Supplier Management

22 September 2012

From the Pharma Contracting and Outsourcing Conference

This past week I was invited to speak at the Contract Pharma Contracting and Outsourcing Conference in New Jersey, where I spoke on how to sell compliance to senior management.

All too often we assume that compliance is an essential requirement when choosing a critical supplier. And the yet, when cost becomes the deciding factor, compliance becomes compromised or even forgotten for the sake of the bottom line.

Given that more people are hurt each year by toilets than receive FDA warning letters or FDA-483s, the threat of FDA enforcement is hardly a credible compliance encouragement. And so I opened day two of the conference by speaking on how lean FDA compliance can:

  • save money
  • enable greater revenue and profitability
  • simplify compliance
  • and generate easy metrics to both support those results and prove effective compliance to FDA.

I was followed by Addam Reynolds, a Consumer Safety Officer with FDA's New Jersey district office who spoke on recent FDA inspectional findings and trends. Mr. Reynolds summarized a number of trends in FDA-483s, comparing the previous year to this one. I've reproduced two of his summary tables below.

FDA_Reynolds_483_Trend_Summary1

FDA_Reynolds_483_Trend_Summary2
As we looked at the data, Mr. Reynolds made several explanatory comments of what was behind the numbers.

First, many of the new investigators now with FDA are well-versed in laboratory and manufacturing operations. A number of new hires have come from those laid off by the pharma industry - an irony not lost on attendees. With increased familiarity of modern-day manufacturing and laboratory settings comes increased scrutiny. Thus the increases in citations for noncompliance with 21 CFR 211.63 and 211.160(b)(4). Mr. Reynolds noted that "Firms are either not qualifying their equipment and instruments at all, or are not doing it right."

Second,the number of citations for 21 CFR 211.68(b), controls over computerized systems, is, in Mr. Reynolds insight to FDA thinking, "really about data integrity and data security." This continues FDA's special enforcement of Part 11 as a rule governing electronic data and records integrity; an enforcement approach that was officially announced in 2010. As Mr. Reynolds noted, most Part 11-relevent 483s happen because firms continue having systems "with little to no data integrity controls."

As I've written about extensively, been interviewed on, and consulted on, Part 11 is less about validating computers per se, and more about ensuring data integrity. To that point, validation is simply a means to an end. The most recent issue of my client newsletter, SmarterCompliance #68, explains in-depth how to use data mapping as a technique to simplify and streamline Part 11 compliance.

The rest of Contract Pharma's conference featured more excellent speakers on various contracting and supplier management issues, including site selection criteria, what to do when your CMO goes bankrupt, and more. If you've not attended this two-day conference before, I encourage you to do so next September. Attendees and speakers are focused on frank conversations about overcoming real-world challenges. I'll be there speaking. I'm thinking of doing something on parallels between choosing a puppy and choosing a supplier - lessons learned and puddles cleaned.

If you're looking for more lean compliance events, check my upcoming workshops and speaking events page on my website. In the near term, I'll be speaking:

I hope you'll join me at one of these events.

 

Posted at 09:24 AM in Audits & Inspections, Event & Publication Calendar, FDA Enforcement, FDA Regulations, Lean Compliance, Regulatory Intelligence, Supplier Management | | Comments (0) | TrackBack (0)

|

23 April 2012

Lowering Product Liability Risk with Supplier Due Diligence

Earlier this year, I spoke with medical product liability expert and lawyer, Sara Dyson, now an executive with MedMarc Insurance Group. As part of March's SmarterCompliance newsletter, her interview focused on ways to reduce drug and device product liability risks through effective supplier due diligence and vendor qualification.

Some excerpts:

 

SmarterCompliance:  Does a product liability lawsuit emerge fairly quickly once the product is distributed or a clinical trial is run?

Dyson: On average, it takes about two years after the original problem for the lawsuit to materialize. This is why companies are so easily caught off guard. It’s not the most recent batch or lot that rolled off the production floor that is the subject of a lawsuit; it’s an historical lot or batch.

The lawsuit may resurrect a problem that the company has already otherwise addressed. Firms without an effective records retention schedule and policy will suffer as far too many old documents that were eligible for destruction were, instead, kept and are now available to the plaintiff to make his/her case.

 

SmarterComplianceWhat makes the discovery phase of a lawsuit so dangerous? Is it because records, data, emails, samples, and so on from at least two years ago have to be turned over to the plaintiff’s lawyers?

Dyson:  Yes. That’s why both the initial due diligence and ongoing monitoring of suppliers is so important. You want to have a good track record of documents showing your efforts to consistently evaluate and oversee your suppliers.

