Jaime Castro
Director General
BPF part of QbD group
Expert Contributor

GxP Regulatory Compliance from a Project Perspective

By Jaime Castro | Fri, 08/21/2020 - 14:22

Why do regulated companies make it so complicated to implement regulatory compliance activities and verify them? 

The implementation and control of Good Practice compliance activities in regulated environments for the health industries is an effort that must be necessarily aimed at success. There are three main causes for this statement:

  • Compliance with Good Practices is a legal requirement
  • These activities involve high costs for companies in production and support processes (up to more than 50 percent in some cases, depending on the product and process)
  • The result of this compliance is the preservation of the health and safety of users/consumers of healthcare products

Failure in these activities may involve, at least, economic losses of various magnitude, or in the worst-case scenario, the death of people, loss of reputation of the business and closure. Hence the importance of ensuring or at least significantly raising the chances of success in the implementation and control of regulatory compliance activities.

When initiating, modifying or continuing to implement the activities aimed at ensuring regulatory compliance, it is very common that this instruction came from a high level of the organization toward the various areas and from it, the management of the company will expect an outcome in line with your business expectations.

It is then that those responsible for the areas involved  begin to implement the activities that (regulations in hand) are considered appropriate so that their respective area reaches the goal posed by the high direction, sometimes shoulder to shoulder, others front to front, back to back or even chest to back.

When I'm asked what's causing regulatory compliance to be so tortuous, the first thing that comes to mind is the lack of a systemic vision. When the objectives are so large and broad that they cover many of the company's processes, products and organizational structures (as in the case of quality systems, validation processes or certification in Good Practices), it is necessary to have a vision that understands the requirements, particularities, components, interrelationships and impacts of each of the processes and elements involved. This is systemic vision.

Whatever the regulatory compliance activity and the areas involved, it is clear that it is a temporary effort with an established start and end (even those activities that are cyclical or continuous as validation eventually will have an end), which implies the allocation of resources and responsibilities to achieve an outcome that satisfies the GxP requirements in an enduring way and transcending through the quality of the manufactured products. The above statement also conforms to one of the most common project definitions.

In this way, a systemic vision of the processes and elements involved in meeting far-reaching and impactful objectives (such as GxP compliance) allows us to properly define and integrate the need and opportunity of its management as a project rather than separate activities.

Project management is the application of knowledge, skills, tools, and techniques to project activities so that the requirements of the project are met. Every project involves the activities of:

  1. Preparation
  2. Planning
  3. Execution and control
  4. Closing

As a reference and of widely accepted use, there is the Project Management model by the Project Management Institute (PMI), which indicates 10 areas of knowledge that must be managed for project success:    

  • Project integration
  • Scopes (what is included and what is not included in the project)
  • Times
  • Costs
  • Quality of deliverables and results
  • Human Resource
  • Proper and timely communication of information
  • Risks and their management
  • Acquisitions needed for project execution.
  • Stakeholders, identification, influence, and participation

Through these areas of knowledge, project management reduces the possibility of operational failure, increases the chances of achieving objectives and makes resource use efficient.

As the saying goes: "Responsibility of many, responsibility of no one." And this is particularly true during project management, especially large ones. It is important in every project to clearly define the person responsible for their driving, their scopes, authority, and responsibilities, but above all, communicating the above to the various involved. In addition, it is required that each of these involved know in turn their own scopes and responsibilities for the project. All the above must be documented.

The person responsible for the management of each project must properly know the specific processes of the project being managed as well as the project management processes related to each of the areas of knowledge mentioned above.

Some of the most useful tools for proper planning and control of activities are:

  • Timelines for time and resource control
  • Brainstorming for decision-making
  • The minutes of initiation and close of the project where the project rules, expectations, and requirements to be met are established
  • Meetings and minutes to follow advances and complications
  • Activity logs
  • Documentary control within the quality system as support for the project

While the project’s vision for the management of regulated GxP compliance activities means investing time in the preparation, planning and negotiation with the various involved, it also provides these main benefits:  

  • Control over project elements
  • Decreased risks
  • Better characterization of results and deliverables
  • Proper measurement of results/continuous improvement
  • Efficiency in use of time and resources
  • Increased results quality/deliverables 

There are some points that in my experience are crucial for the proper management of regulatory compliance projects:

  • Establishment of SMART Objectives (Specific, Measurable, Achievable, Relevant and Temporary)
  • Systemic vision for understanding the whole, and its components
  • Planning, order, and discipline in the execution of activities
  • "Responsible Assignment of Responsibilities"
  • Identification of stakeholders, selfless and counter-stakeholders
  • Understanding the organizational structure and its human implications
  • Always ask yourself if the proposed project is what the sponsors really want or what I think they want?
  • It identifies in an objectively, realistically, and multidisciplinary way possible restrictions to avoid
  • Define in a consciously and informed manner the project budget and strictly control it
  • Work in line with the quality system and its support processes

A good result in GxP regulatory compliance projects, for its complexity and risks, not only requires desire and enthusiasm for its achievement. A systemic vision will allow us the correct planning, control, order, discipline, and definition of responsibilities, which together will have the effect of reducing risks and increasing the chances of success and quality of the results.

Photo by:   Jaime Castro