欧盟《生产商符合欧盟防伪法令的GMP检查备忘录》（中英文）

Area of operations /items

项目

Questions/Show me

需要提问的问题/需要提供的资料

General

总体要求

Are  all prescriptions products manufactured at the site required to bear safety  features?

所有在工厂生产的处方产品是否需要具备安全特性？

Are  any products exempted under Annex I?

是否有产品根据附录1获得豁免？

Are  any OTC products required to bear safety features under Annex II?

是否有任何OTC产品根据附录2需要具备安全特性？

Are  there products with different requirements in different EU Member States  (e.g. prescription in certain MS & OTC in another)?

是否有不同欧盟成员国不同要求的产品(例如,某些 MS &OTC 中的产品)?

If  so, how is this handled?

如果是,如何处理?

Is  there a procedure or authorised listing available specifying which products  are within the scope of the DR and specific requirements in the different  Member States (if applicable)?

是否有规程或经批准的清单,具体说明哪些产品在DR的范围，以及不同成员国的具体要求(如适用)?

Review  deviation/non-conformance listings for any exceptional release of batches  without safety features, after the 9 February 2019. Check for  notification/authorisation by NCAs in this regard.

审核任何在 2019 年 2 月 9 日之后不具备安全特性的异常批次的偏差/不符合清单。检查NCAs在这方面的通知/授权。

Seek  clarification regarding any batches released prior to the 9 February 2019  bearing safety features. Has this data been uploaded?

请澄清 2019 年 2 月 9 日之前放行的任何包含安全特性的批次。这些数据上传了吗?

Are  products imported from India and certified at the site?

产品是从印度进口的,并在现场获得认证?

If  so, has the company notified its CMO in India of the requirements of the  Delegated Regulation and to request that the CMO seeks an exemption from the Indian  Authorities in relation to the Indian traceability system, so that these  Indian barcodes are no longer applied to packs exported to the EU?

如果是,公司是否通知其在印度的 CMO,要求 CMO 就印度可追溯性系统向印度当局申请豁免,以便不再应用这些印度条形码以包装出口到欧盟?

Connection  with the

Hub

与欧盟中心的连接

Who  is the On-Boarding Partner (OBP) and  where is this entity located?

谁是OBP以及此实体位于何处?

Show  me the agreement between the OBP and EMVO?

提供 OBP 与 EMVO之间的协议?

Where  the OBP is not the manufacturer, request to see the agreement/contract  between the manufacturer and OBP outlining responsibilities of the parties.

如果 OBP 不是制造商，提供制造商与 OBP 之间的协议/合同,概述各方的责任。

Are  the responsibilities regarding the UI/ATD stipulated in an agreement/contract  with the MAH?

是否在与MAH签订的协议/合同中规定有关 UI/ATD 的责任?

Do  the contracts cover at a minimum responsibilities for the following:

合同至少包括以下责任:

-  Management of Product Master Data in the Hub

欧盟中心中产品主数据的管理

-  The generation of SN’s

SN的生成

-  The upload of data into the hub

数据上传至中心

-  Status changes to UIs to Recalled, Stolen, etc.

状态变更为“已召回”、“被盗”等

-  The immediate investigation and communication of a suspected falsified pack, based  on an alert in the EMVS?

根据EMVS中的警报,立即调查和通报涉嫌伪造的包装。

Registration  with the NMVOs

在 NMVO 注册

Where  the manufacturer is also the MAH, has it registered with all relevant NMVOs?

如果制造商也是 MAH,是否已在所有相关的 NMVOs 上注册?

Data  Flow

数据流

How  does the batch data (serialisation numbers) get to the hub from the site of  manufacture?

批数据(序列化编号)如何从制造站点传送至中心?

Show  me the system description, data flow and interfaces with other systems?

提供系统描述、数据流和与其他系统的接口?

