Warning Letter: Lack of spreadsheet control (ucm404316)

Failure to maintain complete data derived from all testing and to ensure compliance with established specifications and standards pertaining to data retention and management.

Your firm did not retain complete raw data from testing performed to ensure the quality of your APIs. Specifically, your firm deleted all electronic raw data supporting your high performance liquid chromatography (HPLC) testing of all API products released to the U.S. market. In addition, your firm failed to retain basic chromatographic information such as injection sequence, instrument method or integration method for the tests. Your firm’s lack of data control causes us to question the reliability of your data.

View the original warning letter.

Warning Letter: Failure to follow SOP/Lack of controls (ucm401451)

1. Failure to maintain complete data derived from all laboratory tests conducted to ensure compliance with established specifications and standards.

Your firm lacked accurate raw laboratory data records for API batches shipped by your firm. The inspection revealed that batch samples were retested until acceptable results were obtained. In addition, your quality control (QC) laboratory failed to include complete data on QC testing sheets. Failing or otherwise atypical results were not included in the official laboratory control records, not reported, and not investigated.

…

Your firm’s response to the Form FDA-483 acknowledges the deficiencies regarding data integrity observed during this inspection. Nevertheless, your firm’s health hazard evaluation “Drug Safety Analysis” conducted in response to the Form FDA-483 concluded that there was no effect on product quality or patient safety. However, this evaluation was based on unreliable and incomplete data, as undesired records appear to be excluded. For instance, your report failed to include all of the batches tested, and did not list all of the customers you notified other than Apotex, Inc. Your response to the previous 2010 inspectional findings stated that “We are confident that … SOPs covering OOS … and Deviation … will provide the necessary control over the system to ensure consistent application and on-going compliance to this requirement.” However, you clearly failed to detect and investigate the inaccurate data found by our investigators during this recent inspection.

View the original warning letter.

Warning Letter: Mishandling and retrieval of electronic data (ucm393093)

Your firm failed to establish SOPs describing the handling and retrieval of electronic data. Handling of electronic data includes the security (e.g., audit trails) and statistical analysis of raw data. Specifically, the SOP for handling electronic data should describe a procedure for the archiving of multiple statistical analyses of the clinical pathology raw data with the study records. For Study [redacted], multiple sets of statistical analyses were maintained on the firm’s electronic server, and were not archived appropriately.

View the original warning letter.

Warning Letter: Failure to exercise appropriate controls on data (ucm369407)

Your firm failed to exercise appropriate controls over computer or related systems to assure that only authorized personnel institute changes in master production and control records, or other records (21 CFR 211.68(b)).

Your firm’s [redacted] “Jasco LC-Net II” HPLC instruments do not have restrictions in place to prevent any change or deletion of analytical raw data. Additionally, there is no audit trail in place to determine any previous deletion of raw data.

View the original warning letter.

Warning Letter: Uncontrolled Excel spreadsheets (ucm369409)

For example, your firm failed to have adequate procedures for the use of computerized systems used in the QC laboratory. At the time of the inspections, your QC laboratory personnel shared the same username and password for the operating systems and analytical software on each workstation in the QC laboratory. In addition, no computer lock mechanism had been configured to prevent unauthorized access to the operating system. The investigator noticed that the current QC computer users are able to delete data acquired. In addition, the investigator found that there is no audit trail or trace in the operating system to document deletions.

Additionally, at the Aarti Drug Limited facility (FEI 3009688205), the investigator noticed that the use of the Excel® spreadsheets in analytical calculations are neither controlled nor protected from modifications or deletion. The investigator noticed that the calculation for residual solvent for [redacted] uses an Excel spreadsheet that has not been qualified. We are concerned about the data generated by your QC laboratory from non-qualified and uncontrolled Excel spreadsheets.

View the original warning letter.

Warning Letter: Firm not reporting all electronic results obtained (ucm 361553)

We observed and documented practices during the inspection that kept some samples, data and results outside of the local systems for assessing quality. This raises serious concerns regarding the integrity and reliability of the data generated at your Kalyani plant. For example,

a. Our review of the Chromeleon and Empower II software found that your firm was testing samples unofficially, and not reporting all results obtained. Specifically, “test,” “trial” and “demo” injections of intermediate and final API samples were performed, prior to performing the tests that would be reported as the final QC results.

b. Out-of-specification or undesirable results were ignored and not investigated.

c. Samples were retested without a record of the reason for the retest or an investigation. Only passing results were considered valid, and were used to release batches of APIs intended for US distribution.

d. Unacceptable practices in the management of electronic data were also noted. The management of electronic data permitted unauthorized changes, as digital computer folders and files could be easily altered or deleted.