Additionally, too frequently, companies have not implemented document management plans or have out-of-date record retention rules, meaning that there is an abundance of documents that must be sorted through to locate relevant information. This then bogs down the discovery process and increases costs.

 

It takes about two years after the original problem for a liability lawsuit to materialize.

 

SmarterCompliance:  What are some steps – beyond looking at additional research points during initial supplier evaluation – that supplier due diligence and oversight teams need to take?

Dyson:  You may want to hire a third-party expert to show your supplier oversight team members how to review supplier oversight records to find hidden gaps and risks. For instance, a sponsor of a clinical trial run by a contract research organization (CRO) might want to hire a third party to train their clinical project managers on how to review the CRO’s qualification of various clinical sites, sort of a train-the-auditor type of session.

 

To read the rest of the interview and see all nine critical points that Ms. Dyson recommends be incorporated into your supplier management and qualification program, you'll need to subscribe to the monthly regulatory intelligence and quality system newsletter, SmarterCompliance.

You can read more ways to reduce medical products liability risks at MedMarc.

Posted at 10:17 AM in Event & Publication Calendar, Lean Compliance, Supplier Management | | Comments (0) | TrackBack (0)

|

15 August 2011

Results from Annual FDA Supplier Quality Congress

Supplier quality management is complicated enough.  Yet, too often, we shoot ourselves in the foot, making supplier qualification and oversight more complicated, more removed from business realities than necessary.  This was the common theme amongst speakers and attendees at FDAnews' third annual Supplier Quality Management Congress.

I was fortunate enought to chair the three day event, from August 9th-11th, with speakers from FDA, pharma and device firms, and suppliers to the industry. To start the conference, my friend, Dan O'Leary, and I provided a half-day workshop on practical approaches to cost-effective supplier qualification and management.  A standing-room only event, the workshop went extremely well and far too quickly, with a good mix of conversation, Q&A, and laughter.  Below are two slides excerpted from our workshop:

Cerulean's six-step supplier qualification process

Supplier qualification question

We provided attendees with a set of implementation tools in PDF, Word and Excel format:

  • Supplier quality ranking radar chart
  • Overall process map for supplier qualification
  • Sample SOP for supplier selection and qualification
  • Audit checklist
  • Base questionnaire for all suppliers
  • A more comprehensive questionnaire for more critical suppliers
  • Supplier re-evaluation form

Throughout the half-day pre-con workshop, we worked through various excercises and questions, and provided copies of multiple regulatory guidance documents as well as items used internally by FDA to train their inspectors.  The workshop was very lean compliance-minded.  We focused on how to actually implement compliant and effective vendor qualification and oversight to meet FDA, GHTF, and ICH harmonized requirements (with a little ISO thrown-in).

We also discussed differences and expectations - including cost ranges - for mock FDA audits versus more laser-focused, single process audits.  While many of us are aware of mock FDA inspections, one tactic I'm increasingly advocating as a more cost-effective, more risk-based approach for supplier oversight is critical process audits.  As I conceive of it, a critical process audit of a supplier is much like a mock FDA audit or third-party supplier qualification audit, but is ONLY focused on one or two critical processes at the supplier.  Thus, it provides the same level of third-party, independent verification, but at lower cost because it only looks at supplier processes critical to your product or compliance status.

As an example, think of a supplier such as a contract sterilizer.  Do you really need to know about their CAPA process and their training procedures?  Maybe.  But put this in the context of what you're using that supplier for - sterilization services - and the context of your business and available budget.  Is it better to spend your budget on one big mock FDA audit of a single supplier, OR spend your money on multiple audits of the critical processes that you are using multiple suppliers for?  In other words, should you spend $10K on a mock FDA audit of a contract sterilizer when, for that same $10K, you could hit five different suppliers by spending $2K to audit the contract sterilizer's sterilization processes, then another $2K on a different supplier's critical activity for you, then another $2K on a third supplier and their critical activity, and so on.

By relying on a judicious  mix of remote qualification (e.g., a supplier qualification), contractual agreements and monitoring, and laser-focused audits of the critical processes actually directly relevant to your product, you minimize your risk, meet FDA, GHTF and ICH requirements, AND maximize your funds.  It's a win for you, a win for your company (and your management team), a win for compliance, AND a win for the suppliers (because they don't need to devote multiple days to hosting your audit team).

The key is to select processes strictly on the basis of current and/or intended use of the supplier using a risk-analysis of their impact to your product (and your compliance).

