PV Audits and Inspections: 5 pressure points to watch out for
Nobody looks forward to audits and inspections. But they are essential for the evolution of your PV department. They sniff out risks or imperfections in your workflow. They help you reach a higher compliance status and learn more about your system. Everyone in PV strives for a flawless audit and inspection result, as that is a crowning signal of their quality.
PV is all about looking for ways to perfect every little wheel in the complex clockwork mechanism of monitoring and reporting. We hold each delicate detail of our job to high standards. And to keep up to these standards, we have to put our records and workflows under scrutiny – both internal and external.
On the other hand, audits and inspections are a colossal obligation that can become difficult to carry out. Dancing to the tune of regulations, you can’t miss any step. Even when the rhythm gets too intense to handle, you just have to keep up.
And the best way to do so is to keep everything organized, to the last letter. It makes your work processes more efficient, your staff more informed and preparation for an audit so much easier.
The steps of an audit or inspection
External audits have a looser timeline. If you’re a CRO, clients tend to give even more time to prepare for audits, up to half a year to get everything done.
Along with the notice, agencies and clients include an agenda. This document is the blueprint for your preparation. It will show you the client’s or agency’s interests and the main points you need to polish off before their visit.
However, it’s never enough to stick with the points written down on the agenda. You have to ensure all files and processes linked to the ones highlighted in the agenda are also pitch-perfect, just in case the audit sets out in a direction that could uncover related findings.
Looking outside of the agenda can also point to the deeper roots of imperfections, ones that become visible only when analyzing the broader picture.
Preparing for an audit or inspection
As preparation is the factor over which you have complete influence and control, it’s the one you should put a special focus on.
An audit’s or inspection’s scrutiny and focus depend on their duration, the professional conducting the process, the status of your company and the level of your preparation.
So, for the advancement of your audit success and your company as a whole, here are the main things you should focus on when authorities invite themselves to your PV department.
The vital points you need to get straight
1. Crisp clear records of literature screenings
Literature screening is a crucial part of pharmacovigilance. It’s the root of all your reports. The information you extract during this process is a building block of our collective knowledge about a medicine or substance.
Mistakes or wrong steps in literature screening have a broader impact than it may seem at first. And audits and inspections make sure there are none.
Your literature screening records make up an overwhelming amount of different information that keep swelling with every coming week. And this constant growth makes keeping your literature screenings nice, detailed, and tidy really important. Well-structured and organized records are the only way you can go back and consult all relevant findings without needless digging.
When conceiving Sympto®, one of our guiding ideas was to shape a system that makes juggling through all your findings quick and effortless.
Sympto’s Literature module keeps a structured set of data for each conducted literature search. You don’t have to consult spreadsheets upon spreadsheets just to make sure you’ve got everything you need. You can easily access both relevant and irrelevant findings thanks to numerous filter and search options. All findings are linked to cases, which means you can extract all literature related to a case in just a click. You can attach links, documents, or any other media within the finding, making it easy to trace all your literature records even after a long time. These attachments serve as a useful fallback if the link to the original article gets broken.
In the Activity report module, you can export your complete literature screening activities of a specific user, in a certain period, for a single client (complete with comments and attachments).
Organizing findings becomes even more punctual and faster. And everything is transparent to you, your clients, and the authorities, as every little change is recorded along with the time it was made and the user that made it. Just investigate Sympto’s history for a clear overview. We made sure that every feature adds to the quality and efficiency of literature screening workflows and keeps a thorough audit trail you can access in no time.
To read more tips and tricks that make literature screening effortless, take a look at our articles on recognizing relevant literature, screening PubMed or other databases.
2. Complete tracking of every user’s activity
When an agency or client announces that an inspector or auditor will be paying you a visit, you have to be able to pull out clear records of your employees’ activities. In other words, each member of your PV team has to make sure the whole lifecycle of their activities is logged and accounted for.
It’s important to instill the significance of tracking their work in the members of your PV team. That every change, every little letter written in the system counts once they’re put under an auditor’s magnifying glass. And if they are not careful with their tracking, the whole unit can be affected.
Detailed activity records are each individual’s responsibility. But this responsibility also lies on the head of the department. As the team’s leader, they are accountable for every link in the chain. And they have to know what their employees are doing, or not doing, at any point in time.
