The following is a redacted transcript of a live conference call question and answer session conducted on 16 March 2018 with a leading investment advisory firm interested in the Akorn v. Fresenius merger litigation. Jack Garvey, CEO of Compliance Architects LLC, provides background knowledge and information on FDA data integrity and compliance policies relevant to the litigation.

The dialogue was redacted for confidentiality purposes. Headings are added for convenience.

INTRODUCTIONS & CALL BACKGROUND

[REDACTED]: Thanks, Operator. Good morning, everyone. Thanks for joining us today to discuss the FDA’s data integrity and compliance policies related to the recently completed Fresenius investigation of Akorn’s alleged breaches of these policies. I’m the host, [REDACTED], and on the line with me, right next to me, is [REDACTED] covering Akorn and other generics manufacturers, Valeant, Teva, Allergan, et cetera.

Our expert today is Jack Garvey, founder and Chief Executive Officer of Compliance Architects – a leading consulting and advisory firm specializing in quality and compliance solutions for FDA-regulated manufacturers. Jack will go through his background a bit, but I’ll say he’s both a chemical engineer and an attorney. He has more than 30 years of experience in the field.

So [REDACTED] and I had a call earlier this week with Jack, which we found very helpful. It was kind of the genesis of this conference call today. The goal is for Jack to help us dive deeper into the potential issues raised by Akorn v Fresenius.

We’ll do the call Q&A after some initially prepared questions. We’ve left time for your questions at the end. Before we start with Jack, maybe [REDACTED] can give us an overview of where we are.

[REDACTED]:  Thanks, [REDACTED]. So again, I’m [REDACTED], a specialty pharmaceuticals analyst at [REDACTED]. I cover brand and generic manufacturers, but I am talking about FDA regulations and data integrity enforcement today. It’s an issue that companies undoubtedly deal with daily but generally doesn’t rise to an investable point in our space.

Some of the examples that have been in the past have been quite severe. We now have an almost year-long pending merger, and then a surprise announcement a couple of weeks ago at the end of February by the applier Fresenius that it was investigating information from an anonymous source. They’re raising issues of data integrity in Akorn’s product development. It’s certainly raised the specter of what could be a severe issue.

But also in the context of a merger where I think it’s widely viewed that they overpaid relative to deteriorating performance in Akorn’s business. Perhaps this is also a negotiating tactic. The call aims to get Jack’s expertise on the range of issues data integrity can encompass. What are the FDA’s enforcement options, and maybe to help gauge more of the risk side of the equation?

With that, maybe we’ll get started on some questions.

BACKGROUND:  JACK GARVEY, FOUNDER & CEO, COMPLIANCE ARCHITECTS LLC

[REDACTED]: Yeah, just before that, Jack, we have your bio, but maybe just in a couple of minutes, you can talk about your experience and all you’ve done in the field so people know where you’re coming from with this.

JACK GARVEY: Sure, thank you for that—well, good morning, everybody, and possibly good afternoon and evening. I’m Jack Garvey; I won’t take long to expand on my background. I am a chemical engineer and an attorney.

I’ve spent virtually my entire career in FDA-regulated companies, primarily with pharmaceutical and medical device firms. I’ve worked for large companies, BASF Corporation Ciba-Geigy, before its merger into Novartis and Johnson and Johnson.

I’ve been in various roles: legal, regulatory, quality, and operations. I consider myself an expert in pharmaceutical and medical device-regulated manufacturing — good manufacturing practices — and the FDA’s regulatory frameworks and their expectations for manufacturers.

Specifically, concerning data integrity, I’ve done data integrity going back into the mid-2000s, where I was responsible for a project at another firm in the generics industry that was hampered by failures of data integrity by a third-party bioanalytical lab that put many generic ANDAs in jeopardy. As part of this project, we managed multiple tasks to deep dive into the data sets to remediate the data.