Some of the other key learnings fro the conference included:

  • FDA has really stepped up its border enforcement and product holds (and such holds can be based solely upon "appearance")
  • When it comes to supplier agreements, FDA is increasingly examining the concept of "authority" - did the person approving and signing the quality agreement have the authority to commit the company and the capability to enact the terms of the agreement
  • Counterfeiting of medical devices is growing (as anticipated in Get to Market Now!, pp. 106-108)
  • Do not write into your SOPs that all suppliers will have a quality agreement as some suppliers will simply refuse (even if you are the 800-pound gorilla in the relationship) and you will then be in non-compliance with your own SOPs
  • Courts are increasingly looking at the preamble of the regulations as a means test to determine the intent behind the written regulations
  • FDA is growing increasingly frustrated with companies who hire consultants whose only qualification is that they are "ex-FDA" or "former FDA" (as one FDA safety officer noted, "Just because someone worked for FDA does not mean they are experts or that they understand current rules and expectations - how many of your former employees would you suggest someone pay as an 'expert' on your company?")
  • When dealing with virtual suppliers, your internal supplier controls are paramount
  • In any agreement with a supplier make sure you work with your legal department to define a "material breach" - is a material breach a deficiency in the supplier's quality system? Is it more than 3 days of a shipping delay? Is it a reject rate greater than 20%?
  • For any supplier qualification process and supplier management process, plan ahead to determine what documented evidence you will want to retain to prove compliance AND limit your liability
  • Make sure you understand the document retention requirements for both FDA and other associated regulations - firms need to have an FDA records retention policy, and ideally one that can also meet EU lifecycle document management expectations

Obviously, in three days' time, with a dozen different expert speakers, there was far more information and insight into compliant supplier qualification than I can cover here.  More analysis and recommendations will be in several of my regulatory intel newsletter issues later this year.

Posted at 01:23 PM in Event & Publication Calendar, FDA Intel, Lean Compliance, Supplier Management | | Comments (0) | TrackBack (0)

|

20 July 2011

FDA Strengthens Global Supplier Oversight

FDA Commissioner Hamburg has created a new FDA enforcement directorate, the Office of Global Regulatory Operations and Policy, under Deb Autor.  The goal is to strengthen FDA oversight and enforcement of global supplier controls regardless of whether the product in question is a medical device, diagnostic equipment, drug, biologic, or nutritional supplement.  As Hamburg noted in her announcement letter, "We have seen the dramatic transformation of globalization – more products, more countries, more access by consumers and companies to global supplies – and this presents an enormous challenge to FDA in ensuring the safety and quality of the products we regulate. In an ever more complex world, products and services do not fit into a single category [such as a drug or a device]."

This dovetails with what I wrote two years ago in Get to Market Now! Turn FDA Compliance in a Competitive Edge:

There should be little doubt that FDA regulations governing pharmaceuticals and biologics will look increasingly like the regulations governing medical devices and diagnostics, with an emphais on risk-based controls, quality by design, and international cooperation. ... For the drug, biologic, or device executive, experience with FDA regulations is no longer enough. ...traditional approaches to compliance-related issues, from FDA enforcement responses to the submission of applications to market a new drug or device, are increasingly out of date.  Executives who fail to adapt their 20th century philosophies to the new realities of the 21st century regulatory landscape will find the odds increasingly stacked against them (excerpted from pp. 26-29).

So what will this new FDA office look at when it comes to international supply chain enforcement in the 21st century?

According to Hamburg, the new directorate has "A mandate from me to make response to the challenges of globalization and import safety a top priority in the years to come."  Well, what does that mean in the day-to-day faced by industry?

Clues can be found in the regulatory harmonized GHTF guidance, Audits of Manufacturer Control of Suppliers. As I wrote in a regulatory analysis article, "FDA Inspectors, the GHTF & Supplier Controls," in the SmarterCompliance newsletter last year:

Firms that outsource to a CRO or a CMO should plan for the FDA inspector to spend his/her primary efforts on scrutinizing the firm's supplier selection, evaluation, qualificaiton and oversight processes.

Specifically, as part of global supplier oversight, FDA will look at how a firm conducts:

  • supplier management, oversight and re-evaluation
  • supplier selection and qualfication
  • change management of materials and suppliers
  • risk evaluation and mitigation associated with materials and suppliers
  • incoming materials inspections
  • corrective and preventative actions associated with materials and suppliers
  • supplier audits - both internal suppliers (i.e., subsidiaries) and external suppliers
  • internal quality audits and follow-up actions

Add to this the recently released draft of an ICH guideline on quality system expectations for suppliers of drug ingredients, ICH Q11 Development and Manufacture of Drug Substances, and the FDA's new membership in PIC/S, and we can easily foresee a heightened level of scrutiny on industry's qualification and oversight of their global supply chains over at least the next two years.

