By Barbara Unger, Unger Consulting Inc.
In 2015 and 2016, six major international regulatory authorities published guidance documents addressing data management and data integrity. Two of the guidances — the draft guidance published by the U.S. Food and Drug Administration (FDA) in April 2016 and the guidance posted by the European Medicines Agency (EMA) in August 2016, take a question and answer approach. The guidances from the China Food and Drug Administration (CFDA), the UK’s Medicines and Healthcare products Regulatory Agency (MHRA), the Pharmaceutical Inspection Co-operation Scheme (PIC/S), and the World Health Organization (WHO) take a more standard narrative approach to their regulatory guidance. That being said, all of the guidance documents are markedly similar in their overall expectations.
In this article, we will look at the EMA and FDA Q&A guidances, as well as the recently published Drug Data Management Standard from CFDA. The next article will explore guidances from the other three authorities.
EMA and FDA Guidances: Similarities and Differences
The EMA guidance addresses 23 questions related to data integrity; the FDA draft guidance addresses 18 questions. Both provide detailed information about the predicate rules and chapters/annexes that are applicable in given situations. This reiterates the fact that enforcement in this area does not represent a change in requirements, but rather a bolstering and clarification of existing requirements as applied to good manufacturing practice (GMP) records, both electronic and paper. The identification of existing requirements is uniquely valuable for audit groups as they write reports describing observations in these areas and assign the relevant requirements from regulatory authorities.
The two guidance documents have significant similarities, including but not limited to the following:
Differences exist between the two documents in several areas. These differences, however, do not mean that that there are divergences between expectations, just in terminology and focus.
China FDA Draft Standard on Drug Data Management
In October 2016, CFDA published a Draft Standard on Drug Data Management for consultation. (This translation was graciously provided by the Rx-360 China Working Group.) The standard seems to rely on the previously published regulatory authority guidance in this area. This draft standard applies across the GxP continuum and specifically includes mention of contract research organizations (CROs). Further, this standard applies during drug development. It is governed by the principles of quality risk management (QRM) and incorporation of the activities into the quality management system (QMS).
The following items are included in the CFDA standard but are not clearly addressed by other regulatory authorities:
This list identifies selected, but by no means all the, similarities between the CFDA standard and other regulatory authority guidances on this topic:
The EMA and FDA Q&A guidances are similar and complementary in requirements and expectations. The intense emphasis on requirements for contract service providers is unique to the EMA document. Other FDA guidance, however, stresses the responsibilities that license holders have for their contractor providers. With regard to enforcement actions in this area, many warning letters are issued to API manufacturers citing deficiencies in data governance and data integrity (see related article). FDA has not issued enforcement actions against those who purchase these APIs for lack of appropriate contractor oversight, particularly when FDA felt the deficiencies were serious enough to put an import alert in place. This is something to watch for in the future, as it is an area that seems to be begging for regulator attention.
Both the China FDA and US FDA guidances are drafts, not finalized versions. We will watch for both to be finalized in the near future. It is encouraging that the most recent published guidance from China closely reflects the general positions taken by other regulatory authorities. The Eudra GMDP website publishes summary reports of noncompliance that do not provide the detail of either a form 483 or a warning letter. The general nature of the deficiencies, however, seems to be similar between the two countries. China does not yet publish its inspection reports or compliance actions, so we look forward to future transparency in inspection reports to determine how China will enforce its new standard.
In the next article, we will review the recent MHRA, PIC/S, and WHO guidances and draw some conclusions about the current state of global data management and data integrity regulations across all six international organizations.
About The Author
Barbara Unger formed Unger Consulting, Inc. in December 2014 to provide GMP auditing and regulatory intelligence services to the pharmaceutical industry. This includes GMP auditing and remediation in the area of data management and data integrity. She has extensive expertise in this area, having developed, implemented, and maintained the GMP regulatory intelligence program for eight years at Amgen Inc. This included surveillance, analysis, and communication of GMP related legislation, regulations, guidance, and industry compliance enforcement trends. Barbara was the first chairperson of the Rx-360 Monitoring and Reporting work group (2009 to 2014) that summarized and published relevant GMP and supply chain related laws, regulations, and guidance. She also served as the chairperson of the Midwest Discussion Group GMP-Intelligence sub-group from 2010 to 2014. Barbara is currently the co-lead of the Rx-360 Data Integrity Working Group.
Before Amgen, Barbara worked for the consulting firm Don Hill and Associates, providing regulatory and quality services to the pharmaceutical industry, and for Eli Lilly and Company in quality and CMC regulatory affairs positions. She began her career in the pharmaceutical/device industry with Hybritech Inc. and received a bachelor's degree in chemistry from the University of Illinois at Urbana-Champaign.