However, the bigger the company, the more branched out it is, the harder it becomes to keep all records clear and tidy. It becomes clumsy to pull out information from 15 or more different spreadsheets that may or may not be prone to human error. And it can take a while to establish a record-keeping system that is intuitive to all users.
That’s what Sympto’s Activity report module is for. In one simple action, you can get everything a single user has done during a specific period. With a click, Sympto® composes a transparent overview of every task and action taken to fulfill a project.
Sounds great. So, how does this module work, exactly?
At every moment, Sympto® records every little change, addition, and deletion in the system. When an agency announces an inspection, they ask for a list of everything you’ve done during a specified time. In Sympto®, you can simply define a period and the system will extract everything done from point A to B – in one, single document. In a way, the Activity Report serves as a mini-audit. There’s no hiding or tampering. The Activity Report gives the information as is. And there’s no risk of human error. It just makes every PV process more efficient, and its quality higher.
Sympto’s Activity report is equally good for CROs and pharma companies, as it’s a great way of accurately tracking activities of all employees. For pharma companies, the Activity report is important for agencies, while CROs can use them for communication with their clients.
3. Securing your data in the best way
In order to gain complete control over your data, you have to secure it properly. The information we deal with is extremely sensitive and personal, making data security paramount. It’s no surprise that audits and inspections tend to give special attention to the measures you’ve taken to ensure safety in all steps of your protocols.
For PV professionals, keeping up with safety regulations is the most important factor of all. We have to stay informed about everything relevant that can be the capable authorities’ issues, about all changes in regulations.
Not only is it essential to have your whole PV team follow up on these developments, but also that the tools you use for reporting are up to date with them. We make sure Sympto® is in tune with these changes and adjust all its features according to shifts prescribed by EMA, FDA, UMC, PRAC, or any other capable authorities. We make sure your version of Sympto® is compliant with the latest regulations and update it whenever needed – free of charge.
You never know what might happen. That’s why you need to have a fallback in the worst-case scenario. Back up your files. Have a backup for your backup. Keep it organized, detailed, and up to date. There’s no greater nightmare than data getting lost or corrupted.
Sympto’s backup is tailored to your needs and preferences. We can arrange backup on a daily basis, or more frequently if required. You choose the level of security you need.
The database you use for storing findings should encrypt data to keep it safe. Encrypted data cannot be opened and read by just anyone. Added encryption layers let you sleep at night without worrying about breaches. Make sure all your data is properly encoded when preparing for an audit.
Sympto® encrypts data and runs protocols to protect data traffic. To learn more about them, feel free to contact us.
In pharmacovigilance, there’s no such thing as too much caution. That’s why putting redundant protocols in place greatly helps overall security. They make sure nothing is ever lost and that you have a fallback if something major happens to your system.
Make sure your staff and system can successfully uphold these protocols. The level of care and control over these systems are as equally important as the level of their functioning quality. Both can impact the evaluation of your overall security during a closer inspection.
The location of your server also affects your level of security. PV software can have servers either on-site or on a cloud. Some solutions, like Sympto®, can have both of those two options.
Clouds are excellent for storing data. However, the safety of a cloud has to be certified. Certified cloud providers possess a better edge to deal with potential risks. Also, you have to ensure that the cloud’s technology follows the latest best practice guidelines.
The geographical location of the server also influences security. If you choose a server located within the EU, it will be obliged to fulfill all EU security standards by default, and that’s a worry less for you when dealing with EMA’s requirements. Sympto’s server is located within the EU, in Germany, making it compliant with the latest safety and GDPR regulations. To be completely sure, you can have the database in two different geographical locations, for example one running in Germany and the other in Ireland or anywhere else you choose. It’s all up to you.
4. Conducting compliant validation
PV today relies on even more tools and software developed to assist professionals. Our digital assistants help make our workflow smoother and more efficient. Some tasks take an extensive amount of time to finish, if done manually. Since time is valuable, it’s great to have tools that let you focus on the work that requires more concentration and energy.
However, technology will never be able to replace the professional using it. No matter how sleek these new processes and automation become, they will always be a means to an end, but never the end itself. The expert knowledge and judgment of an individual will always be the basis of our field, no matter how far we advance the technology of our field.
And this technology will always have to be monitored. Very closely.
Validation documents are necessary to ensure proper functioning of PV systems. They make sure that the technology you use is without any blemishes or setbacks. That its processes are all up to date with the latest regulations and that the PV professionals can rely on them in their day-to-day work.
