Continuous conformity

Regardless of whether a company manufactures artificial heart valves (ISO 13489), produces a drug (GMP), collects preclinical data (GLP) or determines laboratory values from medical or environmental tests (ISO 15189 or 17025) - it is accompanied by legal and industrial requirements. The care of the patient or consumer is in the foreground.

The fear of overregulation

The premise sounds surprisingly simple. Companies comply with legal and industry quality management standards, monitor and improve their processes, and demonstrate the functionality and effectiveness of their quality system in regular inspections by authorized authorities. The end result is a patient who can trust this control system.

We could all be that patient. But we all also know that every system has its weak points, which are due to cost reduction or minimalism. The establishment of control mechanisms to identify potential sources of error is therefore one of the overarching requirements of the relevant regulations. Nevertheless, companies often shy away from implementing continuous improvement measures. The fear of becoming incapable of action due to overregulation is too great. Often, improvement measures are only taken when the next monitoring audit is announced. With a large expenditure of resources, personnel and often also financially, the omissions of the last time are to be made up for as quickly as possible. Such a procedure costs money and nerves and involves risks. Processes that have been introduced carelessly are often inefficient and ineffective. As a consequence, the acceptance of the quality management system in the workforce decreases.

If, during a surveillance inspection, the company is found to have major to serious deficiencies in conformity with the relevant directives and standards due to inadequate measures, this can lead to anything from suspension to withdrawal of the certificate of conformity or accreditation.

Nevertheless, there is a great reluctance to deal with continuous conformity systems.

Continuous compliance systems require good planning

Quality assurance is an integral part of quality management systems and thus a tool in the management system of any laboratory or company. Nevertheless, quality assurance is repeatedly seen as the antithesis of the productive process rather than as a management tool. Some budget managers like to make maintaining conformity a stumbling block for the productive process; in many cases, however, the internal processes were inefficient from the very beginning.

The following example illustrates how an investment backlog in the area of compliance can paralyze a company. Since 2014, the area of pharmaceutical IT compliance has developed dynamically. This has resulted, for example, in demands for the control of electronic data as well as the risk assessment of influences on data integrity. The potential consequence for patient safety can be drastic, especially here. Electronic data are based on changeable and therefore manipulable data sets. At the beginning of this development phase, despite the use of computer-based systems, it was still possible to argue for working with raw paper data as the primary documentation medium. In this way, for example, the topic of "audit trail" could only be touched upon in terms of documentation. In 2018, our team was presented with this argument again by a company as part of a mock audit in the run-up to an inspection. In the course of this audit, we found that no internal measures had been taken for years to maintain IT compliance and that, among other things, the topics of change control, CAPA (Corrective and Preventive Actions) and risk assessment had been treated stepmotherly. A scheme to give companies time to integrate the handling of raw electronic data into their workflows had been misused as a justification for halting innovation. What took place in the months leading up to the inspection can be summarised under the umbrella term "unwinding the regulatory innovation backlog ". The financial expenditure increased considerably during this period. A continuous adaptation of the processes to changed regulatory requirements over the last few years could have been carried out mainly with internal resources. In the end, the inspection was passed with flying colors - we hope that the business effort of the task force actions was stored under "lessons learned".

Improvements and innovations always mean additional work in the short term. This can be integrated into ongoing work processes through the targeted use of project management tools. It is important that participation in the improvement process is part of the routine work of every employee. In this way, innovations are no longer perceived as a burden, but as a positive contribution to the future of the company. This requires an open and uninhibited communication structure. A central role is played here by the company management and the quality assurance staff. Employees must be actively involved in the design of the quality management system in order to benefit from their detailed knowledge and to ensure feasibility. Among other things, this can prevent overregulation and thus the fear of improvement processes. However, this presupposes a certain basic attitude on the part of all those involved. Depending on the company, an operational cultural change may be necessary. Without the will of the management to implement it, it will not work.

Regulatory monitoring as part of the process

Regardless of the quality management system, consistent adherence to this procedure offers the possibility of keeping the time required for improvement measures manageable in the long term. Routine shortens the preparation phase for each new project. This saves time, resources and costs. The effort of examining the system for weaknesses prior to official inspections is reduced and, in the best case, eliminated altogether. The overall monitoring process is then no longer a break, but just another link in the continuous compliance process.