In 2018, the World Health Organization (WHO) had set the goal of creating a guideline that would define a harmonized procedure for the execution of desk assessments by the Authorities, in its WHO Technical Report Series, No. 1010, 2018 (Guidance on good practices for desk assessment of compliance with good manufacturing practices, good laboratory practices and good clinical practices for medical products regulatory decisions). The WHO defines a desk assessment as a process of evaluation, not necessarily On-site, of the level of compliance with GMP, GCP and GLP of organisations involved in the main activities of the Life Science world.
This document makes clear that sharing information about the state of compliance with good manufacturing practices, about quality control and about conduct of clinical trials is essential to allow the authorities to maintain a good level of control over all actors who are called to respect the GxP. Actors are manufacturers of medicines and API (including biologicals and vaccines manufacturers, importers, repackaged or relabelled), but also producers of IMP (investigational medical product), service providers of QCLs, CROs and sites of conduct of clinical trials. The definition of Information sharing reported in the document is interesting: an exchange of data between individuals or entities outside the traditional organisational boundaries, to achieve a common goal in terms of better policies and to deliver better services.This may mean that one party is disclosing information while the other is collecting the information or both parties are mutually disclosing and collecting information.The documentrefers to a common goal, to improve mutual relations both on the part of the authorities and of any other entity involved.
In 2018, desk assessment was an option to encourage better optimisation of inspection resources; today, in the COVID era, the discussion is about remote audit, distant assessment and virtual inspection, which are now a necessity.
Therefore, a transparent, rapid and effective sharing of information and documents between organisations involved in inspection processes is even more important. Today, authorities, business partners and customers are called upon to exercise their role as guarantors and compliance monitors remotely, without being able to see in person the site to be authorised or monitored. Hence, it is essential that they have a true and accurate picture of the compliance status of the company to be inspected.
In paragraph 5.4 of the document, we read those words – which are familiar to those who work in the Life Science world: “…Mechanisms and controls should be established to ensure that the information provided by the applicant is authentic, legible, current and accurate.” Only when companies have defined real and solid Data Integrity policies, when they have applied ALCOA (+PLUS) rules for all critical data and information, will it be possible for the Authorities or auditors to effectively and safely exercise their control, even remotely.
The Authority itself shows the way forward: Validated electronic assessment tools (software applications) may be used to perform the desk assessments. Although paper-based systems may also be used, electronic tools are preferred (par. 5.5).
It is therefore advisable to equip oneself with robust digital solutions, well-designed on the specific business processes and therefore able to provide readable, truthful and accurate documents and information, in order to give the right confidence to those who have to monitor us (be it a national or international authority, be it a business partner) that a real environment of Reliance can be built, as desired by the guideline, “PIC/S GMP Inspection Reliance Initiative”.
The importance of building mutual trust before, after and during the conduct of a Distant Assessment necessarily relies on the adequacy of the Document Sharing process. It is no coincidence, in fact, that the first trigger that prevents the possibility of remote monitoring by the Authority is the inability of the site to be inspected to share the requested documentation: “Failure of the site to supply the requested information”(par. 5.3.3 PIC-PI_048_1_Guidance_on_GMP_Inspection_Reliance). This gives us a clear measure of the importance of having clear, accurate, easily shareable and therefore digital information, data and documents.
Only a well-designed and validated digital solution can provide data, information and documents quickly and securely, and where necessary, also in different languages, so as to facilitate the process of understanding by all (operators working on the site and international authorities or customers). Paragraph 5.3.4 of the PIC guideline assigns the Authority the task of carrying out the translation of the documents needed to perform the desk assessment, but also gives the Authority the possibility of requesting this task from the manufacturer.
So, what information and documents should an establishment always have available when it is about to receive a Remote GMP Assessment? Of course, there is no single answer to this question, or rather the answer is: all information and data that together give evidence of a robust and stable compliance system.
Some examples are provided by EFPIA in the document Alternative GMP/GDP Inspection Practices in a Pandemic Situation (COVID-19) and Beyond, where the Site Master File and the Quality Manual with the main system procedures are mentioned to provide a holistic overview of the company’s Quality System and of the Annual Product Reviews that include complaints, recalls, variations, validation status and quality defects in order to allow adequate knowledge of the product.
Other indications can be found in the above-mentioned PIC guideline, in which paragraph 5.3.1 indicates as necessary information: Corrective and Preventive Actions related to previous inspections and relevant GMP changes (key people, products, medicinal products…).
However, anyone who has undergone or carried out a GMP inspection knows very well that trust is built duringthe inspection, by making available all the evidence necessary to demonstrate that what is being described is real and demonstrable. To do this, you may need a batch record of a specific batch to show that critical process parameters are kept under control; you may need a training record to show that that specific operator is trained to run that machine; you may need a Change form to give assurance that that new excipient has been fully evaluated by everyone. Also, you may need a chromatogram to show that the titre of an API has been correctly determined, and you may need a non-conformity or out-of-specification recording and management form to give assurance that that particular anomaly has been thoroughly investigated, the cause identified and the problem solved. All this is to enable those who are inspecting us to build up a proper idea of our way of working and our knowledge of good working practices, even more so if they cannot see our facilities, our equipment and our people in person.
Making this enormous amount of information, data and documents available without adequate digital solutions is the equivalent of emptying the sea with a spoon: a huge effort to achieve a result that will never be satisfactory.
EFPIA in its “Reflection paper on optimisation of paper-based inspections”of 26 June 2019 reported that some of its member companies used a full-time resource for 5 days and another 10 experts just to prepare the pre-inspection documentation to prepare a paper-based inspection of the Japanese Authority. This shows us how enormous the effort can be to make relevant GMP data and information available to actors outside our organisation when it is not already in a digital format, which makes it easier to produce and share configurable reports.
Only when we are able to provide all the necessary information in an easy, fast and secure way, we can truly aspire to an effective Remote GMP Audit by the Authorities and by all our professional partners.
An important step in this direction will be to identify one’s own 4.0 and digitalisation strategy that leads not only to the introduction of more suitable technologies, but also to the development of new technologies.
An important step in this direction will be to identify one’s own 4.0 and digitisation strategy that will not only lead to the introduction of more suitable technologies to securely digitalise processes, data and documentation, but also support the adoption of innovative tools for sharing and communicating between all the different actors involved in remote audits and inspections. These tools (including: Internet of Things, Collaborative Platform, Virtual & Augmented Reality) should be chosen and adopted in a way that provides adequate guarantees of robustness and compliance: all this in order to create the right climate of trust to be able to successfully conduct audits and remote inspections.