Sri Krishna Pharmaceuticals Ltd. Unit II (India) received a warning letter dated April 1, 2016 based on the outcome of an inspection ending December 4, 2014. This continues the trend where the interval between inspection and issuance of drug GMP warning letters exceeds one year (see previous blog entry). This site was placed on the import alert list in August 2015. Three of the four multi-part observations address data integrity concerns. The fourth addressed process validation although it also had a data integrity component. According to the warning letter, FDA found similar issues at the facility in 2007 (for which no warning letter or action is posted on the FDA website) and acknowledges that the firm is “…using a consultant to audit your operation and assist in meeting FDA requirements.” FDA goes on to remind them that it is their “…responsibility to ensure that any third-party audit appropriately evaluates the vulnerability of your sophisticated electronic systems to data manipulation. It is your responsibility to ensure that follow-up actions fully resolve all of your violations.” This suggests that either the FDA felt the consulting firm did not adequately identify gaps in processes and procedures or that the company did not remediate the gaps. Or perhaps both. This is the eighth drug GMP warning letter issued in FY2016 to sites outside the US and the seventh issued to a firm in India. All eight warning letters issued to sites outside the US in FY2016 address data integrity failures.
The same site was the subject of a EU GMP report of non-compliance by the Italian GMP authorities in December 2014. The summary of non-compliance contains similar concerns about data integrity.
- The firm routinely conducted ‘trial’ HPLC injections prior to the formal reported injections. FDA provides six (6) examples of how such pre-injection data were conducted and the data manipulated including resetting the time/date clock, deletion of original files, deletion of test method validation data, admission of plans to fabricate sample preparation data, lack of agreement between the instrument logbook and instrument audit trail, and storage of the pre-injections on a personal computer.
- Lack of controls over laboratory computer systems including the ability of analysts to log in as Administrator without a unique password, lack of user roles and privileges, and creation of folders on personal computers for storage of HPLC data.
- Original batch record pages were destroyed and replacement pages were backdated. The Quality Unit approved the revised and backdated pages. Quality management and production managers allowed the practice.
- The firm initiated a ‘prospective’ validation protocol that was not approved or implemented, nor were samples to demonstrate process consistency collected or tested. Product was shipped to the US using the un-validated process with new equipment.
- The firm performs contract manufacture and their clients were not notified of the manufacturing changes so the customer could determine whether additional testing, stability evaluations or reporting to regulatory agencies was necessarily
I won’t cut and paste it here but the additional requirements that the firm must address are included at the end of the warning letter, and are worth reading.