The episode "Digitization Of Validation For Effective Virtual Regulatory Inspections", originally broadcast on IVT Network's Voices in Validation podcast, won the 2021 Voices in Validation Podcast of the Year Award. The episode featured Dr. Ajaz Hussain, Dr. Alton Johnson, and Steve Thompson.
The discussion built off the article "Digitization of Validation for Effective Off-site Regulatory 'Review' and 'Inspection'" originally published in IVT Network Journal of GxP Compliance | Volume 25, Issue 1 January 2021. (You can read the complete article.)
Podcast transcript:
Welcome to another episode of voices and validation brought to you by the IVT network. As we continue to face business from COVID, a new normal may be emerging in regulated industries, such as pharma and medical devices. When it comes to site visits and audits, agencies like the FDA continue to rely on virtual inspections.
We need to take a look at the process, including a review of documents and processes, and procedures. How can these inspections be more hands-on and eyes-on to allow for more efficient and accurate outcomes? So here today, helping us to better understand the intricacies of remote inspection, Dr. Ajaz Hussain, Dr. Alton Johnson, and Steve Thompson.
Welcome to all of you. It's great to have such a panel of experts assembled today to talk about where we're going with the future of inspections. The US Food and Drug Administration has postponed routine in-person inspections globally, for how long, we don't really know right now.
But I wanted to kick off today's discussion by talking about the criteria that are being considered when selecting facilities. As I understand, it's on a case-by-case basis for remote inspections and, better understand what the FDA is looking for. Or if the FDA is looking for specific performance markers to help alleviate risk concerns.
Yes. Mission-critical is the keyword there. And mission-critical relates to breakthrough therapies that are needed, serious condition drugs for serious conditions, biologics for serious conditions, for which we don't have alternatives, as well as for genetics. Especially those generics that are prone to shortages. And those we need, I think, the primary drivers for case-by-case decisions for conducting inspections. I think that is what is mission critical for us?
How effective are these remote audits? I think today there really isn't much of a precedent for doing them at all remotely.
So really what we're trying to do is establish a dialogue around how this might look and how we could pull this off. Another component that we've talked about in the past is access to data and information. And one thing that industry can continue to do is the digital transformation conversion.
If more things were in digital format, if our validation lifecycle management systems were digital, we would be able to pull information much more quickly. So I think we're talking about the capabilities that would actually enable this to happen. One of the important things in inspection is that the FDA or whatever regulatory authority is conducting an inspection is that they understand that they're getting authentic data in real-time or near real-time so that they understand that they have a good sense of what's going on in the site. And unless we have the data available and connected, we aren't going to be able to respond as an industry as we would need to respond. So I think it's a concept that could be developed quite rapidly. But I would say remote inspections today are pretty much limited to follow-ups from previous.
It's funny to hear you say that because that is kind of like the elephant in the room. That we haven't really embraced the whole digital space yet. And there are some organizations that are very, very good at this and they've progressed quite nicely. They probably would do just fine in audits for inspection situations, and then others who, you know, I'm thinking about as you're talking, just wouldn't be able to, get the data to the regulators in a timely fashion.
How have restrictions in conducting pre-approval inspections delayed new product approval and commercial launch? Do you have a sense of that now and what are the best and worst case scenarios here?
Well, I think for most of 2020 we did not see a significant impact, but perhaps because many of the inspections were already conducted and there was no need for repeating the inspection on many occasions. But since perhaps December, we have seen significant delays in approvals, complete response letters. And what we have to keep in mind is the pharmaceutical sector is a very heterogeneous sector. We have perhaps 3,500 or so facilities that supply medicines. Some of them are large major operations, which are far advanced, are able to advance in their digitization and other aspects, which I think are relevant to creating a inspection and refinement that you'd be comfortable with. The U.S. supply is dependent on the totality of all these suppliers. And I think that poses a significant challenge.
I would agree. I would agree that we've seen that as a major factor throughout this entire pandemic, really the whole supply chain.
And how do we get, not only the drugs, but the other items that we need, whether it's glass vials or PPE for clean rooms, et cetera? So that would continue to be a theme in 2021.
Thank you. Thinking about the companies then that are able, to participate in virtual inspections.
If they're preparing for a virtual inspection, what are these firms expected to provide and how can they best prepare all that they will need to submit for review?
Most firms are familiar with the typical questions, like your investigations for the past period of time or your remedial actions or your recalls. So having that material readily available, those are pretty standard. And those could be provided either with digital solutions, as we talked about before, or near real-time viewing of paper copies.
I think the one thing that would be really important to make an inspector feel that they're on-site is the tour? They usually start their inspection with a tour.
