Mr Rajiv Joshi, partner, Fraud Investigation & Dispute Services, Ernst & Young.
Q: Please tell us in brief about the major insights from the recent EY report on data frauds? Are Indian firms among most affected?
EY's Fraud Investigation & Dispute Services team recently conducted a survey on ‘Analysing the state of Data Integrity Compliance in the Indian Pharmaceutical Industry'. Some of the highlights of the survey are, 30 percent of respondents' received inspectional observations by global regulators in the last three years; 57 percent of the employees agreed to have seen work pressure on the manufacturing personnel to meet KPIs; 28 percent of respondents indicated that their organisations did not have a whistle blowing mechanism in place; 18 percent do not have adequately staffed Quality Assurance to witness and review the manufacturing and testing of all the products independently; 72 percent users in the Quality Control (QC) department have IT administration rights for laboratory systems such as HPLC, GC, etc., (This enables QC personnel to create, delete or modify data at their discretion) and 25 percent were unaware of the 21 Code Federal Regulation (CFR) Part 11 standards prescribed by the US FDA. I am sure such issues are present outside India as well.
Q: Why does data integrity remain a challenge even now for the drug discovery companies? Is the GMP compliance really so tough or there are other factors involved?
Nothing is tough or impossible; and challenges faced by the pharmaceutical sector are not unsurmountable. However, one issue seen when conducting data integrity reviews is the lack of understanding among people at the ground level. While companies often have extensive training programs, measuring the efficacy of those trainings is often missed. For example, did the machine operator (local language specialist) clearly understand the training consultant (an English speaking, a former regulatory inspector) about the importance of equipment validation? How well did he comprehend the concept and the requirement?
It is important to bring in a cultural and monitoring change which emphasizes on quality and compliance. It should also remind the sector about the presence of proactive periodical data integrity reviews, which like an industry watchdog can detect any data integrity issues.
Q: What can be the possible solutions? Has technology yet not been able to create effective tools to tackle this issue?