drug manufacturing facility


Warning Letter: Failure to exercise sufficient controls (ucm502347)

Tags: | |

Failure to exercise sufficient controls over computerized systems to prevent unauthorized access or changes to data, and to provide adequate controls to prevent omission of data.

Our investigator found that your [redacted] system used for [redacted] and [redacted] testing lacked access controls and audit trail capabilities. For example, all employees had administrator privileges and shared one user name, so actions could not be attributed or traced to specific individuals. This exposed your electronic data to manipulation and/or deletion without traceability.

Our investigator also noted that your firm copied raw data to a CD [redacted], and then deleted the data from the [redacted] system to free space on the hard drive. Files copied to the CD were selected manually; the selection process was not supervised. Without audit trail capabilities or supervised file selection, there was no assurance that all raw data files were copied to the CD before they were permanently deleted from the system.

View the original warning letter.



Warning Letter: Failure to prevent unauthorized access or prevent omission of data (ucm501282)

Tags: | |

Failure to prevent unauthorized access or changes to data, and to provide adequate controls to prevent manipulation and omission of data.

During the inspection, an FDA investigator discovered a lack of basic laboratory controls to prevent changes to your firm’s electronically stored data and paper records. Your firm relied on incomplete records to evaluate the quality of your drugs and to determine whether your drugs conformed with established specifications and standards.

…..Specifically, your Quality Control (QC) analysts used administrator privileges and passwords to manipulate your high performance liquid chromatography (HPLC) computer clock to alter the recorded chronology of laboratory testing events.

 

View the original warning letter.