All,

I continue to see statements like:

"Bayer, Merck, Guidant, American Home Products, and Tap Pharmaceutical paid large penalties based partly on inappropriate statements uncovered in their files and emails."

I've been through a few FDA inspections and I have not seen how investigators could uncover such things unless companies brought them out as compliance evidence. Has anyone been bitten by this? What were the circumstances that allowed investigators to find such files / emails? I have certainly not seen a situation where an investigator was allowed to dig through personal files / archives.

Of course, these statements are generally made by folks peddling avoidance seminars or purging software. So I always wonder how much FUD (Fear, Uncertainty, Doubt) is being sown.

All,

I continue to see statements like:

"Bayer, Merck, Guidant, American Home Products, and Tap Pharmaceutical paid large penalties based partly on inappropriate statements uncovered in their files and emails."

I've been through a few FDA inspections and I have not seen how investigators could uncover such things unless companies brought them out as compliance evidence. Has anyone been bitten by this? What were the circumstances that allowed investigators to find such files / emails? I have certainly not seen a situation where an investigator was allowed to dig through personal files / archives.

Of course, these statements are generally made by folks peddling avoidance seminars or purging software. So I always wonder how much FUD (Fear, Uncertainty, Doubt) is being sown.

perhaps it was related to other investigations?
Somehow related to SOX?
Are any of them under consent decree right now?
Or there were whistleblowers.

Or as you said - fearmongering.

All,

I continue to see statements like:

"Bayer, Merck, Guidant, American Home Products, and Tap Pharmaceutical paid large penalties based partly on inappropriate statements uncovered in their files and emails."

I've been through a few FDA inspections and I have not seen how investigators could uncover such things unless companies brought them out as compliance evidence. Has anyone been bitten by this? What were the circumstances that allowed investigators to find such files / emails? I have certainly not seen a situation where an investigator was allowed to dig through personal files / archives.

Of course, these statements are generally made by folks peddling avoidance seminars or purging software. So I always wonder how much FUD (Fear, Uncertainty, Doubt) is being sown.

Ah, I see the cause of your confusion. "I have certainly not seen a situation where an investigator was allowed to dig through personal files / archives." Emails and archives on an organization's it system are most certainly NOT personal files. They are organizational records being maintained on organizational physical property. The courts, at least in the USA, have ruled over and over that there is NO expectation of privacy on company email, so all an investigator has to do is ask as he would for any other record, like an interoffice memo.

Geoff Withnell

All,

I continue to see statements like:

"Bayer, Merck, Guidant, American Home Products, and Tap Pharmaceutical paid large penalties based partly on inappropriate statements uncovered in their files and emails."

I've been through a few FDA inspections and I have not seen how investigators could uncover such things unless companies brought them out as compliance evidence. Has anyone been bitten by this? What were the circumstances that allowed investigators to find such files / emails? I have certainly not seen a situation where an investigator was allowed to dig through personal files / archives.

Of course, these statements are generally made by folks peddling avoidance seminars or purging software. So I always wonder how much FUD (Fear, Uncertainty, Doubt) is being sown.I can't directly address FDA-related situations, but I can certainly comment on the chain of events which brings hard copy correspondence, electronic records, hand-written lab notebooks, etc. into the light and capable of being used as condemning or exculpatory evidence.

The initial trigger or link in the chain is about evenly divided between complaints (customers, auditors, whistleblowers, etc.) and nonconformances detected during routine inspections. As the investigation develops to resolve the complaint or implement root cause/corrective action, a discrepancy arises between the organization's avowed plan for a process (in the case of FDA, the plan they filed to get approval for product or device) and the execution of the plan. When regulators are involved in resolving a complaint or nonconformance, individuals within the organization send out nuanced signals of fear or guilt which the investigators pick up on and follow through, demanding more and more documentation. Organizations which were arrogant or sloppy (top managers were either smug or lax), sometimes leave a smoking gun covered with fingerprints. If they were really good at being "bad," they wouldn't leave evidence.

The important thing to note is systemic fraud or incompetence is most often uncovered by whistleblowers (some of whom "accidentally" leave the smoking gun documents where they can be found), while individual incompetence and fraud are found by dedicated top management who want to be "good citizens" and regretfully pay the fines as penance for their own lack of diligent oversight.

Ah, I see the cause of your confusion. "I have certainly not seen a situation where an investigator was allowed to dig through personal files / archives." Emails and archives on an organization's it system are most certainly NOT personal files. They are organizational records being maintained on organizational physical property. The courts, at least in the USA, have ruled over and over that there is NO expectation of privacy on company email, so all an investigator has to do is ask as he would for any other record, like an interoffice memo.

Geoff Withnell

I know nothing about the extent of FDA inspectors' legal access to records, but the court decisions you refer to are in regard to the privacy rights (or absence thereof) of company employees and others who are using a company's network and storage with permission. They don't mean that anyone can walk in off the street (even the police) and demand to see company e-mails and records.

Jim,
Basically, an FDA inspector in an FDA regulated facility has the right to look at essentially any record they want to see. If someone says "I discussed this problem with Joe" then all the discussions with Joe, verbal, written, email etc become fair game, and no further authority is needed.

