OR WAIT 15 SECS
FDA cites Yunnan Hande Bio-Tech for cGMP violations related to data collection and security.
FDA has cited a China-based API manufacturer for an inadequate quality system that “does not adequately ensure the accuracy and integrity of the data generated at your facility to support the safety, effectiveness, and quality of the drug products.”
In an April 6, 2015 warning letter, FDA detailed cGMP violations related to the manufacture of APIs at Yunnan Hande Bio-Tech Co. Ltd. of Yunnan Province, China. FDA reports that the company’s response lacked sufficient corrective action to initial observations were made during an April 14-17, 2014 inspection.
FDA reported that the company failed to prevent unauthorized access to the laboratory’s electronic raw data, specifically an infrared (IR) spectrometer. The device software lacked audit trails, and did not track the person making the change and did not provide controls to prevent the omission of data. While the company has committed to upgrading its IR software, FDA noted “ your response is inadequate because you have not specified how you will ensure the integrity of raw analytical data or maintain data before you complete your planned corrective actions and preventive actions.”
In a second violation, FDA reported that an analyst at the company failed to perform an IR test for all lots of an API as part of the quality control release; the analyst altered the file name in the spectrophotometer containing the sample identification information of an API lot to support the release of two previously manufactured lots. The response was inadequate, FDA noted, “because you did not perform a comprehensive investigation and a retrospective review to ascertain the extent of this data alteration practice.”
In addition, FDA noted that the quality unit failed to ensure that APIs manufactured at the facility are in compliance with cGMP and the company’s response did not fully address the failure of the quality unit to detect and prevent the manipulation of documents and did not provide a comprehensive plan to ensure the integrity of all data.
FDA recommended that the company hire a third-party consultant with experience in detecting data integrity problems to assist with bringing the company into compliance.