Quality Systems and Compliance

The U.S. Food and Drug Administration (FDA), other countries’ equivalent agencies to the FDA, and Notified Bodies, regulate pharmaceutical and medical device companies and their products, including drug / device “combination” products. They oversee every aspect of your product’s life cycle from initial design concept through manufacturing, distribution, and post-market activities as well as your company’s quality systems and documentation. That’s why bringing seasoned experts onboard to assist and guide you through each aspect of these requirements is critical from day one.

Addressing Needs and Challenges

While the journey from concept to market varies,the roadblocks, detours and hazards mostly fall into these three broad categories:

• Compliance structure: Depending on the product’s type, classification, and risk factors, getting authorization for new or updated products can be a long and drawn-out process. Having a complete and accurate compliance structure in place can shave off weeks, months, or even years.
• Evidence of compliance: Equally important, companies need to be able to present objective evidence — proof — of compliance every step of the way. Setting up complete and reliable compliance systems including all required documentation will dramatically save your company time, effort, and money.
• Ever-changing regulations: We tend to see government agencies as slow and plodding. While they certainly can be, the regulations, guidelines, and priorities can shift and change at a dizzying pace. A strategic partner with a deep industry background can see how these agencies will interpret what they find and see what’s on the horizon and ensure that you’re prepared for what the future brings.

Granite GRC’s Quality Systems and Compliance practice group works with clients to ensure compliance every step of the way from initial concept through design and development; clinical trials, manufacturing, packaging, labeling, marketing, distribution, and post distribution activities. We strive to ensure that safe andeffective products get authorized (approved / cleared) and make it to market.

Regulatory Compliance Is Complicated

Companies often take different approaches towards regulatory compliance based on their specific needs and product types, however too often, companies misinterpret the requirements, how they need to be implemented, and what objective evidence is required.

Here are just three examples of common, and wholly avoidable obstacles to getting and maintaining regulatory compliant products and processes.

• Impatience with requirements: Some companies regard regulations and documentation requirements as a nuisance — and granted, they can be complex and time-consuming. But attempting to find a loophole that exempts your company from a requirement very often backfires. Why? Because regulatory bodies are the ones who determine what’s required by the regulations. “You’re rarely going to win that argument,” warns Granite GRC’s Director, Quality Systems and Compliance Practice Group Lead Ken Geskes.
• Having just one person or department “own” compliance: A common mistake made by companies is to call upon a single person or department to “own” compliance, so when things go wrong, it is that person’s or department’s fault. What’s wrong with this approach? Regulations affect every part of the process from top management down to the manufacturing floor, so it’s best to take a more holistic approach. Everyone involved is responsible for compliance and needs to be trained to shoulder compliance responsibilities and perform the procedures necessary to satisfy requirements.
• Assuming the regulators won’t look at outside suppliers and distributors: Regulatory terminology can often trip even the companies up, especially when dealing with overseas suppliers. While regulators rarely audit supplier and distributor partners, they have the power to do so, and may do it when they have concerns about a company properly doing it. Every company must ensure that suppliers are aware of and compliant with all applicable regulations. Even product and system software developers can be subject to this scrutiny.

We help you identify, address, and avoid these pitfalls.

Client Relationships

Addressing potential issues proactively, Granite GRC’s Quality Systems and Compliance Practice Group partners with companies to reduce or eliminate the likelihood of compliance issues. Companies can’t address gaps in compliance unless they know what they are, of course. That’s why Granite GRC is fully qualified to conduct detailed audits of a company’s compliance systems, documentation, and organizational structure to determine the level of regulatory risk exposure. Granite GRC’s experts have a successful track record for being proactive. Companies have benefited from the approach we take, which ensures:

• Employees understand the “why”, not just the “what” of regulatory requirements.
• Companies understand the benefits of beingproactive vs. reactive from a financial, legal and reputation perspective.

Telling a company what it wants to hear won’t solve your problems. If any concerns exist, we’ll let you know about them immediately, including the suspected or confirmed reasons underlying those concerns. Identifying and addressing potential issues proactively is always more cost-effective than reacting to them after the fact, in terms of time, effort, and bottom-line dollars.

Whether your company engages Granite GRC as a supplement to your compliance staff, to craft procedures and protocols, or, if necessary, to lead all required compliance activity, we can help you do the following:

• Develop an understanding of applicable regulatory requirements by understanding when, how, and why they apply.
• Define commonly used — and commonly misused — terms related to compliance, so they align with how regulatory agencies interpret them.
• Learn the importance of objective evidence and documentation. Simply telling the FDA that you did something is not sufficient.
• Grasp the underlying need and benefits of taking proactive measures toward regulatory compliance. Preventing product and/or process problems instead of reacting to those problems is beneficial from compliance, market reputation, and financial perspectives.
• Understand that executive and middle management must take ownership of compliance.

Granite GRC strives to build an open, honest, respectful, and collaborative relationship with clients large and small. We want to help every client realize that regulatory compliance doesn’t operate in a world of “shoulds” — effective compliance is always a must for companies that want to take safe and effective products to market successfully.

Our Success Stories

Granite GRC advises life science companies on activities for the remediation of existing compliance gaps, as well as activities to prevent potential future compliance gaps.

Granite GRC’s consultants can assist and advise companies throughout audits being performed by the FDA, other countries’ equivalent agencies to the FDA, and Notified Bodies.

Granite GRC professionals have a history of performing assessments of life science companies’ compliance to FDA regulatory requirements. These range in scope from focused assessments of single regulatory elements to full assessments of full systems. This includes initial product design concept through post-market activities.

Examples include:

• Full and/or focused Quality System assessments to identify:
  – Nonconforming system / documentation issues so corrective and / or preventive actions can take place.
  – Opportunities for improvement to help avoid confusion and potential observations when FDA or notified bodies audit.
• Root causes, corrections, corrective actions, and preventive actions to address concerns raised by FDA or notified bodies.