Pharmacovigilance audits and inspections are part of the normal good PV practices obligations set forth by the EMA, FDA, MHRA and many/most other health agencies around the world. Companies are expected to do such audits on themselves, their partners, vendors, out-source companies, academic institutions, etc. They are generally done every few years and/or after significant changes to the PV systems such as after the installation of a new safety database, a merger or acquisition in which many new drugs now come under the company’s responsibility and, unfortunately, when there is a safety crisis or disaster or failure of the current PV system.
In almost all cases this is done by having PV auditing experts physically go to the company’s PV site and perform a full-fledged review of documents, procedures, face to face interviews, SOPs, operations, signaling, labeling etc. etc. These visits can take several days to weeks or even months in egregious situations. These audits and inspections usually produce reports listing the findings which are classified (in the EU) as major, minor and critical. The FDA does not use this categorization but just lists findings by number in their 483 report issued at the close of the inspection. There is more commentary in the Establishment Inspection Report (EIR) issued some weeks or months later.
As a result of these reports and findings, the company prepares a corrective action, preventive action plan (CAPA) which is usually submitted to the health agency/inspectors and put into effect. A follow-up inspection is also usually done to be sure the actions were put into place.
This is the normal flow of audits and inspections starting with a physical visit to the company.
There is another mechanism starting to come into play now by some agencies and companies and these are “remote” audits and inspections – also called virtual inspections, distant inspections, paper inspections, web inspections, telephone inspections and various other terms all of which indicate that the inspectors will NOT physically go to the company. There are clear pluses and minuses to this and they will be discussed below.
I am not aware of FDA doing formal remote inspections. They are, however, done by the EMA and European agencies in some cases. This has been detailed in various Good PV Practice documents. Module IV on PV audits discusses why PV audits are done and why they are necessary. It does not discuss remote audits here however.
Module III on PV inspections by EU health agencies does discuss physical inspections in great detail but also has a brief paragraph on remote inspections on page 7: III.B.1.7. Remote inspections
“These are pharmacovigilance inspections performed by inspectors remote from the premises of the marketing authorization holder or firms employed by the marketing authorisation holder. Communication mechanisms such as the internet or telephone may be used in the conduct of the inspection. For example, in cases where key sites for pharmacovigilance activities are located outside the EU or a third party service provider is not available at the actual inspection site, but it is feasible to arrange interviews of relevant staff and review of documentation, including the safety database, source documents and pharmacovigilance system master file, via remote access. This approach may also be taken where there are logistical challenges to an on-site inspection during exceptional circumstances (e.g. a pandemic outbreak or travel restrictions). Such approaches are taken at the discretion of the inspectors and in agreement with the body commissioning the inspection. The logistical aspects of the remote inspection should be considered following liaison with the marketing authorisation holder. Where feasible, a remote inspection may lead to a visit to the inspection site if it is considered that the remote inspection has revealed issues which require on-site inspection or if the objectives of the inspection could not be met by remote inspection.”
The EMA also issued a more detailed document on remote inspections entitled “Distant/virtualpharmacovigilance inspections of MAHs during a crisis situation- Points to consider.”This is a five page document which discusses remote PV inspections during crisis situations which they define as situations where the inspectors’ safety may be at risk such as pandemics, natural disasters, high criminality areas. In these settings a virtual or distant inspection could be done. The inspections should follow the pattern that exists for on-site inspections but need to take into consideration the limitations of not being on-site.
Much of this document states the obvious:
So, the EMA at least, allows for virtual inspections though it is clearly recognized that this is measure used only when a site visit is not feasible.
As noted above, sites which are dangerous, inaccessible etc. are good candidates for a remote inspection. However, companies are now using remote inspections to save on the resources and costs of an audit far away. If the scope of the audit is very narrow (e.g. look at a specific carefully defined issue) and if the issue is low risk, a remote audit may be considered.
Remote audits are also feasible if there is flexibility and cooperation on both sides. If the issue is complex and may lead to legal issues or other contentious problems, this may not be ideal. There should be good will on both sides. People should not sneak in to listen without identifying themselves. Recording should not be done unless formally agreed to.
There are disadvantages to doing remote audits including time zone issues (though this may be seen with on-site audits if the company or auditor need to communicate with colleagues far away or at the home office etc.). Also document control and scribing (note taking) can be a challenge. Perhaps the biggest disadvantage is the inability of the auditor and interviewee to not be able to see each other and how they react (e.g. body language). The auditor often can get a good idea of how well things are under control at a site by looking at the neatness of offices and cubbies, the presence of “cheat sheets” when the SOPs are too complex, etc.
I have been involved in several of these over the years and, in general, they have not been very satisfactory. Efficiency is quite low, logistics are hard and complex. Webex presentations sometimes work and sometimes don’t. It is often not possible to demonstrate the safety database in real time. This is a major problem as the PV computer system(s) are often the critical part of the operation of a PV group. If there are multiple partners, vendors, PV offices the audit can become chaotic. Such remote audits usually lead to later, classic, on-site audits.
So consider a remote audit if the travel is problematic or if the issues to be reviewed are narrow (e.g. are our SOPs compliant with EU requirements?). If the number of people and documents involved is small this may be feasible. I’ve also seen remote audits done as due diligence looking at either CROs or before mergers and acquisitions where there are time or money constraints. Although I’ve seen this, I think this is dangerous as a company policy. Due diligence should be due diligence with a site visit and a careful review with the people who will now be playing a major role in drug safety for you.
See also the excellent summary article: Role of Remote Auditing in Maintaining Effective Pharmacovigilance System Oversight by Tanner and Sever