Compliance Architects has also done some data integrity remediation for pharmaceutical companies. I’m a writer on the topic and most recently have spoken at several conferences, including the Food and Drug Law Institute. I said at the FDLI Enforcement Conference in December, moderating a panel on data integrity. Also, two days ago, I moderated a webinar panel – a redo of our in-person discussion – with two of the FDA’s leading data integrity experts.

I think I have a pretty good bead on most aspects surrounding the topic of data integrity. This is a broad space, so I don’t know everything for sure, but I think I can give you essential insights into some of the questions you have related to this topic.

A couple of quick disclaimers. I am an attorney; however, this should not be construed as legal advice. It’s a general information discussion and does not create any attorney-client relationship. I have to say that.

The argument is for available information only, and listeners are not to rely on the news for investment purposes. Importantly, I have no independent personal knowledge of the facts in question. All the information I base my comments on has been derived from public sources.

Finally, the comments I will provide are based on general knowledge of the FDA-regulated industry and what could hypothetically occur based on different scenarios. None of these scenarios implies that this is what has, did, or will happen. So, I’m open to questions or how you’d like to start the discussion.

WHAT IS DATA INTEGRITY?

[REDACTED]: Sure, thanks Jack. Maybe [REDACTED] and I will start and open it up, but we’ve got a bunch of stuff here. So perhaps just a first one, what is a data integrity violation? How do you define that? Does it cover a wide range of issues? Can you frame it for us?

JACK GARVEY: Sure. Data integrity is a concept. It’s not a directly measurable thing. It’s a concept that characterizes several aspects of information, not just data as you’d think, numbers, but data and information.

It could be the recordation of somebody’s name or the recordation of an activity that occurred. All that is considered data in the context of data integrity.

The characteristics of data integrity include — and the DA has a specific term for it, they call it ALCOA – but it is the characterization of the reliability, credibility, validity, authenticity, and trustworthiness of a state of data.

The FDA’s ALCOA acronym is based on the following characteristics:   A -Attribution, meaning can the data be directly attributable to a distinct person or act? L – Legible, well, simple, is it legible, readable, decipherable, etc.? C – Is it contemporaneous?

Was the data recorded contemporaneous with when the data was created? If you register data, write it on the back of an envelope, and record it three days later, that’s a data integrity issue.

O – Is it original? The agency is looking for actual data. And then finally, A – Accurate. Is the data accurate?

So, A-L-C-O-A is a term used regularly and is expected for data by the FDA.

[REDACTED]: Got it, got it. Several years ago, some issues with Ranbaxy caused import alerts and, ultimately, a change in the company’s ownership. Thinking back more than a decade now, Able Labs went from about zero to a billion in value quickly; after data integrity issues surfaced, they were sold off for zero quickly.

Are data integrity issues always that serious? Or what’s the range? Is there such a thing as a non-serious data integrity issue?

JACK GARVEY: I don’t know if I’d want to say there’s a non-serious data integrity issue, but there is indeed, like most things in this field, a spectrum of significance. The importance of data integrity is that the FDA, in its public health mission, has to rely on the information generated by companies to assess companies’ compliance with their regulations and expectations of the data and information supporting product safety and efficacy. They can’t rely on data if it’s not valid, right?

Think about it as a kind of thumbs-up, thumbs-down. They can’t do their job without looking at the information as a thumbs-down. So, all data integrity is essential, but there is a scale, a spectrum of significance, and I would say it has two different aspects.

One is that the closer you get to the product and the patient — meaning how the product is built and the characterization of that product through, let’s say, laboratory analytical data or data that ties into whether the product works or is safe — the closer you get to that, the more significant it would be to the FDA because it’s tied more closely to public health.

If you have data integrity issues, let’s say, concerning the development of a document or procedure that may be two or more steps away from the end product quality, yeah, it’s not that significant. Still, it is problematic because it tends to indicate sloppiness and a lack of control, which is a pervasive problem.