Data-flow  from:

数据流包括：

-  where the SN’s are generated

何处生成SN

-  to where the UIs are printed on the packaging-line

何处将UI打印至包装线上

-  to the hub where the UIs are uploaded

何处将UI上传至中心

Are  all entities involved identified along the chain of flow of data?

是否所有涉及的实体已沿着数据流链条确定?

Who  is the sites contracted serialisation partner?

谁是工厂签约的序列化合作伙伴

Show  me the ISO 27001 Information Security Management System Certificate of  Registration for this serialisation partner.

提供此序列化合作伙伴的 ISO 27001 信息安全管理系统的认证证书。

Is  the system a Cloud Based system and where are the servers located (e.g. US)?

系统是否为基于云的系统,服务器位于何处(例如美国)?

Has  an audit been carried out to assess the quality of the serialisation  partner’s quality management system and hosted cloud environment?

是否已对序列化合作伙伴进行审计以评估的质量管理体系和云环境的质量?

Is  there a Gateway Provider involved?

是否涉及网关提供程序?

If  yes, who is the gateway provider?

如果是,谁是网关提供商?

Has  this service provider been qualified?

此服务提供商是否已确认?

What  knowledge do you have about the service provider’s quality management system?

你对服务提供商的质量管理体系了解如何?

Has  a security audit/assessment been conducted?

是否已进行安全审计/评估?

Show  me the audit reports/assessment reports

提供审计报告/评估报告

Are  responsibilities defined in Quality/Technical Agreements/Contracts between  all relevant parties involved in the chain of data flow?

是否已在质量/技术协议/合同中明确所有涉及数据流链条的相关方之间的责任？

What  additional software has been installed at the site for the purpose of  serialisation and compliance with the DR?

为了序列化和符合 DR,现场还安装了哪些其他软件?

Where  there are interfaces between the company’s

serialisation  system and other systems (e.g. MES, ERP), do these other systems store or  transfer the data (e.g. PC, SN)?

如果公司的序列化系统与其他系统(例如 MES、ERP)之间存在接口,这些其他系统是否存储或传输数据(例如 PC、SN)?

Has  the software been validated, including any inter- connections (e.g. no  alteration to uploaded data: expiry date, capital letters vs. lower case etc.  )?

软件是否经过验证,包括任何相互连接(例如,对上传的数据不作任何更改:有效期、大写字母与小写等)?

Is  there a risk based audit trail review of the operations executed within the  serialisation system?

是否对序列化系统内执行的操作进行基于风险的审计追踪审核?

Generation  of Serial

Numbers (SNs)

序列码的产生

Where/by  whom are the SNs generated? Is there a Contract in place?

在哪里/谁生成了序列码？是否有合同？

Is  it generated by a deterministic or a non- deterministic randomisation  algorithm, in a way that the probability that the serial number can be  guessed shall be negligible and in any case lower than one in ten thousand?

它是由确定性或非确定性随机化算法生成的,可猜到序列号的概率可以忽略不计,并且在任何情况下都低于万分之一?

Is  the combination of the PC+SN unique until EXP+1Y or REL+5Y, whichever is the  longer period?

PC+SN 的组合在有效期后一年（ EXP+1Y）或五年（ REL=5Y）（以较长的周期为准）之前是否唯一?

Is  serialisation data received from other parties, e.g. CMO’s? If yes, how (e.g.  connection with the CMO’s system)?

是否从其他方(例如 CMO)接收序列化数据?如果是,如何接收？(例如：如何与 CMO 的系统连接)?

Has  the security of the connection been evaluated?

连接的安全性是否已评估?

Who  manages/controls the Product Master Data in the hub (e.g. creation of a new  product, changes to an existing product)?

谁管理/控制中心中的主数据(例如,创建新产品、对现有产品的更改)?

How  is it ensured that only Product Master Data from legitimate marketed packs is  uploaded?

如何确保仅上传合法销售包中的产品主数据?

