN LABORATORIES

4.6 PROCESS UNDERSTANDING

4.7 PROCESS ANALYTICAL CONTROL (PAT)

4.8 RISK ANALYSIS

4.9 QbD IMPLICATIONS

4.10 SUMMARY

CHAPTER 5 OUTSOURCING

5.1 INTRODUCTION

5.2 THE VALUE OF EXPERTISE

5.3 OUTSOURCE CRITERIA

5.4 SUMMARY

APPENDIX TO CHAPTER 5

CHAPTER 6 ELECTRONIC SUBMISSIONS

6.1 INTRODUCTION

6.2 SECONDARY BENEFITS

6.3 SUBMISSION GUIDELINES

6.4 BARRIERS TO STANDARDIZED ELECTRONIC SUBMISSION GUIDELINES

6.5 SUMMARY

APPENDIX TO CHAPTER 6

CHAPTER 7 EMEA/FDA COORDINATION

7.1 INTRODUCTION

7.2 PHILOSOPHY: SAFETY VERSUS ACCESS

7.3 CRITICAL DIFFERENCES

7.4 THE PATH TO HARMONIZATION: QBD

7.5 STRATEGY FOR SUBMISSIONS

7.6 STRATEGY FOR COMPLIANCE

7.7 CLINICAL RESEARCH

7.8 SUMMARY

APPENDIX TO CHAPTER 7

CHAPTER 8 MANAGING FDA INSPECTIONS

8.1 INTRODUCTION

8.2 CONFUSING PATHS

8.3 ADVANCE PREPARATION

8.4 TRAINING FOR FDA VISITS

8.5 TEN COMMANDMENTS FOR FDA VISITS

8.6 META CONSIDERATIONS

APPENDIX TO CHAPTER 8

CHAPTER 9 RISK ASSESSMENT

9.1 INTRODUCTION

9.2 RISK ASSESSMENT

9.3 A DRUG EXAMPLE

9.4 BENEFITS ANALYSIS

9.5 RISK ASSESSMENT

9.6 RISK ASSESSMENT AND REGULATION

REGULATION CHECKLIST

STANDARD OPERATING PROCEDURE: VALIDATION RISK ANALYSIS

BACKGROUND

SUMMARY

A HEURISTIC MODEL OF FDA RISK FACTORS FOR CGMP INSPECTIONS OF PHARMACEUTICAL MANUFACTURING SITES1

REGULATORY RISK FINDINGS: PREDICTING FDA ACTIONS ON DRUG REGULATORY SUBMISSIONS3

CHAPTER 10 CASES

STRATEGIC ACTION

EFFECT

PROBLEMS/CHALLENGES

COST CONTAINMENT

ESTIMATED SAVINGS

NOTES

BACKGROUND

STRATEGIC ACTION

EFFECT

PROBLEMS/CHALLENGES

COST CONTAINMENT

ESTIMATED SAVINGS

NOTES

BACKGROUND

STRATEGIC ACTION

EFFECT

PROBLEMS/CHALLENGES

COST CONTAINMENT

ESTIMATED SAVINGS

NOTES

BACKGROUND

STRATEGIC ACTION

EFFECT

PROBLEMS/CHALLENGES

COST CONTAINMENT

ESTIMATED SAVINGS

NOTES

BACKGROUND

STRATEGIC ACTION

EFFECT

PROBLEMS/CHALLENGES

COST CONTAINMENT

ESTIMATED SAVINGS

NOTES

BACKGROUND

STRATEGIC ACTION

EFFECT

PROBLEMS/CHALLENGES

COST CONTAINMENT

ESTIMATED SAVINGS

NOTES

BACKGROUND

STRATEGIC ACTION

EFFECT

PROBLEMS/CHALLENGES

COST CONTAINMENT

ESTIMATED SAVINGS

NOTES

BACKGROUND

STRATEGIC ACTION

EFFECT

PROBLEMS/CHALLENGES

COST CONTAINMENT

ESTIMATED SAVINGS

NOTES

BACKGROUND

STRATEGIC ACTION

EFFECT

PROBLEMS/CHALLENGES

COST CONTAINMENT

ESTIMATED SAVINGS

NOTES

BACKGROUND

STRATEGIC ACTION

EFFECT

PROBLEMS/CHALLENGES

COST CONTAINMENT

ESTIMATED SAVINGS

NOTES

BACKGROUND

STRATEGIC ACTION

EFFECT

PROBLEMS/CHALLENGES

COST CONTAINMENT

ESTIMATED SAVINGS

NOTES

CHAPTER 11 COST-CONTAINMENT ANALYSIS

11.1 INTRODUCTION

11.2 THE STRATEGIES

11.3 OUTSOURCING

11.4 ELECTRONIC SUBMISSIONS

11.5 EMEA SUBMISSIONS

11.6 VARIANCES BY INDUSTRY

11.7 SUMMARY

CHAPTER 12 MANAGING REGULATION IN TIMES OF CHAOS

12.1 THE 2009 MEDICAL DEVICE LETTER

12.2 DUCK AND COVER

12.3 THE ACCESS FACTOR

12.4 DELAY

12.5 CLARIFICATION (PRECONFERENCES)

12.6 SUMMARY

CHAPTER 13 INTERNATIONAL REGULATION

13.1 INTRODUCTION

13.2 AUSTRALIA

13.3 BRAZIL

13.4 CHINA

13.5 EUROPEAN UNION

13.6 FRANCE

13.7 GERMANY

13.8 INDIA

13.9 ISRAEL

13.10 JAPAN

13.11 KOREA (SOUTH)

13.12 SWITZERLAND

13.13 UNITED KINGDOM

CHAPTER 14 COST-CONTAINED REGULATORY COMPLIANCE

CHAPTER 15 FUTURE

15.1 PREDICTING THE FUTURE

15.2 FOUR MAJOR TRENDS

15.3 IMPACT OF FUTURE TRENDS

15.4 CONCLUSION

BIBLIOGRAPHY

Index

Copyright © 2011 by John Wiley & Sons, Inc. All rights reserved

Published by John Wiley & Sons, Inc., Hoboken, New Jersey

Published simultaneously in Canada

No part of this publication may be reproduced, stored in a retrieval system, or transmitted in any form or by any means, electronic, mechanical, photocopying, recording, scanning, or otherwise, except as permitted under Section 107 or 108 of the 1976 United States Copyright Act, without either the prior written permission of the Publisher, or authorization through payment of the appropriate per-copy fee to the Copyright Clearance Center, Inc., 222 Rosewood Drive, Danvers, MA 01923, (978) 750-8400, fax (978) 750-4470, or on the web at www.copyright.com. Requests to the Publisher for permission should be addressed to the Permissions Department, John Wiley & Sons, Inc., 111 River Street, Hoboken, NJ 07030, (201) 748-6011, fax (201) 748-6008, or online at http://www.wiley.com/go/permissions.

