data management Archives - European Industrial Pharmacists Group (EIPG)

Approval of the Data Governance Act, and EMA’s consultation on the protection of personal data in the CTIS


by Giuliana Miglierini The Data Governance Act (DGA) was approved and adopted in May 2022 by the European Council, following the positive position of the EU Parliament; the new legislation will entry into force after being signed by the presidents Read more

The transition towards EMA's new Digital Application Dataset Integration (DADI) user interface


by Giuliana Miglierini The Digital Application Dataset Integration (DADI) network project is aimed to replace the current PDF-based electronic applications forms (eAFs) used for regulatory submissions with new web-forms accessible through the DADI user interface. The European Medicines Agency (EMA) has Read more

IVD regulation in force: new MDCG guidelines and criticalities for innovation in diagnostics


by Giuliana Miglierini The new regulation on in vitro diagnostic medical devices (IVDR, Regulation (EU) 2017/746) entered into force on 26 May 2022. The new rules define a completely renewed framework for the development, validation and use of these important Read more

PIC/S Annual Report 2021

, , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , ,

by Giuliana Miglierini

The Annual Report of the Pharmaceutical Inspection Co-operation Scheme (PIC/S) resumes the many activities and results achieved in 2021, despite the ongoing pandemic that required remote coordination and on-line virtual meetings. To this regard, a written procedure has been used to manage important decisions. PIC/S also supported the harmonisation of the distant assessment procedures used by the various regulatory authorities to run GMP inspections during the pandemic period.

The non-binding co-operative arrangement between international regulatory authorities aims to implement harmonised GMP standards and quality systems in support to harmonised inspection procedures. PIC/S’ new strategic plan for 2023-2027 will be presented at the PIC/S 50th anniversary in 2022. The PIC/S Committee has elected Paul Gustafson (Canada/ROEB) as the new Chairperson for the period 2022-2023; he takes the place of Anne Hayes (Ireland/HPRA).

New memberships and re-assessments

Last year saw the entry into the PIC/S scheme of the Brasilian Agência Nacional de Vigilância Sanitária (ANVISA), one of the main regulators of South America, representing the largest market for medicinal products for this geographic area. ANVISA is the 54th member of PIC/S.

Five other membership applications continued the process of assessment. These include the application of Armenia’s Scientific Center of Drug and Medical Technologies Expertise (SCDMTE), that was requested to update its documentation; the preliminary report should be issued soon.

The Bulgarian Drug Agency (BDA) will benefit of a partial assessment of its application, due to the fact the agency already went through an audit under the EMA Joint Audit Programme (JAP) whose report was shared with PIC/S. Health Canada will also collaborate to this assessment under a MRA procedure.

The Jordan Food and Drug Administration (JFDA) also filed a membership application, as well as another regulator from Africa, the Saudi Food & Drug Authority (SFDA), whose preliminary report is soon expected.

Particularly complex is the case of the application by several Competent Authorities of the Russian Federation that jointly submitted a complete membership application in December2020. A larger team, consisting of a Rapporteur and several Co-Rapporteurs, shall be nominated to better manage the procedure. The involved Russian authorities are the Ministry of Industry and Trade of the Russian Federation (Minpromtorg Russia), the Federal Service for Surveillance in Healthcare (Roszdravnadzor), including the “Information and Methodological Center for Expertise, Accounting and Analysis of Circulation of Medical Products” (FGBU “IMCEUAOSMP” of Roszdravnadzor),the Federal “State Institute of Drugs and Good Practices” (FSI “SID & GP”), and the Federal “Scientific Center for Examination of Medical Devices” of the Ministry of Health of the Russian Federation (FSBI ”SCEMD”).

Among authorities undergoing the pre-accession procedure is the Chinese regulatory agency National Medical Products Administration (NMPA), whose application will be assessed by Jacques Morenas (France/ANSM) as Rapporteur and Raphael Yeung (Hong Kong SAR, China/PPBHK) as Co-Rapporteur.

Reviewing of the pre-accession application is also ongoing for the Analytical Expertise Center (AEC) of the Ministry of Health of Azerbaijan, the Bangladesh’s Directorate General of Drug Administration (DGDA, this 2-year timeframe for the pre-accession expired in February 2021, and a new application was required) and the Drug Regulatory Authority of Pakistan (DRAP), that was invited to apply for membership subject to the implementation of the PIC/S GMP Guide.

PIC/S also run a Joint Reassessment Programme (JRP) in parallel with the EU’s JAP to re-evaluate its members for equivalence on a regular basis. In 2021 the JRP included the reassessment of regulatory authorities from Indonesia (NADFC), New Zealand (Medsafe), and South Africa (SAHPRA).

PIC/S also established new contacts in 2021 with other non-member authorities, including Cameroon’s Laboratoire National de Contrôle de Qualité des Médicaments et d’ Expertise, China’s Institute of Veterinary Drug Control, Cuba’s Centro para el Control Estatal de Medicamentos, Equipos y Dispositivos Médicos (CECMED), and Montenegro’s Institute for Medicines and Medical Devices.

