An efficient deviation handling system, should implement a mechanism to discriminate events based on their relevance and to objectively categorize them, concentrating resources and efforts in good quality investigations of the root causes of relevant deviations.

A procedure is usually mandated by the quality department for managing deviations.

It should include the following information:

Who will issue the deviation?

It is customary that the department manager reports the deviation back to the quality assurance department. If the department manager is unavailable, the next highest ranking employee in the department would issue the deviation in his/her place.

Who will handle the deviation?

A multidisciplinary team of quality assurance experts handle deviations. The point is a deviation can occur in any part of the business and can result in diverse types of deviation.
As a result, the sum of experiences of a multidisciplinary team is much needed to guide the process.

Allowed time to report a deviation

The procedure must specify the allowed delay in reporting a deviation.

The rule of thumb is to report a deviation as soon as it happens to ensure that it doesn’t evolve into a bigger issue than it already is.

Allowed delays might reach 2 – 4 hours but never more than time equivalent to a working shift. Some quality management system uses this feature as an indicator of the system’s agility.

An agile system insures a fast and preventive reaction to unanticipated events.

Needed information in deviation description

When issuing the deviation, details of the deviation such as name of the deviation observer, time of the observation, initial reaction to the deviation, possible causes, and details of the procedure or standard deviated are included in the description of the deviation.

Detailing the description of the deviation is specially challenging and can even become tedious. But no matter how unpleasant it might be, a detailed description is the most crucial step in the deviation management sequence.

Deviation entry and sequencing

It is preferred to have a complete list of recorded deviations. This list is crucial to an easy and effective review of deviations and will help in audit purposes both internal and external.

This is another task that poses a challenge to quality assurance and includes a huge amount of data entry.

Deviation lists must contain all the essential data recovered during deviation handling such as the deviation source, date, time, brief description, and even in some cases the corrective and preventive actions taken.

Also, a sequential numbering of deviations helps the quality assurance department track the amount of deviations reported on a timely basis.

The sequential number is either given through an automatic system or manually based on the deviation list mentioned above.

The format of the sequential number is flexible and the quality assurance department usually sets a specific set of numbers and letters for deviation numbering.

Categorization of deviation

In order to prioritize deviation and increase the quality assurance department’s efficiency in handling deviation, a risk based categorization of submitted deviation is recommended.

Risk based categorization include rating deviation according to their effect on the quality of the product.

There are four main categories that I would suggest: Incident, Minor, Major, and Critical.

Incident

A deviation categorized as an incident had no direct effect on product quality and in no way contradicts or omits its quality attributes and specification. As a part of risk assessment of incident deviations, the following questions might be asked: can the deviation affect the product’s quality, manufacturing operational parameter, or product quality? And can the deviation omit or contradict product’s specification? If the answer is NO to both question, then the deviation can be categorized as an incident.

Minor

The difference between a minor deviation and an incident, is that the minor deviation actually affects an equipment or a utility function that didn’t have a direct effect on the products quality. When asking the above questions mentioned in incident deviations, no clear answer is given and most likely a debate and difference of opinion is demonstrated.

Major

This is the type of deviations which affects quality attributes, specifications, or critical process parameters of the manufacturing process. Major deviations are a priority and must be handled in the utmost speed and urgency. The quality assurance usually calls for a quick meeting with concerned departments in order to solve such deviations. When asking the questions above, at least one of them will be answered with a YES in this category.

Critical

It is just like a major deviation with one important difference, the deviation would have a direct impact on patient’s health, personnel safety or environmental effect.
In any of the above cases, the deviation is considered critical and is prioritized over the rest of the deviations.

Critical deviations can indicate a weakness in the validation of the production processes. A reasonable approach would be to redo the risk assessment of the department or section which generated the root cause of the deviation and see if it needs to be revalidated or perform additional testing.

A well-established pharmaceutical quality management system must have a minimum amount of critical deviations.

A good indication is having less than 3 critical deviations for every 100 deviations reported to the quality assurance department.