Limit of Liability/Disclaimer of Warranty: While the publisher and author have used their best efforts in preparing this book, they make no representations or warranties with respect to the accuracy or completeness of the contents of this book and specifically disclaim any implied warranties of merchantability or fitness for a particular purpose. No warranty may be created or extended by sales representatives or written sales materials. The advice and strategies contained herein may not be suitable for your situation. You should consult with a professional where appropriate. Neither the publisher nor author shall be liable for any loss of profit or any other commercial damages, including but not limited to special, incidental, consequential, or other damages.

For general information on our other products and services or for technical support, please contact our Customer Care Department within the United States at (800) 762-2974, outside the United States at (317) 572-3993 or fax (317) 572-4002.

Wiley also publishes its books in a variety of electronic formats. Some content that appears in print may not be available in electronic formats. For more information about Wiley products, visit our web site at www.wiley.com.

Library of Congress Cataloging-in-Publication Data:

Weinberg, Sandy, 1950–

 Cost-contained regulatory compliance : for the pharmaceutical, biologics, and medical device industries / by Sandy Weinberg.

p. ; cm.

 ISBN 978-0-470-55235-3 (cloth)

 1. Medical instruments and apparatus industry–United States–Cost control. 2. Medical instruments and apparatus–Inspection–United States. 3. Pharmaceutical industry–United States–Cost control. 4. Pharmaceutical industry–Inspection–United States. 5. United States. Food and Drug Administration. I. Title.

 [DNLM: 1. United States. Food and Drug Administration. 2. Drug Industry–economics– United States. 3. Biotechnology–economics–United States. 4. Consumer Product Safety–standards–United States. 5. Cost Control–methods–United States. 6. Equipment and Supplies–economics–United States. 7. Quality Assurance, Health Care–economics–United States. QV 736]

 HD9994.U52W45 2011

 615.1068'1–dc22

2010028410

oBook: 978-0-470-93351-0

ePDF: 978-0-470-93350-3

ePub: 978-1-118-00227-8

In difficult economic times, the first rule of management is to conserve financial resources. In good economic times, the same rule prevails. Cost containment means less borrowing, greater flexibility, and higher profits.

But to the pharmaceutical, medical device, and biologics industries, cost containment has a significance that transcends financial considerations. The altruistic goal of these health-care industries is to bring therapeutics, preventatives, and quality-of-life enhancements to the public. In the United States and much of the world, the major impairment to that access is cost: Regardless of need, expensive drugs, vaccines, and devices are less available to the people who need them.

There are a number of expense centers that need careful monitoring and close cost control: manufacturing, distribution, research, and so forth. Somewhere on the list—perhaps not at the top of the potential amount of savings but high on the opportunity for control—is the cost of regulation. The investment necessary to maintain top-level quality assurance and control, and to demonstrate that level to outside government (or industry) reviewers are not without need, but often may be layered in fat appropriate for trimming. There may well be areas in which quality can be achieved and demonstrated at lower costs without losing credibility or control.

This book identifies eight proven strategies for containing the costs of regulatory compliance without sacrificing quality or safety. These are not techniques for fooling regulators, for shortcutting quality controls, or for risking public safety. Rather, these eight strategies address areas in which the pharmaceutical, biologics, and medical device industries have evolved approaches that add cost to the regulatory process without adding quality or safety. The strategies identify areas in which a lack of understanding or clarity of the letter and spirit of regulation has led to unnecessary and nonrequired industries standards that add nothing of value. Partially as a result of paranoia, partially because of FDA lack of clarity, and partially a result of evolutionary force (“most companies are testing 20 samples; let’s test 25 just to be safe”; “they tested 25 at my old company; let’s use 30 as a standard to avoid problems …”), regulations seem to grow well beyond their original intent. While that growth seems harmless on the ground, it ultimately leads to reduced access for more and more patients—a cycle worth controlling.

The first part of this book defines the eight cost-containment strategies. An introductory chapter (Chapter 1) provides the theoretical framework and introduces the eight strategies.

Chapter 2 describes a very successful strategy based upon the develop­ment and documentation of clear operational definitions of actual regulatory requirements, cutting that unnecessary fat described above. The “Operational Definitions” strategy tends to reduce overenthusiastic compliance that exceeds actual regulatory expectations.

Chapter 3 suggests that investing in an independent audit, conducted by either an in-house team or outside experts, will save significant “repair” costs and will speed approval of related submissions. In many cases, the audit will actually replace all or part of an FDA visit, reducing lost response time and permitting more effective facility management.

Quality by Design (QbD) is an evolving FDA initiative for automating significant portions of the quality control process. Chapter 4 provides an explanation, and it discusses the ways in which an investment in a QbD system can result in significant regulatory savings.

Chapter 5 presents the concept of outsourcing as a short-term cost-containment strategy. When used effectively, outsourcing can help build internal expertise at the same time it reduces headcount and taps experience and expertise. Excessive outsourcing can, of course, result in long-term loss of efficiency and control; the chapter suggests tactics for walking that fine line.

The wave trend toward electronic (rather than paper) submissions has been growing over the years, now reaching tsunami levels. Electronics submissions can save assembly time and expense, but more importantly can save review time and move a product more rapidly to market. Chapter 6 describes the process and the advantages.

Chapter 7 looks at the most common approach to submission of new products—NDAs, BLAs, and PMAs—to both the FDA and EMEA, and it suggests a simultaneous submission strategy as an alternative to sequential submissions that can save in both the assembly costs and the review times, carrying similar advantages to the electronic submission.

Coping with FDA visits—inspections and investigations—is a significant cost sink. Chapter 8 provides a strategy for controlling those costs by assuming control of the FDA visit, replacing passivity with managerial responsibility.

