The purpose of this guidance is to clarify the role of data integrity in current good manufacturing practice (CGMP) for drugs, as required in 21 CFR parts 210, 211, and 212. Unless otherwise noted, the term CGMP in this guidance refers to CGMPs for drugs (including biologics). FDA’s authority for CGMP comes from section 501(a)(2)(B) of the Federal Food, Drug, and Cosmetic Act (FD&C Act). Part 210 covers Current Good Manufacturing Practice in Manufacturing, Processing, Packing, or Holding of Drugs; General; part 211 covers Current Good Manufacturing Practice for Finished Pharmaceuticals; and part 212 covers Current Good Manufacturing Practice for Positron Emission Tomography (PET) Drugs. All citations to parts 211 and 212 in this document pertain to finished pharmaceuticals and PET drugs, but these requirements are also consistent with Agency guidance on CGMP for active pharmaceutical ingredients with respect to data integrity.
This guidance provides the Agency’s current thinking on the creation and handling of data in accordance with CGMP requirements. FDA expects that all data be reliable and accurate (see the “Background” section). CGMP regulations and guidance allow for flexible and risk-based strategies to prevent and detect data integrity issues. Firms should implement meaningful and effective strategies to manage their data integrity risks based on their process understanding and knowledge management of Technologies and business models. Meaningful and effective strategies should consider the design, operation, and monitoring of systems and controls based on risk to patient, process, and product. Management’s involvement
II. BACKGROUND
In recent years, FDA has increasingly observed CGMP violations involving data integrity during CGMP inspections. This is troubling because ensuring data integrity is an important component of industry’s responsibility to ensure the safety, efficacy, and quality of drugs, and of FDA’s ability to protect the public health. These data integrity-related CGMP violations have led to numerous regulatory actions, including warning letters, import alerts, and consent decrees. The underlying premise in §§ 210.1 and 212.2 is that CGMP sets forth minimum requirements to assure that drugs meet the standards of the FD&C Act regarding safety, identity, strength, quality, and purity.4 Requirements with respect to data integrity in parts 211 and 212 include, among other things:
• § 211.68 (requiring that “backup data are exact and complete” and “secure from alteration, inadvertent erasures, or loss” and that “output from the computer … be checked for accuracy”).
• § 212.110(b) (requiring that data be “stored to prevent deterioration or loss”).
• §§ 211.100 and 211.160 (requiring that certain activities be “documented at the time of performance” and that laboratory controls be “scientifically sound”).
• § 211.180 (requiring that records be retained as “original records,” or “true copies,” or other “accurate reproductions of the original records”).
• §§ 211.188, 211.194, and 212.60(g) (requiring “complete information,” “complete data derived from all tests,” “complete record of all data,” and “complete records of all tests performed”).
0 Comments