Surviving Live Data Inspections by the FDA---3 Critical Success Factors

FDA is now requesting a "live" data review during inspections.
For best results, practice walking through this review
with employees who will be involved.
I have long been a supporter of being well prepared for FDA inspections, including how data is presented during the inspection.  Historically, you’d print the files for FDA review rather than do a live demonstration of the database information.  While I haven’t experienced it yet, it is my understanding that the FDA is now requesting a “live” data review.  Essentially the expectation is for you to walk the inspector through your files and explain the information rather than have you print and organize paper files before they see it.  This innovative approach creates some new challenges and/or opportunities for your organization.  

Now three main areas require your focus for success with FDA’s new electronic strategy:

  1. Understand the key processes and your automation tool is configured.
  2. Organize your validation documents to demonstrate the intended use of the automated tool.
  3. Organize the file to create a storyboard or road map to facilitate explanation of the key documents.
Let’s take a closer look at these key areas.

1. Understand key processes and how the automation tool(s) is (are) configured.  

I have worked with many companies who have automated key quality management system (QMS) infrastructure processes.     The most common QMS processes that are automated include but are not limited to:
  • Document Control
  • Audits – internal, external, and supplier
  • Complaints
  • CAPA
  • Training
  • Inventory management
  • Supplier management
  • Non-conforming material
  • Automated manufacturing line
In some cases these processes are all automated within one tool such as MasterControl, EtQ, Trackwise, etc.  In other cases, there may be a combination of QMS and ERP (Enterprise Resource Planning) systems such as SAP, Oracle, Agile, etc. 

Regardless of which automated system or combination of tools you choose, it is important that you understand the process that is being automated and how the tool is configured.  If you automate a broken process, it will still be a broken process – just automated.  My experience indicates automating a broken process is also more cumbersome and requires more personnel to manage than expected.  

When considering automation, you should start with defined user requirements - what you want the system to do.  Define “must have” versus “nice to have” requirements.  The best approach is to complete a process map of the activity you plan to automate.  Determine activities, roles/responsibilities, records to be maintained, interfaces to other operations, etc. Defining this information on the key processes sets a strong foundation for simplified, integrated business activities.  Additionally, having a strong understanding of how you want it to work will make selection and implementation much simpler.

If you have already automated your process, you should still document the requirements and expectations for the process.  This will help you as you do the live demonstration and explain the process to the FDA inspector. 

This article is related to the toolkit:
11 Free Resources to Boost Your FDA Readiness
To get the full details, please download your free toolkit.

2. Organize your validation documents to demonstrate the intended use of the automated tool.

The FDA expects that you have validation for all of the software tools/automation you have within or touching the QMS.  This is not anything new.  It has been the expectation for many years now.  Additionally, the recent revision of ISO 13485:2016 has added a specific requirement Clause 4.1.6:

The organization shall document procedures for the validation of the application of computer software used in the quality management system. Such software applications shall be validated prior to initial use and, as appropriate, after changes to such software or its application.
The specific approach and activities associated with software validation and revalidation shall be proportionate to the risk associated with the use of the software. Records of such activities shall be maintained (see 4.2.5).

So why is validation so important?  Validation is a demonstration that the system/tool works as intended or designed. It meets the needs of the business and organization as well as the regulatory requirements.  If you have validated properly, you should have a strong understanding of how the tool was configured and how to describe the inner workings during an inspection.  The validation plan and documents should set the foundation to demonstrate that you have configured the system/tool to meet your business needs.  

Pull out the validation documentation for each of the systems/processes that you have in place.  Look back through them and organize them for potential inspection.  Repeat the validation activities as a “practice” run for the inspection.  This is really a great way to practice for the regulatory interview/demonstration and refresh your knowledge of the processes.

3. Organize the file to create a storyboard or roadmap to facilitate explanation of the key documents.

As you look back at the various systems and tools, determine the best approach for telling the story.  The most obvious areas where the inspector may want the live inspection would be complaint handling and CAPA.  I still support the “storyboard” format for facilitating the discussion.  Use a strong problem statement to explain the issue.  If possible, present an executive summary with pointers or hyperlinks to the key documentation supporting the investigation and corrective/preventive actions being implemented.  Consider this the roadmap to aid the subject matter expert and the inspector through the process.  This is particularly important if you have supporting data in multiple systems.  One of the key requirements you will have to demonstrate is your control over these systems.  Being organized and able to tell the story with a straightforward understandable approach can go a long way to a successful inspection.


Educate the subject matter experts (SME) to facilitate the live discussion.  Practice walking through the systems.  The SME should be as comfortable with the system they will be explaining as they are with the process.  With the live inspection, they will be expected to walk through the specific area of their expertise, but should also be comfortable walking through the system/tool.  The validation documentation is a good tool for this practice but may not be enough.  Pull some actual files and walk through them.  Make sure the system files are aligned with the SME records.  Since the inspection is happening live you will want all of the records to be aligned.

This may seem like a lot of work to do, but it may not be as bad as you think.  It will really depend on how many systems you have and how well they are integrated.  If necessary, reach out to your automated tool provider for preparation assistance. If you are just starting the process of looking at electronic systems/tools, be cognizant of this new approach to inspections.  Look at systems that are integrated and simple to use.  Starting with the map of the various systems and how they work together will give you a much better idea of exactly where you stand.  Don’t wait until the inspector is knocking at the door to figure this out.

Please don’t think these suggestions are something you should do just for regulatory inspection purposes.  Look at it from the business perspective – it’s just good business to have a strong understanding of these tools and how you are using them.  When implemented and maintained properly, they can reduce non-added value work and improve overall efficiency.    If you automate a broken process or something that doesn’t work well for your business, you actually add costs and reduce efficiency.  Do what’s appropriate for your business and quality management system. 

Have you completed a live data inspection by the FDA?  Share your experience below!

Christine (Chris) Park is a seasoned quality assurance professional with a wealth of experience in establishing and remediating quality systems of all sizes.  Using a pragmatic approach to compliance and quality assurance, Ms. Park has successfully focused on results-oriented solutions that integrate quality into the daily business activities of organizations.  Her experience in R&D and general manufacturing for medical devices, IVDs, and biotech/pharmaceuticals provides a well-balanced background for her work in compliance. 

Whether working on a full quality system or on key quality components (CAPA, complaints, audits, supplier quality, management controls), Ms. Park provides employees and management not only with adequate direction and tools to maintain compliance, but also with the understanding of why they must comply with specific requirements.

Ms. Park has played an active role in the generation and review of technical documentation in support of regulatory submissions.  Her direct experience includes facilitating product and process risk assessments, change management (design as well as manufacturing), product and process validation plans and protocols.  She has developed strong relationships with manufacturing as well as design/development organizations.  She is an active member of AAMI TC210 standards committee.

Ms. Park is currently consulting with industry for implementation and/or transition to the revised ISO 9001:2015 and ISO 13485:2016 standards. FDA remediation (820, 210/211, foods).  Additionally, she is providing training and auditing expertise for organizations related to these standards, 21 CFR 820 and other FDA regulations.  She may be reached at (678) 480-5411 or