New guidances and revisions of existing ones

Among the new guidances adopted in 2021 are the Annex 2A for the Manufacture of ATMP for Human Use and Annex 2B for the Manufacture of Biological Medicinal Substances and Products for Human Use, that entered into force on 1 May 2021 (PE 009-15). The documents were finalised by the PIC/S Working Group on the revision of Annex 2 of the PIC/S GMP Guide.

The Working Group on Data Integrity issued two other guidance documents that entered into force on 1 July 2021, the Guidance on Good Practices for Data Management and Integrity in Regulated GMP/GDP Environments (PI 041-1) and a restricted Aide Memoire on inspection of data management and integrity (PI 049).

PIC/S also issued the Good Practice Guidelines for Blood Establishments and Hospital Blood Banks (PE 005) and the related Aide Memoire to Inspections of Blood Establishments and Plasma Warehouses (PI 008), that entered into force on 1 June 2021. The dedicated Working Group will now address the revision of PI 019 (PIC/S Site Master File for Source Plasma Establishments) and PI 020 (PIC/S Site Master File for Plasma Warehouses).

PIC/S and EMA’s joint Working Group on Annex 1 reviewed the comments received to the second public consultation and drafted the final version of the Annex.

The Working Group on Harmonisation of the Classification of Deficiencies is finalising the revision of the PIC/S SOP on Inspection Report Format (PI 013-3) in order to align it with the abovementioned PI 040-1. The Working Group on Controlling Cross-Contamination in Shared Facilities is as well finalising the revision of its Guidance on Cross-Contamination in Shared Facilities (PI 043-1).

PIC/S is also working to harmonise its GMP Guide and Annexes to the rules established by the European Union, in collaboration with EMA through the PIC/S-EMA Joint Consultation Procedure. Many chapters and annexes of the PIC/S-EU GMP Guide were considered during 2021, including Chapter 1 (Pharmaceutical Quality System), Chapter 4 (Documentation) and Annex 11 (Computerised Systems), Annexes 4 and 5 (Veterinary Medicinal Products), Annex 13 (Investigational Medicinal Products), Annex 16 (Certification by an Authorised Person & Batch Release), and Annex21 (GMP Obligations for Importation to the EU).

Virtual training in the pandemic period

Four virtual training events were organised in 2021, among which a PIC/S webinar for inspectors on ICH Q12 (Pharmaceutical Product Lifecycle Management) that was attended by around350 participants from 50 agencies and 44 different jurisdictions.

The webinar on Distant assessment/Remote Virtual Inspection co-organised with the EU Commission Expert Sub-Group on Inspections in the Blood, Tissues and Cells Sectors (IES) was attended by around 325 participants.

The 2021 PIC/S annual seminar was hosted by the Ministry Food and Drug Safety (MFDS) of the Republic of Korea, and saw the participation of 315 inspectors from 54 authorities.

The 2nd meeting of the PIC/S Expert Circle on Controlling Cross-Contamination in Shared Facilities (CCCISF) was virtually hosted and was attended by 375 participants.

Last year saw also the provision of new harmonised and standardised GMP training activities for inspectors under the PIC/S Inspectorates’ Academy (PIA) initiative, a web-based educational centre also involved in setting up a standardised qualification process of inspectors.


The new PIC/S guideline on data integrity

, , , , , , , , , , , , , , ,

by Giuliana Miglierini

The long waited new PIC/S guideline PI 041-1 has been finally released on July 1st; the document defines the “Good Practices for Data Management and Data Integrity in regulated GMP/GDP Environments”, and it represents the final evolution of the debate, after the 2nd draft published in August 2016 and the 3rd one of November 2018.
While maintaining the previous structure, comprehensive of 14 chapters for a total of 63 pages, some modifications occurred in the subchapters. The Pharmaceutical Inspection Co-operation Scheme (PIC/S) groups inspectors from more than 50 countries. PIC/S guidelines are specifically aimed to support the inspectors’ work, providing a harmonised approach to GMP/GDP inspections to manufacturing sites for APIs and medicinal products.

Data integrity is a fundamental aspect of inspections
The effectiveness of these inspection processes is determined by the reliability of the evidence provided to the inspector and ultimately the integrity of the underlying data. It is critical to the inspection process that inspectors can determine and fully rely on the accuracy and completeness of evidence and records presented to them”, states the Guideline’s Introduction.
This is even more true after the transformation impressed by the pandemic, resulting in a strong acceleration towards digitalisation of all activities. The huge amount of data produced every day during all aspects of the manufacturing and distribution of pharmaceutical products needs robust data management practices to be in place in order to provide adequate data policy, documentation, quality and security. According to the Guideline, all practices used by a manufacturer “should ensure that data is attributable, legible, contemporaneous, original, accurate, complete, consistent, enduring, and available”. This means also that the same principles outlined by PIC/S may be used also to improve the quality of data used to prepare the registration dossier and to define control strategies and specifications for the API and drug product.
The guidance applies to on-site assessments, which are normally required for data verification and evidence of operational compliance with procedures. In the case of remote (desktop) inspections, as occurred for example during the pandemic period, its impact will be limited to an assessment of data governance systems. PIC/S also highlights that the guideline “is not intended to provide specific guidance for ‘for-cause’ inspections following detection of significant data integrity vulnerabilities where forensic expertise may be required”.