The final strategy, Risk Assessment, is described in Chapter 9. This strategy allows controlled investment in regulatory issues by providing a mechanism for determining what actions will make a real difference in theareas of FDA and QA responsibility and focus.

And how do these strategies work in the field? Chapter 10 consists of a number of case studies, drawn from all three industries (medical device, biologics, and pharmaceuticals). In real situations (disguised for obvious reasons) the strategies have been tested over time, and the long- and short-term benefits have been estimated.

Chapter 11 summarizes the field results, analyzes the results, and recommends which strategies are likely to be most successful for each industry and for a variety of circumstances. This chapter will provide the regulatory manager or executive with the information necessary to make and informed implementation decision.

As a special topic analysis, Chapter 12 deals with tactics for coping with regulation in times of chaos, generally resulting from major changes in regulatory guidelines and from the transition period as those guidelines are defined.

Chapter 13 reviews the international regulatory scene. While the USFDA and European EMEA tend to dominate, regulatory agencies in many other countries not only control product development and licencing within their boarders but also influence international agencies including the Organisation for Economic Co-operation and Development (OCED) and the World Health Organization (WHO). This chapter provides a clear model of those areas of influence.

Chapter 14, guest written by scholar Ronald Fuqua, provides a summary of the theoretical base of cost-contained regulatory compliance, along with an applicational model for utilization of that theory to manage a pharmaceutical, biologics, or device organization. It bookends the introductory chapter, and provides a basis for the predictions and coming changes highlighted in the next chapter.

Chapter 15, the last chapter, looks to the future, identifying (a) the major trends that are affecting the Food and Drug Administration today and tomorrow and (b) the impact of those trends on the eight strategies that are suggested.

Several of the cases described in Chapter 10 have been developed by friends and colleagues: my thanks to Carl A. Rockburne, Ronald Fuqua, and Arthur Spalding.

We owe it to the public to bring pharmaceuticals, biologics, and medical devices to market at the most affordable price points possible; containing regulatory costs is a small contribution to the debt.

Special thanks are due to three fellow consultants who contributed to this book:

Special thanks are due to Mrs. Janine Cahill for her editorial assistance.

SANDY WEINBERG

Atlanta, Georgia

October 2010

1.1 INTRODUCTION

The United States Food and Drug Administration is continuously in a state of dynamic tension, trying to balance two potentially contradictory goals. The agency is charged with assuring the safety and efficacy of pharmaceutical and biologics products, as well as with encouraging public access to those potential cures and treatments. Setting maximal safety standards would screen out all but the conservative products at the expense of public access to alternate products; rapid and broad approval will provide greater access but at the potential compromise of safety. In recent years this tension has been increased by the realization that product cost is a major inhibitor of access and that overly stringent safety standards significantly increase costs.

The same dynamic tension exists in the industry, which has strong altruistic, legal, and financial reasons to take a very conservative stand on safety, but which needs to control costs and hence avoid unnecessary and nonrequired regulatory affairs and compliance actions. Meeting the FDA’s stringent requirements assures safety and efficacy; exceeding those same standards adds to cost without improving quality.

The situation is made all the more complex by the purposeful lack of specificity in FDA regulations, guidelines, and requirements. Because the agency is responsible for such a broad range of products produced under varying technologies with differing controls, very tight standards are not possible (or would be counterproductive). Instead the FDA provides general principles; relies on the industry to be self-regulated; and assigns to itself the responsibility of checking, confirming, and approving that self-regulation. A company that eliminates the quality control/quality assurance processes is not in compliance, regardless of product quality; self-regulation is a key principle of operation.

As a result, many companies find themselves imposing regulatory requirements in access of FDA guideline and intent; find themselves expanding submissions evidence in excess of requirements; find themselves adding inefficient post process quality controls; find themselves in a product delay situation, scrambling to retrofit regulatory controls after an FDA audit of their poorly planned internal controls; and generally find themselves significantly overspending on regulatory affairs and compliance in a frustrating effort to insulate themselves potential FDA criticism.

These regulatory and compliance overexpenditures fall into eight categories, which in turn lead to eight cost reduction strategies. First, many organizations are unclear on the operational (as opposed to the formal) definitions of actual FDA requirements and regulations. While they understand the written word in guidance documents, they may not have access to the field interpretation of those requirements—that is, access to what is actually expected by FDA investigators and reviewers. The result is often unnecessary or misdirected expensive actions.

Second, many companies take a passive or reactive position to a forthcoming FDA review or visit. Instead of performing their own independent (credible expert) audit, correcting deficiencies, and providing a reviewer or investigator with a report demonstrating compliance, they choose to “roll the dice” and see what the FDA finds. The result is likely to be costly product launch delays, negative publicity, and expensive post hoc corrections.

Third, few organizations are fully aware of the FDA’s Quality by Design (QbD) initiative, which can reduce regulatory review times and expenses by building in and documenting quality controls and assurance, rather than restructuring or retesting while a product sits in quarantine awaiting approval and release. QbD reduces the number of submissions required (by using a Design Space concept to define product specification ranges rather than minimums); introduces a Risk Assessment to evaluate the necessity of production modifications; and utilizes a Process Analytical Technology (PAT) approach to automating quality controls.1

Fourth, many organizations are using outmoded human resource models to staff up for regulatory projects more effectively outsourced. An IND application specialist, for example, may be the most efficient person to head a new research submissions team, but wouldn’t be kept occupied in all but the largest organization. Hiring instead a submissions generalist assures full workforce utilization, but steps away form maximal expertise and efficiency. Using a highly experienced, focused, and expert outsource specialist team not only is more effective but brings a regulatory credibility and familiarity that can save significantly on unnecessary remediation: The expert team knows exactly what is required, and the FDA has confidence in their assurances.

Fifth, the submission areas permit paper or electronic transmission of documents. Use of a proven electronic technology speeds the review process and encourages greater agency cooperation. But many companies lack the expertise to employ electronic submissions systems or, even worse, rely on kludged or modified hyperlink systems that can frustrate reviewers and slow the review process.

Sixth, many companies redundantly submit regulatory documents and rely on auditing visits from both FDA (United States) and EMEA (Europe). While the regulations in place at these two agencies are not identical, there is sufficient overlap to permit development of strategies that will lead to common documents and evidence to satisfy both organizations, significantly reducing costs.

Seventh, many companies lack experience or fear reprisal standby passively during FDA visits, afraid to exert normal and appropriate managerial control of the process. The most common results of this passivity is suspicion on the part of the FDA, a misunderstanding of roles on both sides, and a lack of productive exchange of recommendations and information.

Finally, too many organizations lack the skills, tools, or expertise to try and prioritize regulatory initiatives, and they find themselves treating all guidelines as equal and applying all recommendations to all situations. Without a risk assessment to provide a rational justification for analysis, time, energy, and dollars are spent in insignificant areas and issues better used where a control makes a real difference.

These sight strategic considerations lead to clear cost reduction recommendations that can maintain product safety (and FDA acceptance of that quality) while improving public access through cost controls. Together they outline a comprehensive strategy for cost reduction in regulatory affairs and compliance.

1.2 CLEAR OPERATIONAL DEFINITIONS

FDA guidelines and regulations tend to be general. This tendency is a result of three factors: the diversity of industry, which encompasses a variety of product types, technologies, and approaches; the expected longevity of new regulations, which generally take two to three years to promulgate (discussion, draft release, comment period, final release) and are intended to have a life expectancy of 10 or more years; and the expertise level of FDA investigators and reviewers, who tend to be well-educated, well-trained, and experienced, and hence, as expected, to use their own skills in interpretation. Regulations such as the Good Manufacturing Practices survive decades (with periodic updating), apply to virtually all kinds of regulated manufacturing, and leave ample room for expert interpretation.

The result is analogous to a blind high jumper: Unable to see exactly where the bar is positioned, the jumper extends just a bit extra to be certain to clear the line. As a result, the bar is “raised” artificially without ever being moved upward. If other jumpers follow suit, the effective result will be norm in excess of the established height: When we are not certain what the FDA really requires, the entire industry jumps just a little higher, and the new raised position becomes the norm that investigators and reviewers grow to expect.

The cost reduction strategy is to base regulatory standards and expectations—in the self-regulation of the organization and perhaps the outsider auditor confirming—not on the vague requirements of the FDA guidelines but on the operational definitions. The real standards as used by the industry and applied by the agency are more difficult to determine but more cost effective to reach. With experience, access to norms established through the industry, and analysis of FDA findings (and 483s), it is possible to develop a strategic operational definition of real-world requirements and, hence, to shave the actual bar to a whisker-width.

Consider the testing of software used in document control to assure compliance with 21 CFR Part 11. How large a data sample should be used for the testing? The original guidance that accompanied the first draft of requirement suggests a sample size of 200. The final document makes no mention of recommended sample size. At least one FDA spokesperson has recommended a sample size of 50 cases.2 The Center for Professional Advancement course of System Validation proposes a formula for test samples based upon a combination of risk assessment and pathway analysis.3 Yet an examination of common practices in the field (and general FDA acceptance would lead to a sample size of 10–15 data cases.4 Without a thorough understanding, most companies are likely to conduct more tests—at greater expense—than is necessary.

Costs can be effectively controlled through operational, practical definitions of actual requirements and through the understanding of those requirements to provide the FDA with assurances of effective self-regulation. That self-regulatory quality assurance will provide confidence in product and data, as well as confidence of conformity with compliance expectations.

1.3 AUDITS

FDA visits can be traumatic events. Scheduled events are generally preceded by weeks of preparation. Unannounced investigations force canceled vacations, rapidly assembled teams, and general paranoia. These unannounced investigations tend to disrupt normal operations, to trigger expensive and often cosmetic preparations and response, and, all too often, to result in a “band-aid” approach to identified problems.

Most FDA investigations follow a “systems approach.”5 The FDA team first asks for an inventory of all systems—functional activities—in place at the facility. A manufacturing facility, for example, may have a warehouse management activity, an inventory control system, a quality testing unit, and so on. In all facilities a quality assurance or control system is required.

The FDA will then select from the list the quality system and one or more additional systems (based on previous issues in a “for cause” investigation; or upon a random selection, or upon the team’s observations at other sites). Each of the selected systems will be examined according to the general criteria of the GMPs (GLPs, GCPs, etc.), the organization’s own Standard Operating Procedures, and the company’s self-regulation. The result of the visit will be a summary report (possibly in the form of a 483 report) recommending or requiring remediation; a scrambling by the organization to add on controls or corrections to implement those remediation; and a great deal of internal strife.

But there is an alternative that is less traumatic, is more effective, and avoids the expensive emergency corrective actions.

Well in advance of any scheduled FDA visit (and in advance of any unanticipated visit) the company implements its own audit program. In what amounts to a series of mock-FDA audits, all systems are reviewed. Based upon the results of those reviews, a “building quality in” program is designed, replacing expensive emergency responses with cost-controlled quality planning. Once the plan is completed and all significant problems are remediated, a final audit report is generated, filed, and updated periodically.

When the FDA arrives and requests a list of systems, the team is provided not only with the list but also with a highly credible audit report. While there is no de jure guaranteed acceptance of that report, de facto results based on more than 40 audits over the past five years suggest that the FDA team is likely (current record: 43/43) to accept the report, review it, and move on to other visit issues.

The key, of course, lies in the credentials of the auditors. For maximum assurance they should meet three criteria: independence (not reporting to the facility manager; if consultants, fee not based on project result), expertise (education, training, and research credentials), and experience (previous familiarity with similar systems in multiple settings).

A major blood processing industry, for example, found that a series of FDA unannounced visits to their multiple production sites were disrupting operations, generating negative publicity, and (as the sites struggled to implemented patchwork changes) adding significantly to cost. They instead brought in a team of independent auditors who developed specific criteria appropriate to the organization’s operations; trained key site managers in those criteria; provided advice as the centers implemented appropriate changes; conducted audits; and issued a comprehensive report summarizing and testifying to appropriate compliance with all regulations and guidelines. As a result, the FDA replaced its unannounced visits with periodic reviews of the audit reports, and the organization significantly reduced its compliance expenses.

QUALITY BY DESIGN6

Quality by Design (QbD) is an FDA initiative specifically designed to reduce regulatory and compliance costs. Conceptually, QbD builds quality into a process rather than adding it on as a more expensive overlayer. The three interactive QbD elements—risk assessment, design space, and process analytical technology—together provide a frame for maximum quality assurance at minimal expense.