There are great camera technologies today. And many firms use them internally for troubleshooting or training and all kinds of applications. Those could easily be redeployed to give that inspection. A real-time real-world view of what's going on in the plant. They could actually witness anything they could virtually by pointing the camera in the right direction. And you can augment that with data once you have the digital platform. So I think those two things, the digitalization, which we talked about earlier, but really having eyes on through a camera could give an inspector that a understanding of what's really going on.
Sure. And I love that definitely would make them feel a little bit more at ease to be able to see. Steve, I want to have you jump in here because we've talked about a lot of different technologies in the past and I want to get your opinion on the various technologies that are out there and see if there are some that are better than others in supporting virtual inspections.
So what we're doing right now with Zoom, that's a technology that you could use in an audit, but there are issues, challenges, and that comes from document sharing. Alton was mentioning things that are key readily assessable, authentic, real-time or near real-time.
With Zoom, you have to share documents. You could use it, but there are some challenges. Then we get to a document management system it's better suited for sharing docs. But it's still a little cumbersome. The issue comes into play with packages of documents. So I could share an SOP that's no problem. But when it comes to sharing a package, like a validation package, the plan, the summary report, all the requirements, all the traceability matrix, all the qualification protocols, making sure you get the right package pulled together takes people. Otherwise you make a mistake and then you just created another problem. So then the next level is niche or niche systems, and that will be things like your learning management system, your laboratory information management system, limbs, or the validation life cycle management system.
Now what makes these systems really suited for inspections is that gets to the authentic and real-time. You're getting the right information at the right time because the system is designed that way. And there's an association between the records, the relationships, that's why we have relational database management systems and then the attributes and the metadata, all that gets put into these needs systems. They're intelligent and they understand how the data is associated with each other. You can slice and dice it or pull queries out to answer specific questions without providing. A whole bunch of documents where a person has asked to go through and review the documents. The only problem with that is you have to make sure you're giving the right results because queries can have mistakes.
So you would really want to verify or make sure that the queries are known ahead of time for regulatory purposes. And then Alton just said, which is a great segue into this as the augmented reality. So you can couple zoom or teams with augmented reality. And I could literally put on a headset and take you on a guided tour wherever you want to go. So whatever I see, you're seeing, you can say, Hey, look to the right. I would look there, look to the left. I would look there, look up, look down, whatever you want to see, you can direct me through a video call and you are seeing, and hearing me as I go through and take you on a virtual tour. And, And then when you get to, again, Alton mentioned this point when you get to the augmented reality, more so than just a camera.
When I get ready to look at a piece of equipment, that data could be augmented. So if you had the validation lifecycle management system, the data could be augmented to where I will see validation information overlaid on top of reality. So it's exciting. It's actually here now. So those are examples of the types of technologies.
Amazing. It's like, almost like you're there right. In person for some of these factors. Thank you for covering the different technologies that are available and talking about the systems. I'd want to talk a little bit more, and obviously I acknowledged that you mentioned, you know, there's some preparation that needs to be done ahead of time.
The team needs to work together to pull all of that information. That's appropriate to this inspection, together. So that it is, in one location for the inspectors. We know in GXP environments inspecting and investigating requires that the regulators that are going to review these documents, which we're supplying as a company.
Thinking about the technologies you just mentioned, what are the best methods of retrieval that really provide the least number of resources while still allowing for minimal risk or error in invalid. So, again, Alton mentioned a point and it's actually in the regulation and it's readily assessable this data.
This information has to be readily assessable. I don't know what that is. Maybe Ajaz knows what that secret number is for readily accessible. It can't be too long, you know? Well, if you have your information put together, then it's easier. It's more quick to provide the right data at the right time, whatever readily assessable.
So let's go to the most intensive to the least intensive. So the most is paper-based systems and paper-based processes. If you have a physical archive, you have to go to the archive, you have to find the document, you have to scan it, fax it. And, so that's a problem when you take the physical and move it into a virtual, even if it's a document management system there's effort.
That takes a lot of time. And it's error prone. So averages are about 30 to 60. The way to get around that is double key entry, which takes twice as many resources. That's the first step. Then the moderate is the document management system and we already talked about, is it the right template? Is it the right document, the right version, associated with the right package? When you pull data from a document management system, it still takes a person to go through and make sure it's the right thing. It also takes a person to make sure the right thing goes into the document management system. And that's why you have reviewers and signatures and such to get it in. If you get the wrong thing in, you get the garbage in / garbage out scenario.