Geoff Withnell

Jim,
Basically, an FDA inspector in an FDA regulated facility has the right to look at essentially any record they want to see. If someone says "I discussed this problem with Joe" then all the discussions with Joe, verbal, written, email etc become fair game, and no further authority is needed.

Geoff WithnellThis is pretty much the same thing in FAA-regulated organizations, from biggies like Boeing down to little PAH (Parts Approval Holders) who make little "after market" gee gaws some aircraft owners add on to aircraft (in-flight video, traffic collision avoidance radar, etc.), with the added stipulation the FAA inspectors can inspect all the way down the supply chain to component suppliers and manufacturers. The inspections are PRIMARILY about the documentation (sufficiency and validity) and only secondarily about actually touching, feeling, measuring a product to confirm it meets specifications.

One FAA inspector who came to our company regaled us with a tale of requiring a supplier to a PAH to provide before and after photos of nonconforming parts to "prove" they had been destroyed in a fashion they could not be put on an aircraft via a "gray market." The PAH had to confirm the supplier would saw the pieces in half through a serial number, forever invalidating that serial number.

coincidentally enough for Freakonomics fans

http://freakonomics.blogs.nytimes.com/2008/05/08/whats-the-worst-e-mail-mistake-you-ever-made/

Jim,
Basically, an FDA inspector in an FDA regulated facility has the right to look at essentially any record they want to see. If someone says "I discussed this problem with Joe" then all the discussions with Joe, verbal, written, email etc become fair game, and no further authority is needed.

Geoff Withnell

Geoff,

I agree with your statement, however will point out that while the FDA has the authority to review and copy all records required by the QS regulation, they have elected not to review audit reports.

Be sure and routinely purge all records (electronic, hard copy, and e-mails) that you don't need anymore. If it is truly not there, they can't look at it.:)

Be sure and routinely purge all records (electronic, hard copy, and e-mails) that you don't need anymore. If it is truly not there, they can't look at it.:)

:topic: This statement kinda reminds me of the Iran-Contra situation a long time ago. :notme:

:topic: This statement kinda reminds me of the Iran-Contra situation a long time ago. :notme:"Who knows what evil lurks in the hearts of men? The Shadow knows . . . heh . . . heh . . . heh!";)

Be sure and routinely purge all records (electronic, hard copy, and e-mails) that you don't need anymore. If it is truly not there, they can't look at it.:)

If it is a 21 CFR record, don't just trash/hide it. Falsification/not telling the truth to an FDA official is a 18 CFR charge. One will be in hot water over this, as compared to an incomplete "GMP establish" or adulteration/mislabeling charge. The next FDA visit may be with FDA's criminal investigations unit....

All,

I continue to see statements like:

"Bayer, Merck, Guidant, American Home Products, and Tap Pharmaceutical ."

I've been through a few FDA inspections and I have not seen how investigators could uncover such things unless companies brought them out as compliance evidence. Has anyone been bitten by this? What were the circumstances that allowed investigators to find such files / emails? I have certainly not seen a situation where an investigator was allowed to dig through personal files / archives.

Of course, these statements are generally made by folks peddling avoidance seminars or purging software. So I always wonder how much FUD (Fear, Uncertainty, Doubt) is being sown. Emails and other internal correspondence would be considered evidence that a government agency like FDA would confiscate within computer hard drives etc., under subpoena for investigations into wrongdoing.

I have seen FDA letters of warning to companies posted on the internet, but I have never heard of fines being levied for "improper statements in emails." I agree that these statements appear to be spam for services to get rid of electronic records.

Be sure and routinely purge all records (electronic, hard copy, and e-mails) that you don't need anymore. If it is truly not there, they can't look at it.:)
Be careful about that.

If it looks like you act with the intent to hide damaging evidence, it can go very hard against you in court. In US Federal Court, the rules are that if spoil evidence, the fact finder can conclude that the evidence proves whatever your opponent claims it proves. This is true even if you discard evidence according to company policy.

With the cost of electronic storage so low, it's pretty hard to convince anyone that you are discarding emails, etc. to economize on disk space unless the purge period is pretty long.

Once a subpoena is issued, or even if you reason to believe one will be issued, all discarding of potential evidence must halt.

IANAL, but I have been watching a court case with great interest, and this is what the legal eagles on the web site devoted to the case have said.

Here is a link http://www.groklaw.net (http://www.groklaw.net/)

Here was my statement:

Be sure and routinely purge all records (electronic, hard copy, and e-mails) that you don't need anymore. If it is truly not there, they can't look at it.:)

If it is a 21 CFR record, don't just trash/hide it. Falsification/not telling the truth to an FDA official is a 18 CFR charge. One will be in hot water over this, as compared to an incomplete "GMP establish" or adulteration/mislabeling charge. The next FDA visit may be with FDA's criminal investigations unit....

Agreed. I hope no one took away the idea that you should try to hide anything. You should set up an appropriate retention schedule for things and abide by it. This thread was started about e-mail exposure. My statement is to keep e-mails long enough for your purpose, then get rid of them. Same with most other information. Don't hoard e-mails, documents and the like. Get rid of what you don't need.