Next week, I'm presenting a teleconference on how to take advantage of FDA, GHTF, ICH, and PIC/S documents for inspectors to strengthen and streamline your global supplier management processes.  I'll be reviewing in detail:

  • critical FDA requirements and expectations
  • recent FDA supplier oversight enforcement actions
  • a six-step supplier qualification and oversight process compliant with FDA, GHTF, ICH and ISO
  • additional lean compliance aspects to consider

And, of course, throughout the teleconference, lots of practical tips and lessons-learned suggestions.  Attendees at the live teleconference will also receive 18 different inspector training documents with questions and points of inspector interest that can easily be adapted into your quality system's internal audits and supplier qualification audits.  Learn more and register online at:  FX Teleconferences.

Posted at 02:29 PM in FDA Intel, Supplier Management | | Comments (0) | TrackBack (0)

|

04 April 2011

FDA Focuses More on Supplier Qualification Enforcement

Compliance of suppliers, and the challenges in all stages of purchasing, product development, manufacturing, distribution, and oversight, is getting more and more focus in the eyes of the FDA just as it becomes more and more complicated.  One the hardest challenges is dealing with 10% of the supplier base:  virtual suppliers.

Reviewing FDA's warning letters from 2010 reveals that supplier qualification and the management of the supply chain is increasingly an important part of inspections. The main concerns refer to the quality of supplier qualification and oversight as the following excerpts show:

  • "Your vendor qualification has not provided adequate evidence that the supplier can consistently supply raw materials that meet appropriate quality attributes."
  • "SOP [...] requires your firm to audit your medical gas supplier every... However, your firm has not conducted audits of your supplier …"
  • "Suppliers are not monitored and regularly scrutinized to ensure ongoing reliability. Specifically, your firm has not adequately qualified the supplier of […] API. There is no assurance that the API suppliers are in compliance with CGMPs, without supplier qualification."
  • "You did not specify how you intend to document and implement such audits [of a virtual manufacturer]"

In February, the FDA announced a new secure supply chain regulatory strategy that would strengthen enforcement of supplier oversight and qualification.  Given that at least 10% of the vendors in the pharmaceutical and medical device industries are now virtual - they have no physical site that can be audited - how is the industry adapting to this new challenge?

Recognizing complexities associated with qualifying and overseeing virtual vendors, Cerulean and Elsevier have partnered to put together a 90-minute webinar course on qualifying and managing virtual suppliers:  Utilizing Virtual Suppliers on 26 April 2011.

I hope you will consider attending.

Posted at 08:32 AM in FDA Intel, Supplier Management | | Comments (0) | TrackBack (0)

|

18 March 2011

Reminder: Virtual Supplier Webinar March 22

Just a friendly reminder that Elsevier will host me speaking on the challenge of qualifying and monitoring virtual suppliers. I will provide a five-step lean compliance strategy that has worked in multiple industries, not just for pharma and device firms.

The webinar will take place this Tuesday (March 22) at 1:00 PM eastern time. More information from Elsevier follows:

In early 2010, Congress sent the FDA a letter detailing its concerns about how they were not adequately overseeing the industry’s use of suppliers. The letter particularly focused on suppliers that are "virtual" companies. These companies have no physical, brick-and-mortar facility. The suppliers who were involved in the Heparin scandal are one such example. Since that time, the FDA has increased its scrutiny of the supplier qualification processes.

Last year, John Avellanet, based on his decades of working in and with virtual suppliers, taught officials from the FDA and Health Canada the essential elements of an effective virtual supplier selection, qualification and oversight program.

Now is your chance to get a look at some of the same information that was given to FDA directors and inspectors.

You can register here.

Find details on my other upcoming FDA compliance speaking events here.

Posted at 08:07 AM in Event & Publication Calendar, Supplier Management | | Comments (0) | TrackBack (0)

|

01 October 2010

Managing Supplier Risk - Expert Training from an Industry Pro

Next week I'm presenting a webinar on how to put in place a risk-based supplier monitoring program aligned with your business strategies and capabilities.  The webinar is being hosted by Park Avenue Presentations out of New York.

As industry veterans are well aware, building and maintaining an effective supplier monitoring program has never been more challenging.  There are far more difficult times ahead for those unable to master today's complexities.  To reduce the risk of product liability lawsuits and failed FDA inspections, executives need to ensure they have a holistic, risk-based approach to supplier management.