Now the least is the niche solutions I talked about. And the reason for that is it knows the information. It knows the records, the relationships, the associations, the data is intelligent, and you could introduce technical controls and field level validation. So the right data gets put in at the right time. Again, no garbage in, no garbage out. Doing queries that have been verified, you'll make sure you're getting the correct answers at the right time. It's much quicker to go into a system and pull out data from a query to answer the question than it is to go find the document and a document management system in the right place, and then pull it out that way.
For the regulators to actually gain access to the documents, are you using some sort of portal? How are they doing that in a secure fashion?
Great question. There was always the trick that you would say, "oh, you can't have access to the system because you're not trained. And that's our policy."
Well, they're getting smarter with that. And I know in Europe they want unfettered access to the system because they want their hands on the steering wheel to go wherever they want to go. That's where everybody is headed. So how do you control that? If you open up your document management system, you don't have any control. You're just exposing, especially in a virtual situation. So how do you get them in virtually and still maintain some control? That is why these systems are excellent because if it's done right, you can control what a person can see and do via the GUI, what they could see and the functionality, what they could do.
So some systems will support virtual audits just because they're digitized and you can control who has access, and you could lock it down to where, if they have a request, you share that document or ideally that package, and you can revoke the access is. So you give it to them for a period of time. And when they're done, you revoke the access.
Excellent. So thinking about electronic transmission of information between manufacturers and importers to FDA, then, that's widely used for example, NDA and other submissions and responses, and then responses back to them, FDA 483 observations, et cetera. Can we apply a similar framework here, like this to support FDA inspections in this virtual environment?
I think we could, and that could be an interim step until we have that magic portal, where the regulatory authority can go in and do their self-guided tour and look at what they want. The interim step could be a framework. My dream would be an ICH guidance that would frame all this out so that globally, we have one standard framework.
That's a few years away, realistically, even if it were identified as a guideline. What do we do in the meantime? I think we could work with a specific regulatory agencies and they could specify the platform and the format much the way that you described NDAs and submission of those types of information. I think that would be a really useful step forward to have that framework from the regulators as to how they would like to receive this information and then industry could comply.
Thanks. I just want to make sure that I'm understanding correctly. I'm hearing you guys talking about all kinds of great systems and being able to share certain things and not share certain things, but it sounds like you really have to be onboard with this digital transformation. You really have to be digitized in most instances to make this work. So Steve, I'm going to see if you can help us understand what the first steps are or look like for an organization, as they move toward this digitization process. And, and is it whether it's linked to, doing an audit in the future or not?
It's a good thing to be more fully digital.
Talk about first steps and things that organizations can do to begin to prepare.
If you're just paper-based with paper-based processes, then it is a significant step. Well, in order to do this, you have to digitize, right? So if you're paper-based, it is a significant step to go paperless, digitized, paperless.
Sometimes you could draw a line in the sand and say previous processes. Backward. We're all paper-based from this date forward, we are going to be digitized or you do a risk-based approach and figure out what's necessary to digitize. So you don't digitize however long you've been in business. That's a pretty significant step there.
You have to digitize in order to do. And once you do that, then you could accommodate whatever the frameworks are. And we actually have that right now, for example, on the clinical trials space, we have the C disk consortium, which came out with the SDTM a study data tabulation models framework and as such, it knows the associations of the data. It knows the structure, it knows the attributes, it knows the content to provide. And that's really what the framework is. It says, this is what's included and this is how it has to be included. So these things have already been done. We just need to do it now for these virtual inspections. So we know the structure and the attributes and everything to put in that. Then you can go ahead. If it's a good technology provider that's looking into the future, then it's pretty easy. Once it's digital or pretty straightforward to change the frameworks, to meet whatever it is going to be tomorrow or even the next day.
The point is that you have to invest in the technology, but the challenge is what is the right technology? And there are some, some ways you could go about finding what the right technology partner is. First step is move away from paper based, get into technology, choosing the right technology and partner. Once you do that, as these new advances come down the pike you can adjust to accommodate.
Sure. It sounds so easy when you say it like that, Steve, but I think there are two key things that you mentioned. Buying in. And just like taking that leap of going digital, for an organization is one big hurdle, but really finding the right partner who can integrate with the systems and the processes you have.
It seems like a much bigger deal. I don't want to spend a lot of time talking about that today. Cause that's not what we're here for, but I mean, that could be like a whole other discussion, right? That's a hard thing to do for some of these agencies. And I guess I can understand why some haven't really yet made a move in any direction.
But we imagine looking forward and looking beyond the COVID-19 pandemic. Do you expect that remote inspections will become more routinely utilized? I'm going to throw this to you Ajaz, because I know you are so knowledgeable in this area. What are your expectations around the remote inspection and what are the first steps behind digitization to demonstrating quality and compliance performance to the FDA?
