• by Signup Training

21 CFR Part 11 regulations have resulted in broadening the scope of FDA inspections thus making many organizations vulnerable to non-compliance.

The FDA has tightened its enforcement actions of late and non-compliance (especially in areas of system validation, protection of records – common citations during audits) can result in FDA Form 483s, warning letters, an injunction in the form a market recall or ban on importation /commercial distribution and so on.

Citations for non-compliance can prove very expensive as they can result in direct and indirect penalties by the FDA actions. Warning letters issued publicly can affect a company's stock value and can ultimately result in reduced revenues.

Firms should focus on three areas of compliance:

•       Validation of computer systems used through a development life cycle. This should be followed by testing within the firm’s current operating environment so as to stay in compliance with Part 11 requirements.

•       Operations carried out should be based on standard operating written procedures,

•       Product features that exist in the system software should be utilized to fulfil requirements

The Agency has made it clear to companies that:

•       They have to be fully compliant with 21 CFR Part 11 and applicable predicate regulations

•       Revenue procured during non- compliance with regulations will be considered illegal and is subject to seizure.

•       Non-compliance can also result in severe penalties

•       Various aspects like criticality of the data, type of systems used to manage the data will be considered during audits for grading the level of compliance.

•       It follows a realistic approach towards problems faced and considers that time is required for existing systems to attain full compliance with 21 CFR Part 11.

•       It will undertake a “risk-based” approach in the process of enforcing compliance to technical controls like validation, audit trails, record retention and so on.