Here's what I'm planning for the webinar:

  • What is - and is not - working when it comes to supplier management
  • Key tactics to share the compliance and quality system burden
  • Hidden dangers in how suppliers manage records you are required to retain
  • What the inspector will look for when examining your oversight
  • How to develop a documented, repeatable risk evaluation matrix for suppliers
  • And how to translate supplier risk evaluations into practical controls that match risk with return on investment

And, as an added bonus, attendees will receive a four-month trial subscription to my FDA client newsletter, full of actionable quality system tips and regulatory intelligence.

To register for the webinar, visit:  http://www.parkavenuepresentations.com/description_minimizing_suplierrisk.html

And drop me a line after you register - I'll be happy to make sure I answer any questions you have on the webinar.

Posted at 10:01 AM in Event & Publication Calendar, Lean Compliance, Supplier Management | | Comments (0) | TrackBack (0)

|

11 August 2010

The 2nd Supplier Quality Management Congress

Next Wednesday the opening session of the 2nd Annual Supplier Quality Management Congress will take place in Bethesda, Maryland.  The conference will bring together FDA officials, industry experts, quality and regulatory affairs professionals, and of course, people responsible for supplier selection and management.  It is a conference that combines the "best of" aspects of pharmaceutical and medical device supplier qualification and oversight so participants get a broad range of best practices to choose from.

Supplier management is one of the greatest challenges facing pharmaceutical and device executives.  This year marks the third anniversary of the contaminated heparin scandal that caused over 81 deaths, 800+ adverse events, and millions of dollars in liability to Baxter and other companies.  And in 2007, tainted glycerin, an inert ingredient in many over-the-counter medicines, killed at least 300 people, sickening thousands more.

At the time, the FDA urged companies to:

  1. Perform more identity and purity testing of chemicals from suppliers
  2. Map their supply chains for critical supplies (of chemicals or components)
  3. Train employees on the importance of constantly testing ingredients and components to ensure safety
  4. Undertake preventative measures to ensure they only use reliable suppliers and secure shipments

And yet, supply problems continue to bedevil the industry.  Could it be that we are attacking symptoms rather than the root causes?  What is the responsibility - morally and legally - of sponsors who try their best but are still bamboozled by unethical suppliers?  And how should companies deal with 2nd and 3rd tier suppliers?  These are all questions that attendees and speakers will attempt to address at the conference.

I'll be chairing the two-and-a-half day conference and hosting the medical device track.  And on Thursday afternoon, I'll be presenting the results of 3-month survey on trends in outsourcing oversight followed by a panel discussion.  Some highlights:

  • 3 emerging supplier oversight challenges
  • 7 dangerous trends in current quality agreement practices
  • virtual supplier qualification challenges
  • risks posed when regulatory affairs is left out of supplier management

Earlier this year, I wrote about the early results of the survey for my client newsletter, and this past month, I was interviewed on sponsor responsibilities for Pharmaceutical Technology magazine.

If you'd like to learn more about attending the Supplier Quality Management conference, visit the website at: http://www.fdanews.com/conference/detail?eventId=2919

I hope to see you there!

Posted at 09:46 AM in Event & Publication Calendar, Supplier Management | | Comments (0) | TrackBack (0)

|

02 August 2010

Do's and Don'ts of FDA Supplier Oversight

I'll be presenting a teleconference and taking your questions on Thursday, August 12th through FOI Services.

The title of my talk:  Do's and Don'ts for Selecting, Qualifying and Managing Suppliers in a Global Economy

This is very similar to the session I provided for FDA officials recently that was so well received by agency personnel.  Here's the high-level agenda:

  • top biopharma and device global business constraints
  • a solutions framework and walkthrough
  • review of SOP components
  • comparison to ISO purchasing controls

As part of the teleconference, I'll provide attendees:

  • checklist of do's and don'ts for supplier agreeements
  • supplier short-form questionnaire template
  • two case study article reprints

And, of course, attendees will receive a trial subscription to my private SmarterCompliance newsletter.  If you'd like to learn more and register, please visit http://www.foiservices.com/tc-docs/moreinfo/Aug1210.html.

Hope to hear from you on the call, and please let me know if you've signed up - drop me a line!

Posted at 02:24 PM in Event & Publication Calendar, Lean Compliance, Supplier Management | | Comments (0) | TrackBack (0)

|

My Photo

About

John Avellanet

Recent Posts

Enter your email address:

Delivered by FeedBurner

Categories

Archives

More...

Copyright Notice

  • © Cerulean Associates LLC
    All rights reserved
Subscribe to this blog's feed