View the original warning letter.

Warning Letter: Failure to follow Protocol (ucm 366762)

Protocol [redacted] required that you dispense a handheld electronic device (LogPad) to subjects at Visit 2, prior to surgery, and that the subjects record their pain assessments in the LogPad during the study. You did not dispense a LogPad to Subject 09-006 at Visit 2 on March 4, 2011, because the subject was sedated and on a ventilator. In addition, five pain assessments for Subject 09-006 were entered into the LogPad by the study coordinator, rather than by the subject. During the inspection, your study coordinator indicated that she used the subject’s login code and entered the subject’s pain-assessment scores into the LogPad when the subject was unable to provide a pain score. In your October 3, 2012, written response, you acknowledged that the LogPad was not dispensed to Subject 09-006 prior to surgery. You noted that after surgery, the subject was put on a “vent” (ventilator), was sedated, and was unable to participate in the evaluation of pain, via the LogPad or otherwise….

…By failing to ensure that pain-assessment data were entered only by the subjects, as required by the protocol, you compromised the validity and integrity of data collected at your site. Protocol [redacted] required that the subjects record their pain assessments in the LogPad during the study. For Subject 09-006, the LogPad contained assessments purportedly made and entered by the subject; however, five pain assessments were entered by the study coordinator and reflect the study coordinator’s or nursing staff’s assessments, rather than the subject’s assessments.

View the original warning letter.

Warning Letter: Failed to exercise appropriate controls (ucm 355294)

Additionally, during an audit of the data submitted in support of the [redacted] regarding [redacted] tablets USP [redacted] mg, our investigator requested to review the electronic analytical raw data to compare the values for [redacted] assay and degradation products. However, your firm provided only the printed copies of the raw data because your firm did not have the software program available to view the electronic raw data.
Your firm failed to exercise appropriate controls over computer or related systems to assure that only authorized personnel institute changes in master production and control records, or other records (21 CFR 211.68(b)).

During the inspection, our investigator also identified a backdated QC worksheet in the analytical report of [redacted] API raw material batch [redacted]. When your analyst affixed the related substance and IR weight printouts to the Format for Blank Sheet for Printout (Format No. F2/QCD/F/026-00), he signed and dated this worksheet as July 29, 2011. A second analyst, who reviewed this worksheet, also signed and dated it as July 29, 2011. However, your QA department did not issue this worksheet until July 31, 2011. Your analyst acknowledged during the inspection that he backdated this worksheet on July 31, 2011.

Your response stated that the analyst incorrectly dated the worksheet as July 29, 2011, instead of July 31, 2011, and that there was no intention to deliberately backdate the document. However, your response contradicted your analyst’s backdating admittance during the inspection. In addition, your response did not explain the reviewer’s signature which was also dated July 29, 2011.
Backdating documents is an unacceptable practice and raises doubt about the validity of your firm’s records.
View the original warning letter.

483 from BioQuality, Vol. 14(9): Use of Uncontrolled Excel Spreadsheet

“Uncontrolled Excel spreadsheet is used for: • issuance of deviation numbers • tracking deviations to closure • trending deviation data This has resulted in: • CAPAs not always being linked to associated deviations • Deviation priority levels not always being consistent Validation of QC lab software failed to demonstrate adequate security: • Analysts have the ability to overwrite original data • No individual user names and passwords limiting access to the system “

Warning Letter: Lack of system control (ucm075766)

You failed to establish and maintain process control procedures , including documented instructions and written SOPs for steps in the testing of blood and blood components [21 CFR 606.100(b), 820.70(a)(1)]. Specifically: “a) There are no written procedures describing computer software[redacted] functional requirements or descriptions of functions and there is no computer manual. The database functions as the information management tool used to collect, organize, process, analyze, secure and maintain testing data. “We also note that you have failed to establish an adequate system for authorizing, granting, and rescinding computer access to functions in the [redacted] and adequate computer security provisions to assure data integrity. Current users do not use appropriate access such as passwords and user-id and personnel who have changed jobs still have access to the system.

View the original warning letter.