(i.e.  once a company passes EMVO’s legitimacy check and gets access, how is that  company prevented from creating non-existing products in the system and  upload of SN’s for t his fake product, to enable distribution of falsified  product)

(例如,一旦公司通过 EMVO 的合法性检查并获得访问权限,该公司如何阻止在系统中创建不存在的产品并上传假冒产品SN )

Uploading  of

information  in the

repositories  system

在存储库系统中上传信息

At  what point in the batch release process is the data uploaded?

在批放行过程中的什么节点上传数据?

Is  the data sent to the serialisation partner’s server first and held for a  period or stored temporarily in the manufacturer’s/MAH’s cloud, prior to  upload to the hub?

在上传到数据中心之前，数据是否首先发送到序列化合作伙伴的服务器,并暂存一段时间或暂存在生产企业/MAH的云服务器中?

How  is the upload to the hub actually triggered?

如何触发上传到数据中心?

How  is it ensured that only the data for ‘good’ packs (suitable for release) is  uploaded to the hub?

如何确保只有"好的"包装(可放行)的数据上传到数据中心?

Is  the system designed in a way that no upload of data goes undetected/that any  upload of data requires approval (of the QP?) before actually sending it to  the hub?

系统的设计方式是否是：数据不会未经检测即上传/即任何数据上传都需要（经过QP）批准?

What  happens to the UIs which were generated but not used and UIs on packs ejected  from the line at the eject stations during packaging?

如何处理已生成但未使用的 UIs 和在包装过程被从生产线剔除的包装上的UIs?

Is  a verification of successful upload and distribution required to be obtained?

是否需要验证成功上传和分发?

Is  it verified whether the quantity of serial numbers successfully received by  the NMVS, corresponds to the quantity of serial numbers that was initially  intended to be uploaded (reconciliation of the number of SN’s)?

是否验证 NMVS 成功接收的序列码的数量是否与最初上传的序列码数量一致(SN 编码的物料平衡)?

Who  receives this and what action is required in the event of a failed upload?

谁收到此内容，上传失败时需要执行采取什么措施?

Does  the (successful) upload occur before or after batch certification by the QP?

(成功)上传是在 QP 的批放行之前还是之后?

Does  the (successful) upload happen before or after release to the market or for  export?

(成功)上传是在放行上市/放行出口之前还是之后?

Are  there procedures which describe these processes?

是否有描述这些流程的文件?

(Note:  The information laid down in Article 33(2) of Commission Delegated Regulation  (EU) 2016/161 needs to be present in the system at the time the batch is  released for sale and distribution)

(注:2016/161年《委员会委托条例》(EU)第33(2)条中规定，在放行销售和分销时，信息需要存在于系统中)

Packaging  Lines

包装线

Was  serialisation for EU implemented at the site under change control?

欧盟序列化在变更控制下实施吗?

Did  this change control process include identification of QMS documentation which  required update to incorporate safety features?

(e.g.  procedures for recall, quality defects, batch disposition, shipment,  distribution etc.; batch records, job descriptions for key personnel/QP,  technical/quality agreements)

此变更控制流程是否包括需要更新以纳入安全功能的 QMS 文件的标识?(例如召回程序、质量缺陷、批次处置、装运、分销等;批记录、关键人员/QP的岗位说明、技术/质量协议)

Are  both the 2D barcode and the ATD applied?

二维码和 ATD 都应用了吗?

In  the case of the ATD, get the company to demonstrate that if removed or  broken, this is evident visually from the pack.

ATD让公司可以从包装上明显的看出开封或损坏。

Is  stability data available?

(Tamper  evident nature should be proven throughout the shelf life of the pack)

稳定性数据是否可用?(在包装的效期内应开盒可留痕)

Which  packaging lines have capability for serialisation?

哪些包装生产线具有序列化功能?

Was  new equipment installed and was it qualified? (e.g. printers, cameras, reject  stations etc.).

新设备安装后是否经设备验证?(例如打印机、摄像头、剔除等)。

Review  change control, qualification documentation etc.