Be careful about that.

If it looks like you act with the intent to hide damaging evidence, it can go very hard against you in court. In US Federal Court, the rules are that if spoil evidence, the fact finder can conclude that the evidence proves whatever your opponent claims it proves. This is true even if you discard evidence according to company policy.

With the cost of electronic storage so low, it's pretty hard to convince anyone that you are discarding emails, etc. to economize on disk space unless the purge period is pretty long.

Once a subpoena is issued, or even if you reason to believe one will be issued, all discarding of potential evidence must halt.

IANAL, but I have been watching a court case with great interest, and this is what the legal eagles on the web site devoted to the case have said.

Here is a link http://www.groklaw.net (http://www.groklaw.net/)


I'm not sure I follow you on this. If I get an e-mail about something going on like "I don't know about this study. It looks strange", I have no requirement to keep that e-mail. I can get rid of it at my leisure, as long as there is no investigation. It would probably be pretty smart to delete/remove as soon as possible.:)

Both of your points are valid at the point that an investigation is announced. But until then, you should be regularly getting rid of things that may later be twisted into something it isn't by overpriced lawyers in a Class Action Lawsuit.

<snip>
If I get an e-mail about something going on like "I don't know about this study. It looks strange", I have no requirement to keep that e-mail.

This forum is a great place for advice about quality systems and similar topics.

Anybody who has a question about legal matters, and this is one, should consult his company's lawyer.

This forum is a great place for advice about quality systems and similar topics.

Anybody who has a question about legal matters, and this is one, should consult his company's lawyer.

Agreed. I think my prior suggestion within the context of this thread is not correct, and thus should be put in better context.

All I'm really saying is that before any investigation or notification of any kind, each organization should have a policy to address removing/archiving old files and e-mails.

The nano-second that any type of investigation is announced, anything and everything is frozen. Any e-mail, post-it note, file, record, minutes from meetings, etc. is fair game, and must be held until such matters are cleared by legal council and the appropriate FDA individual.

Agreed. I think my prior suggestion within the context of this thread is not correct, and thus should be put in better context.

All I'm really saying is that before any investigation or notification of any kind, each organization should have a policy to address removing/archiving old files and e-mails.

The nano-second that any type of investigation is announced, anything and everything is frozen. Any e-mail, post-it note, file, record, minutes from meetings, etc. is fair game, and must be held until such matters are cleared by legal council and the appropriate FDA individual.

Just a note. It is almost impossible in a normal (unclassified, non-crypto) type environment to truly remove an email. It may be out of your email inbox, but due to things like server backups, multiple drive mapping, etc, deleted emails almost always lurk somewhere in the system.

Geoff Withnell

Just a note. It is almost impossible in a normal (unclassified, non-crypto) type environment to truly remove an email. It may be out of your email inbox, but due to things like server backups, multiple drive mapping, etc, deleted emails almost always lurk somewhere in the system.

Geoff Withnell
Correct. Also mail server logs will show that something went from person to person, even if you manage to get rid of the email text.

Those log entries could place one in the position of having to explain why certain emails were deleted while others from the same time period were kept.

:topic: (but maybe not)
Please note the difference in meaning among these homonyms


counsel
council
counsul

and choose carefully when you use one.

:topic: (but maybe not)
Please note the difference in meaning among these homonyms


counsel
council
counsul
and choose carefully when you use one.

Actually only the first two are homonyms. The third is correctly spelled "consul" and is pronounced differently.

Actually only the first two are homonyms. The third is correctly spelled "consul" and is pronounced differently.Done in by fat, fast fingers and slow, old eyes again!:lmao:
On the pronunciation - lots of slipshod stuff, depending on region and "persnicketyness" of one's teachers. I have heard several variations - just think of the variations in pronouncing the word "Chicago" which you can get by just walking down State Street and asking folks to pronounce it!

Done in by fat, fast fingers and slow, old eyes again!:lmao:
On the pronunciation - lots of slipshod stuff, depending on region and "persnicketyness" of one's teachers. I have heard several variations - just think of the variations in pronouncing the word "Chicago" which you can get by just walking down State Street and asking folks to pronounce it!

Yes, I know. I have many friends and aquaintances who call the storage bin between the front seats in a car a "council." Some of these also used to have "council" televisions.:tg:

I just call mine the "junk box":lmao:

I just call mine the "junk box":lmao:

The TV or the thing in the car?

The TV or the thing in the car?
Yes.

Sorry, couldn't help it.

hmmm, well the "council" in the car...but I guess the TV would fit also. :lmao:

Well.. I contacted some friends in the industry and they agreed. No more e-mails! Smoke signals are the way to go!:tg:

:topic:but, Brad, what if someone takes photos of your smoke signals and then archives them for future use against you?

:topic:but, Brad, what if someone takes photos of your smoke signals and then archives them for future use against you?
:lmao::lmao:

Plus, the residuals of the emissions from the smoke are also traceable! What to do?:mg: