In previous series of articles Part I and Part II, we discussed the benefits of using a closed-loop process for managing regulatory compliance (pictured below). I also showed how setting up Key Performance Indicators (KPIs) that monitor performance to goals is a good way to Check that processes are working properly, thus reducing the need to perform manual audits of a given operation.

Let’s now take a closer look at the Track Problems step. The primary goal of this step is to collect and analyze data related to operational problems. This is a vital prerequisite for the next step in the process: Improve. Remember our overall goal is to systematically and continuously improve regulatory compliance. So let’s first take a look at collecting data.

Collecting data about operational problems sounds like an easy task, but it turns out to be anything but. First of all, there is a cultural stigma associated with anything that is labeled as a problem. This is because, where there is a problem, there is blame. And where there is blame, there are consequences. Given the fact that we are talking about consequences associated with someone’s livelihood, this is not something to take lightly. Therefore it is important to set a “tone from the top” that let’s employees know that the data will be used to improve operational processes and not punish employees. It is also helpful to ask employees to suggest improvement ideas. I’ve even seen some companies acknowledge and reward employees for suggestions that result in positive actions.  These are all good ways to encourage problem reporting. You want to tip the scale in favor of logging problems as shown in the illustration.

The next question is, “What data should we be collecting?” Let me start by pointing out that some data is better than no data. Waiting to create the perfect system will result in the loss of valuable information that could have alerted you to looming problems. So at the very least, start collecting data any way that you can.

I have seen hundreds of problem tracking forms spanning many processes and many industries. I’ve created product issue forms, process problem forms, out of spec forms, suggestions forms for industries regulated by the FDA, NERC and the SEC. I’ve summarized four design tips in the next illustration.

Now that you are collecting problem data, what should you do with that data? The high level steps for processing issues are: Identification, Investigation, Immediate Actions, Analysis and Planning for Further Action.

This is a summary of what each of these steps involves:

Identify: Collect problem data from all sources. Route these to someone that can determine immediate actions and investigate the problem.

Investigate: Look into the problem beyond the initial problem report. Look for trends from other sources (employees, vendors, customer) and from similar product and problems.

Immediate Actions: This step may be performed in parallel with or before the Investigate step. Determine if there are any immediate actions that need to be taken to contain the problem. While you are looking for root causes you don’t want the problem to grow or continue to do damage.

Root Cause Analysis: This is different from the initial investigate step in that you now are trying to determine what actually caused the problem. During the investigation you may determine that the problem was a result of operator error. But the root cause analysis may reveal that the operating procedure is unclear and is in fact the root cause of the problem.

Plans for Further Action: Once you have established the root cause you can take actions to Improve operations. In this step you would plan out what those improvement actions will entail, who will implement them, and how long they will take to enact. Typically this Corrective Action project requires management approval to allocate the required resources.

One benefit of this process is that a single Corrective Action project can address multiple problems. See the following illustration.

The next step is to Improve operations through implementing the corrective action project. We will take look at that step in the next article.

Sal Lucido is Vice President, Enterprise Solutions at AssurX, Inc. You can follow him at http://twitter.com/ComplianceTips

Gotta give the FDA some credit here. In addition to its transparency initiative we’ve talk about before, the agency is also trying to remove some of the mystery about how it handles inspections and other inner workings at the FDA. From where I sit, it appears to be a sincere effort and I believe it is helping outsiders better understand what the FDA is trying to do – and how it is trying to do it.

For example, at the second in a new series of monthly online webinars, FDA’s Michael C. Rogers, deputy director, Office of Regional Operations, said today (March 25, 2010)  tried to outline how an FDA inspection tends to work, and what drives inspectors before, during and after an inspection.

As an aside, Rogers also said that the agency currently has about 1,800 total inspectors across its full portfolio, though food gets the bulk of the bodies. He also said there will be more foreign inspections this year, and that the number should continue to grow.

Inspections are based on risk, Rogers said. In other words, the riskier the potential drug, device or food item, the more likely they will be inspected.

Most inspections are unannounced, Rogers said. Before they go on-site, the inspector on inspection team will look at previous inspection reports and identify what corrective actions were promised during prior inspections. They also prepare inspection tool kits with sampling equipment, info to drive inspection based on guidance documents and the Investigation Operations Manual. They also carry a camera to document evidence.

They also conduct “for cause” inspections driven by consumer complaints or other outside activity.

Typically, the inspection begins with a discussion with management to explain the purpose of the inspection, and they try to learn about the corporate structure and any changes made since last inspection. They also ask about complaints, positive tests or returns. Answers to those questions help FDA inspectors focus their on-site efforts.

Next, they go to the physical manufacturing area. They try to observe and understand the on-site process. They ask about acceptance criteria and want specifics on failures, especially the reasons.

Inspectors also draw a diagram of the facility showing the manufacturing process from start to finish. They’re looking for problems in the system and looking to identify critical control points in the manufacturing process.

FDA inspectors then identify procedures in place and assess if company is actually following them. They also look for controls in place to mitigate any contaminated products.

They also look at training and cleaning programs. They also watch employees while they are actually making the product.

If they find evidence of an adulterated product, they collect evidence based on inspector observations and collect samples to prepare their case for possible legal action in court.

At conclusion of inspection, the FDA team meets again with management. They then inform the top company official what is in the official Form 483. That form documents observations during the inspection but does not include final recommendations. They also ask for the firms corrective actions planned or in place to get into compliance.

These corrective actions are taken into account as agency formulates official recommendations.

After the inspection at the firm, the inspector develops a report back at the home office. It includes evidence collected and what the firm has already agreed to do about any shortcomings.

In some cases firms can offer voluntary corrections. But sometimes the agency decides it needs enforcement action such as a warning letter, and can also impose civil and/or monetary penalties.

The webinar was extremely popular. In fact, it “sold out” so many who tried to join it could not get in to the live event. There will be a recording available on Monday March 29.

UPDATE: Slides are now available from this event here in PDF format.

Ken Miles, a 28 year veteran of the FDA, is today a widely-respected industry consultant to the medical device industry. He draws on his extensive experience to help firms effectively and efficiently comply with FDA requirements. Ken’s expertise includes evaluating Good Manufacture Practice (GMP) and Good Laboratory Practice (GLP) compliance, Quality System Regulations, and QSIT certification inspections (Management, Design, Process Controls, and CAPA).

In this multi-part series, we talked with Ken about FDA medical device inspections, CAPA, quality systems, audits, training and more.

Q: Where do you think companies fall short when it comes to implementing CAPA systems?

A: Some companies have a great CAPA program that is tied in with metrics, management reviews, etc., but ultimately may be only looking at trend analysis studies of post-production products. Unfortunately, they neglect trends with suppliers and internal production operations, or visa versa.  Valuable data can be obtained for correcting problems in their factory by looking at all trends: suppliers’ and in-house non-conforming materials and components, scrap rates, training issues, complaints, competitors’ non conformances (ie Warning Letter), etc.  Sometimes they’ll discover ”a peak in noncomformance with a certain product line”, but they fail to break it down to reveal that the nonconformance(s) only involve one or two models within the product line which is often the real culprit.

Company managers need to ask themselves, is it one model or all models? A certain shift? A certain part of the plant? Finding the root cause is very important in order to effectively resolve the problem(s). Companies need to isolate the problem and find out if it’s widespread, model specific, or a component. The big picture of using metrics is great, however, if you can’t drill down to the specific problem and root cause, then it’s really not solving the problem.

Q: Can you give us some examples of what you saw as an FDA inspector?

A: One time I was at a large global manufacturer and they had a lot of returned motherboards for ultrasound systems (hundreds of boards returned per month.) Instead of analyzing and finding the root cause of the problem of all these returned boards, they would simply rework and repair them – over and over again. These boards had a very high rate of return, but they would all just go into a big hopper for rework. They should’ve taken the time to do a root cause analysis, but they didn’t, preferring to continue to fix them. None of this was logged into a system, and no failure investigations were ever conducted.  Think of the risk to consumers and to the companies’ reputation and earnings! Think of the enormous waste in time and funds and other resources used for fixing the same problems over and over again.

This firm ended up having a major investigation by the FDA with recalls and monetary fines in the millions of dollars. If they had an effective CAPA system in place with root cause and failure investigations, they could’ve fixed the problem once and for all instead of reworking hundreds of motherboards per month.

Q: Why do you think medical device companies have such a problem with CAPA?

A: The biggest problem I see has to do with a lack of human resources. Typically a person in charge of CAPA has too many tasks and things tend to fall through the cracks. This generally happens to smaller companies with growing pains. That said, it also happens with the biggest ones, too. Bottom-line: the failure is about not devoting enough resources to CAPA, and letting other issues distract them because they are overworked.

Click here to learn more about CAPA Systems.

Ken Miles, a 28 year veteran of the FDA, is today a widely-respected industry consultant to the medical device industry. He draws on his extensive experience to help firms effectively and efficiently comply with FDA requirements. Ken’s expertise includes evaluating Good Manufacture Practice (GMP) and Good Laboratory Practice (GLP) compliance, Quality System Regulations, and QSIT certification inspections (Management, Design, Process Controls, and CAPA).

In this multi-part series, we talked with Ken about FDA inspections, CAPA, quality systems, audits, training and more.

Q: When you were with the FDA, what did you look for during onsite inspections at medical device facilities?

A: What I primarily looked for was a robust quality management system that covered all of the key areas: CAPA, internal quality audit findings, training, MDRs and complaints, supplier quality, etc.   Supplier audits are also very important, and they should always tie back into CAPA and management review findings.

Q: You mention training as part of the overall quality management system –  what kind of problems did you see in that area?

A: The most common problem with training is that programs are often inadequate. Oftentimes procedures are either nonexistent or very poorly written. You need to have stringent management commitment and oversight, while also removing irresponsible people who can seriously damage the business. Procedures, management review and training are the primary areas that should generally be addressed through a CAPA program to make it work.

Q: Digging deeper, what were the CAPA-related issues you saw most often during inspections?

A: The one thing I saw often was that companies did not prioritize their CAPA items. You need to prioritize them using a risk-based approach. The highest priority ones should be put at the top of the list. Sounds like an obvious thing, but a lot of companies just throw all CAPA related issues into one bucket with no priority or even closure dates. If you don’t have some sort of prioritization system, you might become weighed down with too many assignments with no end in sight. Prioritize by low, medium and high priority, as well as severity of consequences. That would also imply that you have a target date, or closure date once you implement that program. A lot of companies don’t do that.

Q: You stress the importance of prioritizing and setting due dates for CAPA. Can you give us some examples of what you looked for during your inspections?

A: Medium and serious CAPA issues should be closed out within 30 or 90 days at the most. I’ve seen situations where CAPAs are still hanging out there after two or three years! And I’ve even some that have never closed or resolved! In certain situations, I’ve also seen CAPAs that don’t even have a closure date. Unfortunately, that’s typical of spreadsheet based CAPA systems.

In the next part, we will delve deeper into actual situations, and discuss some of the more egregious things that Ken Miles experienced as an FDA inspector.

Click here for more detailed information about CAPA.

In a recent FDA presentation Foster City, CA, Mark Roh, Regional Food and Drug Director outlined the most common cited 483 items for both pharma and med device companies:

The most common Drug GMP FDA-483 (observational) items:

• Responsibilities and procedures of the Quality Control unit are not in writing
• Written procedures are not followed
• Control procedures not established
• Inadequate specificatons
• inadequate written procedures
• Inadequate failure analysis

The most common Medical Device GMP FDA-483 (observational) items:

• Deficiencies in complaint file system
• Inadequate CAPA procedures
• Lack of written MDR procedures
• Corrective and preventive actions not documented
• Inadequate process validation

This doesn’t mean you won’t be cited for anything not listed in the bullet items or nabbed for all of the above. These are the most common observations cited by FDA personnel during an inspection. So now you may want to go back and take a good hard look at your SOPs, quality management system, CAPA process, complaint handling/MDRs as well as your validation documentation. Obviously training your personnel in these procedures and processes is also key.

Of course, everyone’s goal is not to end up here…

Also, you may want to check out our previous blog entry “Don’t Ignore 483s…it’s in Your Best Interest to Respond in Writing“