Risk assessment refers to an identification of the potential danger of system failure in any of the process phases or parts. The risk assessment is based upon categorization of potential failure as high risk (direct impact on human health and safety); medium risk (only indirect impact on human health and safety); or low risk (remote or no impact on human health and safety). These risk severity levels are further mitigated by probability measures, estimating the likelihood of occurrence of the potential problem. Taken together, the severity and probability risk factors provide a prioritization of oversight and (inversely) a flexibility of control levels: A low risk factor might lead to only a periodic monitoring of performance and a wide range of acceptable performance levels. In contrast, a high-risk element would result in constant monitoring and tightly defined range of acceptance performance (the design space).

That range of acceptability is related to the design space, an analysis of the detailed design elements and the flexibility of performance of those elements. Much as a statistical analysis may test again a range of .05 or .001, or even a tighter tolerance level, the design space analysis results in the determination of the appropriate tolerance levels of quality controls and system performance.

The monitoring of those controls and elements is defined as process analytical technology (PAT). PAT has two critical elements7: continuous (rapid, multiple discrete) monitoring and cybernetic (self-correcting) monitoring. A PAT system has continuous monitoring points built into the process; and whereever practical, those monitoring points can adjust parameters (temperature, pressure, etc.) if they exceed norms.

The norms, and their acceptable ranges, are established by the design space analysis. The control points to be continuously and cybernetically monitored are defined by the risk assessment. Together, these three elements—PAT, design space, and risk assessment—provide a clear operational definition of system quality control and assurance.

That clarity can lower costs in two important ways. First, building QbD into a system is relatively inexpensive because it is conceptually designed into the original system plans. In fact, by determining what issues are low risk, and hence have loose tolerances and require little monitoring, the QbD approach may lower original plan costs. More importantly, though, building in is generally less expensive than adding on: If a QbD analysis results in eliminating the need to rework a system at a later date, savings are likely to be significant.

Second, a well-designed QbD system lowers regulatory costs, since it reduces the number of submissions (within design space tolerances, new amendments are not required), lowers the time required for NDA, ANDA, and BLA reviews8 by the FDA, and is likely to reduce remediations and changes required. Calculated as more rapid time to market, competitive advantage, and patent life, these savings are likely to be very significant.

1.5 ELECTRONIC SUBMISSIONS

Formal communication with the Food and Drug Administration often involves lengthy and carefully constructed submissions of INDs, Annual Reports, NDS, ANDAs, BLAs, and other critical documents. This submissions process can be cost-controlled in two fundamental ways: (1) through the use of specialized experts guiding the process and (2) through the utilization of tested, accepted electronic submissions systems.

A major FDA submission is generally preceded by a formal meeting request, with a briefing book. The request and subsequent briefing book identify the key issues to be discussed.9 The meeting is held, answers are supplied, the agency provides a summary of findings, and the company responds. While these steps seem routine, they are of critical importance: The wording of questions, as well as the wording of the company’s response to FDA answers, can translate into millions of dollars and years of effort in the clinical testing process. The use of a specialist with specific experience in meetings, submissions, and the specific FDA division or group can be a significant cost reduction factor.

One Midwestern university-based research organization, for example, recently met with the FDA (neurology) to discuss a forthcoming IND. The briefing book questions, however, were poorly worded, without rationale and requested response, and the research organization did not effectively defend their position in the subsequent meeting. As a result, the FDA panel recommended three additional Phase I and Phase II studies. In their response the organization neglected to request modification or clarification of the FDA recommendation and instead agreed to all suggested studies. The result was an unnecessary delay in the drug development process; the expense of more and more extensive studies than were actually necessary; and a significant decline in the financial value of the organization and its drug patents.

Similarly, a successful electronic submissions system can help to structure the submission itself and can speed the review process. To do so, the system must be proven (with wide use by the industry and maximal experience by the FDA) and effective, coordinately closely with all FDA Electronic Submissions guidelines.10 The use of such as system, under the management and direction of a team familiar with that system, can both reduce up-front costs and reduce downstream costs related to delayed review and evaluation.

1.6 OUTSOURCING

A well-staffed regulatory and compliance department is critical to maintaining FDA relations, preparing timely and successful submissions, developing and implementing regulatory strategy, assuring product quality and laboratory accuracy, and organizing internal documentation and operating procedures. But what is the cost-effective picture for the regulatory and compliance department?

Unless an organization is generating a sufficient number of submissions to keep specialist teams in meeting requests, IND submissions, NDA.ANDA/BLA submission, supplemental submissions, and compliance audits busy on a continuous basis, the best model consists of a coordinating executive, in-house teams of any of the above areas that do represent a steady work stream, and coordinated outsource teams under the direction of that executive. This hybrid outsource model is necessitated by the highly specialized and critically important skills necessary for the four distinct and unique submissions roles and for the credible auditor role.

Consulting companies have traditionally referred to unbillable time between projects as “on the beach.” To determine the cost effectiveness of outsourcing, a research or manufacturing organization can use the same concept. If a specialist in a regulatory or compliance area is needed less than 60% of the time—that is, “on the beach” or submaximally utilized more than 40% of the time—it will prove more cost effective to outsource the activity. In a large organization with generous benefits, that figure may be even lower: One major global manufacturing company found that sourcing was cost effective for any function that wasn’t needed more than 75% of the time.

There is another calculation to consider. Increasing head count and using in-house personnel for regulatory and compliance people may not be significantly more expensive than outsourcing in the short term, but the real cost of regulatory action isn’t the salary, benefits, and overhead of an employee: It is the much more significant expense represented by the delays of an rejected submission, the bad publicity of a recall or major citation, the multiple costs of response to an adverse finding, and the added expense of trying to add on required quality controls that should have been built in originally. Using in-house regulatory generalists may be acceptable in the short term, but having experienced, credible specialists in each compliance and submission area can save the real expenses associated with compliance and regulatory affairs problems.

1.7 EMEA COORDINATION

Harmonization between FDA and European EMEA regulations and policies is primitive at best. The key EMEA document is the GAMP411; the rough equivalent is the FDA’s GMPs plus 21 CFR Part 11. While these sets of documents overlap to a large degree, there are important differences in philosophy, approach, and detail that often result in US companies building separate and distinct FDA and EMEA regulatory teams. It is possible, however, to reconcile the differences and develop a number of common tools for meeting the requirements of both regulatory bodies.

