Not to harp on this point, but the drug industry should thank certain people for bringing a certain legal complaint involving a Swiss multinational whose name starts with N to light, because the problems listed in that document (whatever happens with that particular case) are difficult ones and a great many drug companies are wrestling with them today.
IT consultant John Avellanet, head of Cerulean Associates, LLC, shared his insights on drug safety data management in pharma. I asked him specifically (and generically) about two allegations that were raised in David Olagunju legal complaint: best practices for validating data to comply with 21 CFR Part 11 and whether hard coding of randomization codes is really a problem.
His responses are enlightening.
Mr. Avallanet is off on Wednesday to give an expert briefing on Data Integrity and 21 CFR Part 11 to FDA. We'll publish a more extensive interview and case history on our web site and in our next issue, and we're very pleased that John will be writing an article for an upcoming edition of Pharmaceutical Manufacturing.
Please note- John's comments are generic and describe some of what he has seen in pharma and have absolutely no connection whatsoever with the legal complaint, the company involved in that complaint or any of its affiliates.
Here's a sound bite.
PM - What mistakes have you seen that pharma companies typically when validating data to comply with Part 11?
JA - There are six core steps to ensuring Part 11 compliance for clinical data (preclinical toxicology reports come from the public literature). The mistakes run the gamut from simple oversights to multi-million dollar snafus.
The Top three mistakes that I almost always consistently see:
- Lack of clarity and accountability for data integrity. To date, in every company I've dealt with, "someone else" is always held accountable for data integrity. Records Management says it's an IT issue because IT holds the keys to the computer systems the data is stored on; IT says it's a Records Management issue because they support systems, not information; the scientists claim that they are responsible for it and so they want to burn it on CD and stick it in their desk drawer because they just know IT won't be able to find it down the road when the scientist might need it; management assumes that just like quality is accountable for the paper quality systems files (SOPs and the like), they must be accountable for the electronic stuff too"¦and so on, and so on, and so on.
- A division between R&D/preclinical data and the clinical and production data. From the FDA's perspective, this makes no sense (think Quality by Design). From a cynical IT perspective and from a big consulting firm perspective, this makes it easy. Either you deal in the R&D world or you don't. If you don't deal with R&D/preclinical, it's not your problem.
- Inability to "translate" and achieve mutual understanding between functional units. More and more, I'm convinced this is one of the root causes of the problem. IT can't understand Compliance, who can't understand the Scientists, who can't understand Purchasing, who can't understand Senior Management"¦you get the picture. It's not that they all need to be in mutual agreement - they won't be - but they do need to figure out how to be in mutual understanding; all marching to the same beat of the drum.