Validation papers have to be pitch perfect. They are proof to you and to all authorities that your tools genuinely help you achieve the best possible level of professionalism.
Validation consists of specific documents. They are primarily plans, user requirements, functional testing of the system, and final documents that describe the process and outcome of this testing as well as plan realization.
You have to put a special focus on the terms you use when composing validation papers. Just like in ADR reporting, everything has to be clear-cut and well-defined. An auditor or inspector should be able to retrieve comprehensive and grounded data from them without a sweat.
We believe that validation is a crucial part of our practice. It’s vital to follow every rule by the letter and fulfill all validation requirements with the highest attention and quality possible.
That’s why we made sure that everything that happens in the system, stays recorded in the system.
Sympto® tracks every step of the validation process. Every change made in the database is saved and clearly noted in Sympto’s archive. The creation and the process of constructing the database is wholly traced and recorded, making it easy to renew your validation.
Sympto® is compliant with CFR, GCP, GAMP and all security measures required by competent authorities. And we provide you with detailed and verified documents that prove the system is compliant with all prescribed requirements.
Whenever possible, strive to make your validation papers airtight, and you will encounter fewer problems when preparing for an audit or inspection.
5. Keeping the system valid through changes and upgrades
Once the validation process is finished, our job is not over. We have to make sure to keep the system valid all through its use. Ensuring that the system stays valid even after implementation and validation is an especially demanding job. All changes have to be conducted in controlled conditions. Standard procedures prescribe the steps for the successful control of changes in Sympto®, so our solutions can stay valid all through our work.
If necessary, we revalidate processes that need changing. If we keep the system validated by the book, then we can conduct revalidation after a year, without having to do the validation process all over again. We pull-out necessary documents, create a list of everything we did and use these documents as revalidation documents.
All new regulatory requirements call for changes in the system. We are continually working on improving our existing solutions. All these changes have to be implemented in the system. And we implement them, without charge.
Any time a change is made, our process goes as follows:
- Change Management
- Periodic Review
- Continuity Planning
- System Security
- Records Management
The user has insight into each part of the validation papers. They can also repeat the validation of our solution for their own purposes. If that’s the case, we provide all necessary documentation for testing and review.
Audits and inspections are an inevitable part of our field that keep the whole system healthy. Although intimidating, they exist to improve our skills and processes, making us safer and smarter in the long run. Stay positive and think of them as the immune antibodies of pharmacovigilance. Besides, everyone feels pressure when they are undergoing an audit. So just remember, you are not alone.
No one’s perfect. But we all strive to be.
Any findings in audits or inspections must be taken as a lesson and implemented to fix workflows. And by using a software you can trust alongside staying cautious of the critical points in your system, you can smooth out any wrinkles during the preparation stage before an audit or inspection.
Want to know more about this topic or about Sympto®?
We invite you to connect with us to make your audits and inspections easier.
© 2022 Marti Farm Ltd. All rights reserved.
No part of this publication may be reproduced or transmitted in any form or for any purpose without the express permission of Marti Farm.
The information contained herein may be changed without prior notice. Some software products marketed by Marti Farm contain proprietary software components of other software vendors.
National product specifications may vary.
These materials are provided by Marti Farm for informational purposes only, without representation or warranty of any kind, and Marti Farm shall not be liable for errors or omissions with respect to the materials. The only warranties for Marti Farm products and services are those that are set forth in the express warranty statements accompanying such products and services, if any. Nothing herein should be construed as constituting an additional warranty.
In particular, Marti Farm have no obligation to pursue any course of business outlined in this document or any related presentation, or to develop or release any functionality mentioned therein. This document, or any related presentation, and Marti Farm’s strategy and possible future developments, products, and/or platform directions and functionality are all subject to change and may be changed by Marti Farm at any time for any reason without notice. The information in this document is not a commitment, promise, or legal obligation to deliver any material, code, or functionality. All forward-looking statements are subject to various risks and uncertainties that could cause actual results to differ materially from expectations. Readers are cautioned not to place undue reliance on these forward-looking statements, and they should not be relied upon in making purchasing decisions.
Marti Farm products and services mentioned herein as well as their respective logos are trademarks or registered trademarks of Marti Farm in Croatia and other countries. All other product and service names mentioned are the trademarks of their respective companies.