The second aspect is the FDA certainly understands that manufacturing is inherently tricky, and there’s a lot of complexity around regulating manufacturing. And companies do make mistakes. So those things that are unintentional, certainly unintentional on a smaller scale, are things the agency understands more. I would term them not as significant as if you get into broad swaths of negligence, poor conduct, or lack of control.

Then, you have the issue of crossing the line into fraud. You mentioned Able Laboratories or Ranbaxy, which I would call rare circumstances of companies that get into fraudulent conduct, although any frequency is too much.

They intentionally created data that was inaccurate and not representative of their activities. As you can imagine, the FDA doesn’t take too kindly to that. Those are certainly what I would consider the most egregious type of conduct.

DATA INTEGRITY AND FDA ENFORCEMENT

[REDACTED]: Are there any other examples you’ve seen from public information that you would say are good examples of either run-of-the-mill conduct or otherwise illustrative to share here?

JACK GARVEY: Illustrative is hard. I see many different companies in this work, which is a struggle for most companies. Again, I think the indicator for the agency is how willing the company is to self-identify — or also when identified by them or a third party — to fix things.

So, this is a problematic area when you think about the overall scope and scale of regulated manufacturing, distribution, production operations, and research operations. Every single entry and every single piece of documentation must have those attributes. It’s a high bar.

On the other hand, if the companies do what they can and should do relative to this, it essentially becomes just standard practice. From a numbers perspective, since 2014, at least 108 companies have received warning letters from the FDA that included data integrity observations.

Not all those rise to this level of significance where it’s involved in a merger that jeopardizes it. Not all those warning letters had life-expectation impacts. Out of those, about 15 to 16 involved a severe warning letter that was sent to them that required an in-depth, broader remediation plan. And if 108 companies had a warning letter, many more got 483s.

This is not rare, unfortunately. Many companies are dealing with it, and firms like mine are being paid to help remediate these complex internal processes and get these practices up to snuff.

[REDACTED]: In your experience, how do these things typically come to light? You mentioned self-identification. FDA inspections, at least as told by the companies in Akorn v Fresenius, were an anonymous source. Any sense of what to balance – how are these identified?

JACK GARVEY: Yeah, how does this occur? Often, it’s identified by the FDA. In my experience, companies generally think they are far better than they are concerning compliance and data integrity. I mean, it’s really that simple.

This is, again, a complicated area, and FDA compliance is something that’s always what I would call an aspirational objective. It’s never 100% finished and always a work in progress. And many companies don’t take it as seriously as they should.

For somebody like me who’s been doing this a long time, these things aren’t hard to find, and they aren’t hard to root out. A lot of pressure is put on the Quality organization, which is the responsible party for ensuring data integrity controls are put in place. But they’re often pressured by finance to hit quarterly profit numbers, and they reduce staff, they cut things to the bone. They assume they’re okay if they haven’t had a lousy inspection.

So, these things percolate, and sound, well-intending people who don’t necessarily know how to differentiate right from wrong are just doing their job. It’s somewhat tragic from my perspective.

A lot of times, the FDA identifies it. The good companies have good, robust internal audit programs that try to look. Not every company is involved with these issues, but many have these problems.

Many companies self-identify through internal audit programs, which are a requirement, and many of the good companies have essentially chartered teams to do deep dives into their data integrity practices because they know this is an issue that the FDA is highlighting as one of their focus areas.

[REDACTED]: Jack, related to that, we had a question come in via email. The question is, in the case at hand, with Fresenius and Akorn, it doesn’t seem like the FDA is involved, but when does the FDA typically get involved?

If they were not the instigator of an investigation, would they wait until the company’s internal investigation is over? Or would they get in the middle of it? How would that work?

JACK GARVEY: The FDA has several different ways to get involved with a company’s manufacturing operations to examine these issues. All companies should be on a routine inspection schedule within the FDA that is increasingly based on a risk-based approach.