The impact on the entire PQS
PIC/S defines data Integrity as “the degree to which data are complete, consistent, accurate, trustworthy, and reliable and that these characteristics of the data are maintained throughout the data life cycle”.
This means that the principles expressed by the guideline should be considered with respect to the entire Pharmaceutical Quality System (and to the Quality System according to GDPs), both for electronic, paper-based and hybrid systems for data production, and fall under the full responsibility of the manufacturer or the distributor undergoing the inspection.
The new guidance will represent the baseline for inspectors to plan risk-based inspections relative to good data management practices and risk-based control strategies for data, and will help the industry to prepare to meet the expected quality for data integrity, providing guidance on the interpretation of existing GMP/GDP requirements relating to current industry data management practices without imposition of additional regulatory burden. PIC/S highlights that the new guidance is not mandatory or enforceable under the law, thus each manufacturer or distributor is free to voluntarily choose to follow its indications.

Principles for data governance
The establishment of a data governance system, even if not mandatory, according to PIC/S would support the company to coherently define its data integrity risk management activities. All passages typical of the data lifecycle should be considered, including generation, processing, reporting, checking, decision-making, storage and elimination of data at the end of the retention period.
“Data relating to a product or process may cross various boundaries within the lifecycle. This may include data transfer between paper-based and computerised systems, or between different organisational boundaries; both internal (e.g. between production, QC and QA) and external (e.g. between service providers or contract givers and acceptors)”, warns PIC/S.
Chapter 7 specifically discusses the Good document management practices (GdocPs) expected to be applied, that can be summarised by the acronyms ALCOA (Attributable, Legible, Contemporaneous, Original, Accurate) and ALCOA+ (the previous plus Complete, Consistent, Enduring and Available).
Data governance systems should take into consideration data ownership and the design, operation and monitoring of processes and systems. Controls should include both operational (e.g. procedures, training, routine, periodic surveillance, etc) and technical features (e,g, computerised system validation, qualification and control, automation or other technologies to provide control of data). The entire organisation should commit to the adoption of the new data culture, under a top-down approach starting from the Senior management and with evidence provided of communication of expectations to personnel at all levels. Sections 6 of the guideline provides some examples in this direction. The ICH Q9 principles on quality risk management should be used to guide the implementation of data governance systems and risk minimisation activities, under the responsibility of the Senior management. Efforts in this direction should always be commensurate with the risk to product quality, and balanced with other quality resource demands. In particular, the risk evaluation should consider the criticality of data and their associated risk; the guideline provides an outline of how to approach the evaluation of both these factors (paragraphs 5.4 and 5.5). Indication is also provided on how to assess the effectiveness of data integrity control measures (par. 5.6) during internal audit or other periodic review processes.
Chapter 8 addresses the specific issues to be considered with respect to data integrity for paperbased systems, while those related to computerised systems are discussed in Chapter 9. As many activities typical of the pharmaceutical lifecycle are normally outsourced to contract development & manufacturing organisations (i.e. API manufacturing, formulation, analytical controls, distribution, etc.), PIC/S also considered in the guideline the aspects impacting on the data integrity of the overall supply chain (Chapt. 10). “Initial and periodic re-qualification of supply chain partners and outsourced activities should include consideration of data integrity risks and appropriate control measures”, says the guideline.

The regulatory impact of data integrity
Recent years have seen the issuance of many deficiency letters due to problems with data integrity,. Approx. half (42, 49%) of the total 85 GMP warning letters issued by the FDA in 2018, for example, included a data integrity component.
The new PIC/S guideline provides a detailed cross-reference table linking requirements for data integrity to those referring to the other guidelines on GMPs/GDPs for medicinal products (Chapter 11). Guidance on the classification of deficiencies is also included in the document, in order to support consistency in reporting and classification of data integrity deficiencies. PIC/S notes that this part of the guidance “is not intended to affect the inspecting authority’s ability to act according to its internal policies or national regulatory frameworks”.
Deficiencies may refer to a significant risk for human or animal health, may be the result of fraud, misrepresentation or falsification of products or data, or of a bad practice, or may represent an opportunity for failure (without evidence of actual failure) due to absence of the required data control measures. They are classified according to their impact, as critical, major and other deficiencies.
Chapter 12 provides insight on how to plan for the remediation of data integrity failures, starting from the attention required to solve immediate issues and their associated risks. The guideline lists the elements to be included in the comprehensive investigation to be put in place by the manufacturer, as well as the corrective and preventive actions (CAPA) taken to address the data integrity vulnerabilities. A Glossary is also provided at the end of the guideline.