In the case of submissions, the conceptual key is to organize data into logical units representing statements and supporting evidence. Those statement units can then be manipulated and organized to represent the responses to the questions framed by the two regulatory agencies. While separate electronic submissions protocols will be required, the logical units themselves will, with proper organization, generally suffice for both agencies.

For regulatory compliance, the FDA’s new “systems inspection” initiative closely parallels the EMEA’s less confrontational approach. By inventorying all systems in place in a facility (focusing primarily on the self-regulatory nature of the quality system) and by using independent audit reports or internal audit findings to support the functional control of those unites, the same evidentiary files can be used to meet the requirements of both the European EMEA and the American FDA.

In short, since the post-philosophical differences between the agencies are largely structural and organizational rather than conceptual, it is possible and practical to prepare for inspections and to write submissions with significant overlap. Separate activities with largely redundant cost and effort can be replaced with coordinated design.

1.8 FDA VISITS

The FDA generally uses a systems approach to inspections and investigations, permitting and encouraging companies to prepare in advance internal or independent reviews of quality systems and other significant organizations systems. The criteria for these reviews, as well as the actual inspection checklists used by the FDA, are available from the agency and from private publications. With a little research, it is possible and appropriate to anticipate most FDA questions, to prepare clear responses, and to internally check those responses against operational realities.

This approach, coupled with a Standard Operating Procedures for Visits and Inspections, can allow management to effectively assume responsibility for FDA visits. The result is the difference between an unanticipated intrusion and an FDA-controlled review of a self-regulated and well-controlled company. Of course some FDA issues may emerge in that review, and areas of unanticipated focus may arise, but the majority of the regulatory investigation can and should take place in advance of the arrival of FDA officials.

1.9 RISK ASSESSMENT

“A difference, to be a difference, must make a difference.” A risk assessment, evaluating the probability and severity of emerging problems, permits focusing quality and regulatory energies on areas of significance. Consider an example drawn from recent Congressional testimony: two factories, located on opposite sides of the street in rural North Carolina, manufacture medical devices. Both use the same software system to track shipments and to potentially recall faulty devices. Both facilities are therefore subject, at least in theory, to the same regulatory requirements for the system validation of their computers to assure managerial control of these recall systems.

But one facility is a manufacturer of highly sensitive pacemakers, which must be tracked to a specific patient and physician. If a recall is necessary—and, for a variety of reasons, that necessity occurs less than rarely—the specific recipient of a unit and his or her physician must be contracted immediately. Lost or inaccurate data are likely to have severe medical consequences.

The other facility punches tongue depressors—wooden sticks—from native pine, sands the rough edges, packages, and ships to medical facilities. The necessity of a recall is hard to image and is a rarity: in such an eventuality, an email to all of the appropriate customers would simply direct that the affected batch of depressors should be discarded and would be replaced. There is little real danger involved.

Should the same effort of computer validation apply to both organizations? Common sense, along with a risk assessment, would lead to a negative conclusion. And, for the depressor company at least, that conclusion would significantly reduce the costs of regulatory compliance.

1.10 SUMMARY

In the struggle to balance pressures to supply the public with access to lifesaving, life-supporting, and life-enhancing products with the pressures to guarantee the safety and efficacy of those products, pharmaceutical and biologics companies have come to realize that the costs associated with drugs represents a major impediment to that access even as efforts to assure and demonstrate that safety can—without careful controls—significantly multiply those expenses. The solution to the dilemma is to adopt the most cost-effective strategies for proving those safety and efficacy issues.

Cost reduction in regulatory affairs and compliance can best be achieved with an eight-part strategy. Good regulatory relations coupled with specific experience and detailed expertise can provide clear operational definitions of actual requirements, avoiding unnecessary “overkill.” Independent audits can take control of regulatory visits and assure that quality controls are built in rather than added on as expensive late corrections. The use of Quality by Design can speed review processes, minimize filings, and provide credible monitoring or process variations within range. Well-organized, detailed, and specific submissions, controlled by experienced personnel, using widely recognized electronic filing systems, can avoid costly additional clinical testing and save preparation time and expense. The judicial use of outsourcing can avoid “beach time” and make certain that all aspects of the compliance and regulatory processes are handled with maximal expertise as well as efficiency. By organizing supporting data for submissions and inspections around coordinate EMEA and FDA requirements, overlaps can minimize cost redundancies. Anticipation of and internal management of regulatory inspections can maintain control and place quality assurance appropriately on the organization. And a risk assessment approach can provide a priority criterion that assures investment of regulatory energies proportional to their value.

Together, these eight strategies can effectively control the costs of compliance and regulation and can avoid the significant expenses of unnecessary delays, additional clinical testing requirements, and refilings.

Notes

1 Weinberg, S. A Model of Quality by Design (QbD) Implementation in a Pharmaceutical Manufacturing Process, ISPE Annual Conference, October 2008.

2 AABB Conference 2003.

3 CFPA System Validation, GAMP Harmonization and PAT, Amsterdam, NE, December 2008.

4 Based on Tunnell experience with more than 150 validation audits over the past eight years.

5 FDA now mandates a systems approach to all inspections, but the concept is not fully adopted by field investigators. Some teams may still be following the previous “problem trail” guidelines.

6 This section is adapted from an invited presentation to FDA CBER and CDER, October 10, 2008, by Tunnell Consulting, Inc.

7 A third PAT element, the capability of remote monitoring, permits more cost-effective regulatory audits and monitoring, but isn’t directly relevant to this discussion.

8 See Weinberg, S. Guidebook of Drug Regulatory Submissions, John Wiley & Sons, Hoboken, NJ, 2009.

9 It is recommended that these questions be formatted as an explanation of the action the organization desires, a detailed rationale for that action, and a “does the agency agree?” question.

10 See www.fda.gov/cder/regulatory/ersr/, FDA Electronic Submissions and Review.

11 Soon to be replaced with a minor revision, GAMP5.

2.1 INTRODUCTION

In addition to avoiding pork products and shellfish (and some other products), Jewish people, who follow the kosher laws, never mix meat and milk in the same meal. The root reason for this prohibition has important implications for regulatory cost containment.