FDA has been working on this with the industry for years. At the direction of Congress, one of the recent statutes directed the FDA towards risk-based inspections. So they can find them during their routine surveillance inspections.

They can also be found during what’s called directed inspections — which are for-cause inspections. These can be performed for any number of reasons. The FDA could be looking at complaint or adverse event data that is trending in a way that denotes a problem. They could get a call or email from a disgruntled employee.

Generally, it’s not like they have a defined network of people aware of non-compliant situations; however, now that the allegations are public, they could look at the pleadings and other general information just like we can. And they could, with that information, go in and decide to do their internal assessment of Akorn or even Fresenius. I don’t know that they will, but they certainly could.

FDA gets its information from several sources, and it can inspect domestic organizations anytime. The FDA can inspect ex-US-based organizations outside of the US upon reasonable notice.

The remedies are, indeed, in the US, if you deny their request to come in and look at the operations, they can shut your doors. Ex-US, they can put import holds on and stop your product from coming into the US. So they’ve got vast powers both domestically and internationally.

FDA’s CURRENT ENFORCEMENT CLIMATE

[REDACTED]: How would you characterize the current environment at the FDA? Indeed, they’ve been, in several areas, more industry-friendly than in the past. Does that extend to the focus on enforcement, or how likely it might be that they would take action quickly in a case like this?

JACK GARVEY: When the Agency sees issues directly linked to public health, it gets aggressive. I think they tend to be more respectful on what I’ll call the more administrative side of the regulatory oversight. Still, even in this environment, they are not walking away from their public health mission.

Frankly, in a panel discussion that I participated in this past week, there were some discussions – I was moderating the panel, and I did a predictions segment at the end – and the two other experts with me on the board both think the enforcement will continue to increase in this area of data integrity.

It will remain about the same because it’s already at a reasonably high level, and the FDA has many things they look at. What I can say is that this is not going to reduce in significance for the foreseeable future.

DATA INTEGRITY AND AKORN PHARMACEUTICALS

[REDACTED]: Okay, what could the issue with Akorn become? To the extent that we try to read the tea leaves here. There are a couple of 483s that they’ve received over the last several years.

The one in India in 2014, 2015, and 2017 had issues with their Decatur injectable facility. It seems to be an inspection from December in their ophthalmic facility in Switzerland.

There seem to be several routine inspection observations, but maybe you can talk briefly about what you see there and whether that rises to the pattern that may concern the agency. But at the same time, we haven’t seen a warning letter for the company or product recalls, so how does that mosaic fit for you?

JACK GARVEY: Yeah, I think that’s a great way to characterize it — as a mosaic. I’ll provide my thoughts, which are my opinions only, on the 483s. For background context for the participants – an FDA Form 483 is probably one of the most noted forms in FDA regulation.

It’s called a notice of observations, and it’s the record of comments by FDA investigators of deficient activities in a manufacturing, distribution, or regulated facility. This is essentially the first notice to a company that their operations are low due to inspections. It’s the predecessor document to a warning letter.

Not all 483s result in warning letters. How that occurs is based on the company’s ability to respond to the 483, how ashamed, how comprehensive they are in their response, and, as I tell clients, does the 483 answer show that they get it? Are they being combative? Or no, I get it; we will make those changes.

With that, just looking at the number of 483s, I would say all of them are significant. The two recent ones, the one in Switzerland and the one in Decatur are what I’d call more traditional and — I don’t want to call them routine because none of this is normal — but they’re not unusual. These are pretty typical 483s looking at observational and manufacturing deficiencies, but they are also significant in that these are substantial issues asserted by the FDA.

The one in India is highly troubling if — again, these are FDA’s observations, so I can’t state them as fact — true and are allegations of falsified data failure to analyze samples, and that’s a real problem. So, in four years, my concern is that these are integrated companies.