审核变更控制、设备确认文件等

Is  the UI printed on the packs online or are labels/stickers applied to packs  separately?

UI 是在线打印在包装上，还是将标签/标签分开贴在包装上?

Is  there 100% verification of the readability of the 2D barcode? How is this  done (e.g. on-line camera)?

二维码的可读性是否100%确认?这是如何做到的(例如在线摄像机)?

Is  there an on-line sensor to detect the presence of ATDs and is it challenged?

是否有在线探头来检测是否存在 ATD，是否有挑战?

Is  aggregation  implemented?

是否关联?

Explain  how (e.g. UI’s in 1 data-file. What happens with the data-file. How is  this protected/transferred in a secure way)?

说明如何关联(例如UI关联到 1个数据文件中，数据文件会发生什么情况。如何以安全的方式保护/传输?)

Composition  of the UI

UI的组成

Does  it consist of the required data elements?

它是否包括所需的数据元素?

-Product  code (max 50 letters or numbers),allowing the ID of the name & common  name of the product, pharmaceutical form, strength, pack size, pack type,  optional: info regarding reimbursement

Should  be printed on the pack, preceded by the letters PC

-产品代码(最多50个字母或数字)，允许产品名&产品通用名的的ID，产品剂型，规格，包装尺寸，包装形式。可选:有关报销的信息

应打印在包装上,前面是字母PC

-  Serial n° (max 20 letters or numbers)

Should  be printed on the pack preceded by the letters SN

序列码 n* (最多 20 个字母或数字)

应打印在包装上,前面有字母 SN

-  Expiry date

Should  be printed on the pack by EXP (Note: The word “EXP” is not in use in all  Member States. Country specific words may be used)

- 失效期

应使用失效期的形式在包装上打印(注:并非所有成员国都使用"EXP"一词)。可使用特定于国家/地区的词语)

-  Batch number

Should  be printed on the pack by LOT (Note: The word “LOT ” is not in use in all  Member States. Country specific words may be used)

- 批号

应按 LOT 在包装上打印(注:并非所有成员国都使用"LOT"一词)。可使用特定于国家/地区的词语)

How  is the PC managed in the quality system?

Who  is responsible for its generation/management? What is its format (e.g.  GTIN/NTIN)?

在质量系统中如何管理 PC?

谁负责它的生成/管理?是什么格式(例如GTIN/NTIN)?

Human-readable  format

人可读格式

Are  the following data elements on the packaging in human-readable format:

(a)  the product code

(b)  the serial number

(c)  the national reimbursement number, if required

The  batch number and expiry date should also be on the packaging in human  readable format.

包装上的以下数据元素是否为人可读格式:

(a)产品代码

(b)序列号

(c)国家报销号，如需

批号和失效期也应以人可读格式出现在包装上。

Quality  of the printing

of  the 2D barcode

二维码打印质量

Has  the manufacturer evaluated the quality of the printing by assessing the  following parameters:

(a)  the contrast between the light and dark parts

(b)  the uniformity of the reflectance of the light and dark parts

(c)  the axial non-uniformity

(d)  the grid non-uniformity

(e)  the unused error correction

(f)  the fixed pattern damage

(g)  the capacity of the reference decode algorithm to decode the Data Matrix.

生产企业通过评估以下参数来评估打印质量:

(a) 明暗部分之间的对比度

(b) 明暗部分反射的均匀性

(c) 轴向非均匀性

(d) 网格非均匀性

(e)未使用纠错

(f)固定模式损坏

(g)参考解码算法的容量解码数据矩阵。

How  was this performed?

If  a dedicated equipment is installed for this purpose, is it qualified, is it  included on the calibration/maintenance m

       文章来源：GMP办公室

       本网站刊载的所有内容，包括文字、图片、音频、视频、软件等，如非标注为“原创”，则相关版权归原作者所有，如原作者不愿意在本网站刊登相关内容，请及时通知本站，我们将第一时间予以删除。

曜分享

分享精彩资讯