The Torah (Jewish Bible) has a verse (Exodus 19) that translates “You shall not boil the kid in its mother’s milk.” While the reason is somewhat obscure (it was probably meant to condemn a ritual practice of another tribe), the direction is quite clear: Don’t mix the meat of a baby goat with the milk of its mother.

But early interpreters of the verse wanted to avoid all chance of error; after all, God is the ultimate regulatory authority, with even more power than the FDA! So to make certain the original intent was observed, they decided it was better to avoid mixing any goat meat with any female goat’s milk, just in case someone inadvertently made an error. And to be doubly certain, why not prohibit mixing any meat with any milk. And to be triple certain, we eventually have the modern practice of separate plates, separate dishwashing machines, and separate restaurants for dairy and meat meals. As a side note, since these early regulators were unaware of the difference between mammals (bearing milk) and birds (without milk), they included in their prohibition mixing dairy products with chicken and other fowl meats.

This process, known as “building a wall around Torah,” works well for followers of kosher laws and has some advantages of religiosity for its adherents. But the practice does continually build higher and higher fences around FDA regulations just to be certain that there is no possible chance of a violation resulting in unnecessary and unproductive expenses for all too many pharmaceutical, device, and biologics companies.

All too many biomedical companies have adopted increasingly onerous self-regulations as a protection against the perceived ambiguity of FDA guidelines. While internal calculations may show that a sample of 20 items per batch is sufficient for testing, the lack of a clear standard leads to a decision to test 30—“just to be sure.” At a conference the QA manager hears a consultant (a person who charges by the hour and hence has a built-in bias to make operations and procedures more complex) recommend testing 50 items as “an industry standard” and returns home to urge increasing the requirement. That QA Manager then accepts a position and promotion at a company across town, and he or she increases the standard further to 100 units to prevent any possibility of problems (and to cement his reputation for quality improvement), quickly growing the “industry standard.” An FDA investigator visits the now 50-unit company and the across-town 100-unit company and then visits a third facility testing only 30 units, and asks “why so few?” Soon we are all victims of this “arms race” of ever-increasing requirements. We’ve built a wall around the FDA Torah, with even the benefit of feeling more pious.

Ah, you might think, but we do have better quality standards: always increasing, always improving. But every new standard, every “improvement,” carries a cost that is ultimately passed on to the consumer (directly, or though insurance or government subsidy, indirectly). And that cost decreases, perhaps slightly (but increasingly, significantly), the access to that drug, device, or biologic. Consumers, insurers, and governments must make decisions about the relative value versus the cost of every product; and as the costs increases, the consumer decides not to fill that prescription, the insurance company decides not to include that drug on its standard list, and the government decides that the treatment cap does not permit its use. The greater-than-needed quality testing decision has precluded some patients from access to the product.

All regulatory decisions represent a careful balance between two compet­ing priorities: (1) the need to assure that the drug, device, or biologic is safe and (2) the need to maximize access to that product. Either extreme is dangerous, as extremes tend to be. We can decide to approve all new products, regardless of safety, and simply provide patients and their health care professionals with information so they can make their own decisions. This maximization of access at the expense of safety is the argument made for the rapid release of experimental drugs for terminal patients; and as recently as 1970, at least one FDA Associate Commissioner recommended it as a general policy. But most of us would want untested or unproven products on the market, fearing the potential negative effects. All a terminal patient needs is a drug with side effects that make the last few months more agonizing.

Alternately, maximizing safety testing to assure that a biologic is completely safe in all possible conditions for all potential patients is likely to be a strategy that leaves some patients in need of help waiting for years for results of redundant or obscure tests. The complexity of drugs, devices, and biologics, combined with the complexities and diversities of the human body, assure a steady stream of side effects, anomalous reactions, and idiosyncratic responses that arguably mean that no product is universally safe and effective. Every medical student in a pharmacology class quickly learns that the test answer to every question on drug side effects is “possible dry mouth, nausea, diarrhea, and the opposite to the intended reaction”—there is always someone who reacts to a blood-pressure-lowering drug with raised blood pressure.

The answer, of course, is moderation—no doubt in most everything in life, and certainly in regulation. Balancing the access and safety of a product is (a) the appropriate macro public policy for the FDA and (b) the appropriate micro corporate strategy for the regulatory affairs department. But building an unnecessary wall around a guideline upsets that balance, sacrificing valuable access for ineffective safety precautions. The problem can be avoided, of course, by cost-containing the regulatory procedures. And the key to that cost-containment is finding a clear, unambiguous definition of exactly what is required.

2.2 OPERATIONAL DEFINITIONS

Regulatory definitions of specific requirements are designed to cover a wide range of widely varying conditions. The same definitional guideline may cover (a) a medical device company making wooden tongue depressors and implanted pacemakers, (b) highly dangerous drugs with very narrow dosage bands and more benign pharmaceuticals with much more forgiving dose restrictions, and (c) biologics with critical purity requirements and autologous blood products in which contamination issues have been all but suppressed.

This varying of conditions with standardization of definitions leaves the regulatory agency with two general choices. With the first choice, you can provide very specific standards that may prove inappropriate in some conditions. This is the choice made or forced upon a number of agencies, resulting in the complexity of both (a) Internal Revenue Service (IRS) regulations as every contingent variation is (or is attempted to be) dealt with and (b) regulations by agencies such as the Occupational Safety and Health Administration (OSHA).

A few years ago the author was involved in an OSHA inspection while volunteering as the medical officer at a summer Scout camp. This particular camp had a dining hall overlooking the lake, with a wall consisting of 22 screen doors making up that scenic view. Two of those doors were equipped with lighted exit signs, the others were not.

The OSHA inspector, equipped with a thick volume of very specific definitions of requirements, informed the Camp Director that the remaining 20 doors required lighted exit signs. Since these signs are very expensive, the Director asked if there was any other option. The inspector, checking his book of regulations, suggested that the other alternative was to permanently nail shut all of the extra doors. Such an action would, of course, be significantly less safe, but would meet the letter of the detailed OSHA requirement. (A compromise was reached, and less expensive non-battery signs were installed).

To avoid these kinds of counterproductive situations in which detailed definitions end up forcing ludicrous or inappropriate actions, a regulatory agency has an alternative. Rather than try to write detailed definitions that deal (sometimes awkwardly) with every possible situation, the agency can provide general guidelines that describe principles and leave the detail applications to situational specific interpretations. These general guidelines are the second choice.

The FDA, with its well-designed Good Manufacturing Practices (GMPs), Good Laboratory Practices (GLPs), Good Clinical Practices (GCPs), and Good Tissue Practices (GTPs), has opted for this second strategy. The Good Practices define general principles and leave specific applied operational definitions to the each organization or situation.

The operational definitions must, of course, conform to some basic rules. First, they must be compatible with the relevant Good Practices. If GMPs, for example, call for records of batch and lot number, it is possible to define the format, frequency, or other characteristic of those records, but not to eliminate them completely.

Second, the definitions must be justified. The specific regulations promulgated for a special situation should be tied to industry practices, a generally accepted theory, or some other defensible rationale.

Finally, the definition must be established, reviewed, and approved (by management) prior to its implementation. A post facto definition is always suspect: It is much better to identify the appropriate detailed practice, and then implement that interpretation.

These operational definitions are generally codified and documented in Standard Operating Procedures (SOPs). The GMP batch record-keeping require­ment is defined in a SOP that conforms to the appropriate regulation, is in keeping with generally established practices, and is written and approved prior to implementation.1

When properly written and utilized, SOPs provide the operational definitions that add the necessary specificity to general requirements and guidelines. A GMP requirement, for example, might call for validation of a manufacturing process. The methodology to be used, size of sample to be employed, and specific testing standard to serve as a cutoff are all specified in the Validation SOP.

Visiting regulators will generally begin by reviewing SOPs. As long as the SOP meets the three tests of general conformity to the regulation (i.e., appropriately validates the process, can be documented to demonstrate reasonable conformity to generally established practices, and predates the actual testing), it is the in-house SOP that becomes the standard for the subsequent inspection. In effect the FDA holds companies to the company’s own standard, as long as that standard is appropriate and reasonable and has been established in advance of implementation.

Standard Operating Procedures are used to provide clear operational definitions that direct and fine-tune the general regulatory principles of the GMPs and other FDA requirements. By assuring that those SOPs are appropriate to a specific environment and situation and by avoiding the trap of overreaching those requirements to provide an unneeded buffer, well-written and documented SOPs can significantly help to contain the costs of regulatory compliance.

2.3 WRITING COST-CONTAINED STANDARD OPERATING PROCEDURES

The development of effective and limiting SOPs requires a modification in the normal SOP development processes. Traditionally, organizations develop SOPs in one of two general ways. In new organizations and some very structured established organizations, SOPs are developed “top down”: Representatives of management, or a team of management and QA people, document the detailed process that line workers are expected to follow. This “top-down” process tends to be very efficient, tends to be relatively easy to develop, avoids the problem of management not approving the procedures outlined in a draft SOP, and tends to very rarely reflect the reality of worker processes. Arguably, most criticisms for “not following SOPs” originate with the top-down approach to development. It is a very rare manager or QA professional who understands the detailed requirements of a specific job.

Several years ago the author was participating in an FDA investigation of an animal testing facility. The inspection team obtained the facility SOPs, which had been top-down developed, to use as the template for evaluation. The SOP in question called for workers to identify a specific rabbit for testing by checking the ear tag and cage label; removing the rabbit from the cage and cradling it in one hand; injecting with the appropriate test material; and returning the rabbit to its cage, rechecking the identification.

Over time, laboratory workers noted that the cage design allowed for injection between the slats of the cage without removal of the rabbit, causing the animals less trauma and reducing the danger of returning a rabbit to the wrong cage. Pushed for time, sensitive to the animal’s needs, and careful about their work, the workers evolved a superior methodology that did not conform to the SOP. With a top-down SOP development approach, the result was a Warning of Adverse Finding (483) for nonconformity, even though the new procedure was superior to the documented process.

Aware of the likelihood that workers have greater hands on experience than managers, many organizations use a “bottom-up” development procedure. Line workers describe the actions that they have determined effectively, and they efficiently accomplish their assigned tasks. Managers then review those procedures and approve (or modify) the descriptions, producing a final SOP that conforms to both regulatory guidelines and worker-discovered efficiencies.

While this “bottom-up” procedure is generally superior to the “top-down” methodology,2 a further modification step is necessary to maximize the cost containment of avoiding overly burdensome processes and repetitions. In the “managerial review” step of the bottom-up approach, efficient managers compare recommended procedures to the actual FDA requirement and guideline and, with the help of their own experience or a consultant’s input, to standards utilized by other organizations. The goal is to (a) pare the effort required to the actual minimum and (b) raise the bar to meet other company (nonregulatory) requirements until a reasonable and defensible level of effort is defined.

Note that the there may be times when the minimalist approach is appropriate, but there may be other circumstances when corporate regulatory history and experience, the particularly sensitive nature of a patient population, or other factors may require high levels of control. Knowing the minimum allows cost-contained control, but it does not necessitate always selecting that least expensive option.

Finally, after the management team has recommended procedural modifications to reflect the actual requirements and industry standards for a testing, validation, review, or analysis procedure, the prudent manager might write a memo explaining and referencing that decision. The memo, again predating the actual implementation of the SOP, can be used to answer the FDA investigator’s question of “Why did you decide upon this standard?” Demonstrating that the decision was well-researched and well-reasoned and not simply an arbitrary attempt to save effort goes a long way toward regulatory acceptance.

2.4 EXAMPLE: COMPLIANCE WITH 21 CFR PART 11 IN A QA LABORATORY

The recent regulation 21 CFR Part 11 applies to most computer systems used in a pharmaceutical, biologics, or medical device company and has been widely and consistently interpreted in Laboratory Information Management Systems (LIMS) used to collect and analyze testing data in a quality assurance laboratory.

The document Guidance for Industry: Part 11, Electronic Records; Electronic Signature—Scope and Application (August 2003), provides a general, conceptual definition of the required validation of computer systems (Part 11 paragraph 11.30) and refers to predicate rule document 21 CFR 820.70(i), which in turn provides a general description of validation, which reads:

Automated Processes.

When computers or automated data processing systems are used as part of production or the quality system, the manufacturer shall validate computer software for its intended use according to an established protocol. All software changes shall be validated before approval and issuance. These validation activities and results shall be documented.