Akorn is not — typically, these companies don’t have an entirely self-managed site. They have corporate quality people, they have corporate compliance people, they have corporate counsel. These people have visibility to these issues, so are they making the hard decisions to effect change across the organization?

This, to me, would indicate a cultural deficiency concerning investments in their quality organization. That’s what this would suggest to me. Again, my opinion no fact, no assertion.

But I would look at an organization like this and say, hmm, they’ve got some real cultural issues because they’re not, in my mind, not taking comprehensive, definitive steps to invest. I’ll also say that investments in these sorts of things are significant.

These require hundreds or millions of dollars to fix these problems properly; that’s the reality. It’s complicated and complex, so many companies don’t do it.

FDA REMEDIES FOR DATA INTEGRITY VIOLATIONS

[REDACTED]: What are the range of options that the FDA can take against a company that it deems has violated its data integrity policies?

JACK GARVEY: They can do everything or nothing. During an inspection, they could look at a company and see that they’re self-correcting and are not obligated to issue a 483. They can but can do nothing if they feel the company is doing the right thing and don’t want to punish it.

More than likely, they would issue a 483, identify issues, and depending on how they felt the company was addressing these, it could be more or less significant. There is a level of variability, but there’s no strict calibration across investigators, and the inspections can go very differently.

You sometimes get combative companies, so the next step would be to issue a 483 outlining their observations. If they don’t feel the company has responded adequately or is getting to the root causes of data integrity, they will likely issue a 483 and warning letter.

The root cause is essential here — the root cause of data integrity could be everything from poor incentives, a bad culture, no policies, and no controls; there are many reasons.

They’ve always got remedies of seizure, injunction, and consent decree, essentially going to a federal judge and asserting that the company is operating illegally. They need to be under the control of the FDA.

So, they have an escalating set of remedies available to them depending on their findings’ significance and seriousness and how they feel the company is reacting to those findings.

DATA INTEGRITY AND SUBMISSIONS

[REDACTED]: Got it. Operator, do we have any questions on the line?

CALLER: Hi. When you think about all the analytics and tests needed to support an ANDA filing, it is the data generated to analyze purity, yield, et cetera, bioequivalence, whatever it may be.

Is the entire set of data that a generic company runs all supposed to be submitted, or is there any point in the process where the company can edit data from those tests? Or is it felt to be something where every test you run and every sample you put through is supposed to be captured and submitted?

JACK GARVEY: It’s the latter; everything has to be captured, not necessarily submitted, but at least caught. In other words, let’s say you were an analytical chemist performing an HPLC run, and you go through the prepping of the equipment, make the run, and get a strange result. There’s a whole series of protocols called OOS/OOT — out of spec, out of trend — which essentially relates to what happens when you get anomalous, unexpected results.

In that situation, you have to capture the original outcome. If you feel it is erroneous, you have to go through essentially a structured protocol — for lack of a better way to describe it — of invalidating that outcome. Such as, you can redo the test. The reason for that is pretty straightforward.

Let’s say you’re a startup or a small company, early public, and want to make a lot of money. So, you get some tests you don’t like and say I don’t like that test.

I’m just going to call it this. This is precisely what Able Laboratories did; they made up their data. It looked great, and there’s a financial incentive.

So you have to capture that original data and carry it through. It doesn’t mean you’re bound to the data of errors; what it does mean is when that does occur, you need to be able to have that trail, whether it’s electronic or on paper, whatever that is, that links the original data set to the subsequent data that is used internally or submitted to the FDA.

CALLER:  Thank you, Jack.

DATA INTEGRITY AND THE APPLICATION INTEGRITY POLICY (AIP)

[REDACTED]: Alright, so maybe we’ll dovetail with the discussion about some of the remedies. Can you talk about the application integrity policy (AIP)? In this case, the merger agreement refers to a predecessor’s name, but the fraudulent, untrue statement and illegal gratuities regulations that they have. But that was raised in the merger as a potential FDA invoking its application integrity policy as one of the reasons for not completing the deal.