Yes. I think my answer is yes, but with the caution, I think, the current hesitation, that one that's quite possible announcements and guidances that he is releasing is there is hesitation to go towards what to allow inspection. And I think that's important to recognize because inspection and review are two distinct perhaps octagonal functions that come together. And I think both are equally important and have to come together in an integrated fashion. And I think, so we have to recognize inspection is a distinct October process to review process, which often application review.
So what does that mean? Really is I think a systems approach in mature system, the quality management system is, is fundamental and FDA has just recently launched the pilot program on. Assessing maturity of quality management systems. I think that's going hand in hand and I think, those who have mature system would be advised to be able to showcase and bring them mature, demonstrate that maturity, in the communication with FDA in before and during inspection.
I think that's one. The other aspect really is the notion of totality of evidence. The FDA is very keen on totality of evidence. From a review perspective, from a quality review perspective, you're looking at failure modes, critical core quality parameters, critical process parameters. And the control strategy and how are those implemented in practice in an operation and how are they validated have to be seamlessly demonstrated in the context of risk mitigation? How. So I remember inspection is there is a process and you have to walk through the process, understanding and give and, and having, given the process, understanding during the inspection process.
And I think that is a key element. And I think Alton has provided a number of examples. It has to be visual. It has to be with integrity essentially. This is the indemnity is essentially. And be able to query and all those things have sort of come together. And, and, so the word social aspects, the digitalization aspect that Steve talked about, and I think all of those need to come together in a proper context of totality of evidence, focusing on the failure modes and the control strategy, and to be able to recreate a virtual inspection for the inspector to be able to.
What they will have guaged on-site. I think that's key. The other point I'd like to mention is I think I didn't mentioned ICH again. I think the distinction here is perhaps pic S is the best mode to generate the guidance of far a virtual inspection model. Not in ICU. The ICS would be more for that.
And, I think, MHR and others have. And I think that could also be accomplished very quickly, but really guidance would be remove uncertainty. One. Doesn't have to wait for the guidance to do this and it can be done right now. Of course, of course. And then I think we're just at the very beginning of this, even though the pandemic feels like it's been going on forever for we're just at the beginning of really understanding, the components necessary for a, you know, a virtual audit.
What's going to be required of the organizations and really what the regulators are ultimately looking for. Beginning conversation. It helps people really to understand where the technology is at and the possibilities for, for these, companies going forward. And, and of course, certain things need to be in place before we get there.
Thank you all for sharing some of that knowledge with us and help begin to really think about this topic. Just a note here for listeners that, the three of you did work on an article that was just published in the January edition of the journal of GXP compliance. And we're going to go ahead and share the link in the show. So our listeners can take a peak and get really some more details around this topic, because it it's a great concept to ponder for the future. As we wrap up today, I do want to give each of you a moment to share any last thoughts or suggestions, for our audience and Alton, we'll start with you.
So I would really like to answer the question, how do we start, or where do we start? And I think that has led into that with the pilot program for quality maturity. And I believe if a company was prepared to do this and they had an inspection situation and they proposed a pilot and how a framework for how this would work.
I believe a regulatory agency would be interested in giving it a try. And I would love to see two or three pilots and let the agencies and the companies get a little bit of experience. There could be some wrinkles initially, but those could be ironed out and that could form the basis for some type of guidance going forward of how, how this could be effective and what requirements are.
Excellent. Steve?
I was going to tie into what Ajaz said and Alton just mentioned. The technology maturity model for me is a little bit different. I don't know what the agency will come out with, but there are models out there as well, but I look at it as a reactive, proactive, predictive, prescriptive. If you're reactive, you have a problem right now. You need to become proactive. If you're proactive, you can do that with manual procedures and human resources, capital to be proactive, but it takes a lot of time and effort resources for that. If you become predictive now you're using technology to really help you to predict what's going to happen to avoid the problem altogether, and then way down the road. What's exciting is prescriptive and that's really advanced, but in the future, That's really advanced, very mature organization, a little bit bleeding edge right now, but that means that it will find the problem before you even know about it and tell you how you're going to should fix the problem. So that kind of reactive, proactive, predictive, prescriptive.
Excellent. Thanks, Steve.
I think while at FDA at the launch of the PhD initiative, one of my presentation was looking for a real time review and inspection from New Jersey district office. The time has come now. And remember the continuous manufacturing, the real-time controls, that is an important element. I think yes, few companies have gone in that direction, but that's the trend that are looking at, I think, virtual inspection, not just reviewing. Truly an inspection, experience of a traditional going forward towards the industry 4.0 with real-time release and real-time controls and real-time review and inspection. That's the direction we are moving now. And I think companies really need to get on board with this.
Excellent. Well, thank you all.