Can you talk about when the FDA invoked AIP and what the signs might be if that were likely or not to be gathered in the current situation?

JACK GARVEY:  Sure, so it’s interesting – in the panel discussion I did back in December – a good friend of mine [REDACTED], who’s an attorney, spoke on the AIP. And [REDACTED] is quite an expert, so I’m happy to share that with you.

The AIP is essentially the grandfather — the granddaddy — of the current data integrity enforcement practices we’re seeing. What I mean by that is that data integrity is not a new concept. This goes back to my first job out of college in a pharmaceutical plant, learning about data integrity. How do you record information and make sure that if the information is changed, you identify there was a change?

So, the AIP was essentially spawned by the generic drug scandal in the late ‘80s and two products. One is the Dyazide switch, and the other is the Maxzide switch. It was formally known as the alert list and officially announced as a policy in 1991. And really, it’s triggered when there is any action that the agency detects — what they call subverts — the FDA process.

If there’s fraud in an application Agencyer falsifications, the FDA will defer substantive scientific review of all the data in the application and possibly other applications. And that deferral – they basically stop reviewing applications – will continue until the questions regarding the reliability of the data have been resolved.

So, to address that, you must go through a corrective action plan, cooperate fully with the FDA, and identify all the wrongdoers. FDA is extensive in identifying individuals because companies don’t do things wrong; individuals do something wrong, and the FDA knows that. Then, conduct an internal review and have a written action plan signed by your CEO. Interestingly, [REDACTED], during our discussion, spoke that the AIP has been called the death penalty for companies, and only a handful of companies have survived being on an AIP.

Those who did were typically on it for four years. It usually goes hand-in-hand with criminal prosecution and collateral civil litigations such as securities, shareholder derivative actions, and competitor suits.

Currently, the AIP is not being used all that much. I think the last company to go on AIP was in 2011. [REDACTED]’s prediction in our webinar was that he believes it will be dusted off. I’m not too sure about that, but on the other hand, it doesn’t matter because the FDA is addressing it through the warning letter remediation language. One of the things I spoke about in the panel was newish data integrity warning letter language that they’ve been using since around 2014, just after the Akorn 483, that requires an expansive remediation.

So, hopefully, that’s a little background on the AIP, but it still is a valid remedy. There’s still a policy and procedure available to the FDA to use, and I certainly think in the right situation, they absolutely would use it.

WHISTLEBLOWER IMPLICATIONS

[REDACTED]: Jack, just going back to the Fresenius investigation. Is there any way to read the fact that it was coming from an anonymous tipster? Does it tell you anything?

And if the FDA got involved, how would that – or would it become public? And how could we know if it has?

JACK GARVEY: I don’t know if there’s much to read into the anonymous tipster. That’s certainly been something that people within companies have been becoming increasingly aware of and bolder in. It’s not an area I practice in, but there’s certainly, over the last 15-20 years, been a surge in what are called Qui Tam litigations.

These are essentially litigations asserting ties between what a whistleblower claims and the company defrauding the US government because of Medicare/Medicaid. So, theoretically, manufacturing outside of GMPs could be considered incurring fraud on the US government because of reimbursement issues.

I would say that this whistleblower, if that’s what it was, or this anonymous tip could be for various reasons. This merger could have resulted in a planned elimination of a person’s role, somebody being mistreated.

I don’t know that there’s a whole lot you can derive from that other than this potential is at any company, and companies need to be aware of the risks. Their employees know a lot about what’s happening, and if you’re not rigorously in compliance, you’re exposing yourself.

I’ve seen tons of things over my career that are questionable. If any were public health or safety related, I would have reported them myself if they weren’t being addressed. Fortunately, most companies I’ve been with and have been involved with taking those things seriously.

So, I don’t think you can derive much from the fact that there was an anonymous tip. What was the FDA’s obligation? You certainly won’t know anything until they take action. They do not disclose pending reviews, and they don’t tell pending investigations.

They’re incredibly close-lipped and tight, as they need to be because any of these investigations that can start as an administrative action can be quickly converted into a criminal act.

It’s important to note that the FDA looks at potential issues if observed with a perspective that it could always be criminal conduct. And that’s important; many people in the industry don’t even know that the FDA calls the professionals who come into plants “Investigators” because they’re gathering evidence.

That evidence can be used administratively or civilly through the regulatory framework. But if found to be something that rises to criminal conduct, the FDA has a criminal division they can bring in with a phone call. They can look at illegal activity that can implicate individuals, the company, or both.

IS DATA INTEGRITY EASY TO FIND?

[REDACTED]: Not knowing the specifics of, obviously, this company’s practices, but if we took the assumption that the buyer, Fresenius, was looking to get out of a deal – if you had a company with some history, how likely is it that if they dug hard enough, they would find a material issue at the company? You know, you can always find a record out of place, but if they investigate hard enough and long enough, would you be able to uncover something serious?

JACK GARVEY: Here’s what I can tell you: it’s pretty easy with most companies, even the best companies, to find problems within these companies that are costly and difficult. You know, I make my living in a complex area. It’s hard to fix these companies.

Not only is there a blend of technical, legal, regulatory, and scientific issues, but there are also organizational change dynamics. And that, frankly, is where most of the challenge occurs.

You’ve seen this with companies like Volkswagen, right, with their issues? Something happens, and you’ve got massive organizational change dynamics. It’s hard to change a company’s culture.

So, it’s partly a technical challenge, partially a change management challenge, and highly costly.

Companies hope this stuff goes away. My experience is that executives would rather have their teeth pulled than talk about compliance. They don’t like it; they think it’s non-value added. Again, this is my experience; I’ve spoken with many of them.

They want to ring the bell on Wall Street, they want to go to marketing launch parties, they want the sexy stuff. And this stuff is not sexy, but it is essential to a company’s future. Some companies that get it — I call it eliminating distraction. I always talk to companies and say your compliance objective is to eliminate distraction for the rest of the organization so the business can go out and make money.

And, in this case, I don’t think Akorn gets that. They haven’t made the investments to eliminate the distraction of – from my perspective – FDA regulatory intervention.

PRODUCT RECALLS AND DATA INTEGRITY

[REDACTED]: Do you read into anything the fact that there haven’t been any product recalls recently out of Akorn?

JACK GARVEY: No, it doesn’t matter, and that’s a complex concept for many people to grasp. Well, because there are no product recalls, I guess the product’s okay. Well, maybe.

But if you can’t rely on the data, you cannot verify that the products were built as intended. You can’t guarantee that every product, dosage form, and unit meets its intended specifications.

The only way to do that is through 100% destructive testing; obviously, that doesn’t make sense. Quality assurance is quality that’s built-in based on scientific statistical measures. So when there are deficiencies, like those identified in these or any company’s 483s and warning letters, they go to assurance of product.

That ties directly into the FDA’s public health safety mission. If you can’t assure – and the obligation is on the manufacturer’s part, they’re making money from this. Their job is to ensure that the documents, information, and data that establish these products’ processes and designs work 100% of the time for the patient population.

The short answer is no; recalls are not indicative. It just means there haven’t been any flashing red lights in the field that say we’ve got a dangerous product. When a company receives a recall situation, you’re well beyond what is, in my mind, normal anticipated conduct in this space.

[REDACTED]: Alright. Thanks very much, Jack, that’s been very informative. Thanks, everyone, for joining, and have a great day. Thanks [REDACTED] as well.

JACK GARVEY: My pleasure, thank you.

Please get in touch with us below for further information on pharmaceutical data integrity, FDA enforcement practice, quality culture, FDA 483 and Warning Letter assistance, or other related topics.

FAQs Regarding Data Integrity and Compliance Policies