Human Error: Corrective and Preventive Action

Whenever an error event occurs, corrective and preventive actions (CAPA) must be developed to make an organization’s systems stronger. A company will create systems to detect similar future errors or events, which will serve as the alarm that triggers corrective action and recovery.

CAPA procedures should describe what the data sources are, how data is collected, as well as by whom, when and how it is routed to the CAPA system. Procedures can be conducted manually or electronically; there can be separate procedures for collecting data and for evaluating the root cause. The sources of information will vary, but at some point, all of the data with the results of the investigation must flow into CAPA. Then, recommended and approved actions can be taken and implementation and verification of those actions can be documented and tracked.

Information for CAPA comes from internal and external feedback sources. Sometimes what is internal and what is external is an arbitrary division. The main thing is to make sure that nothing is missed.

Internal sources include:

• Inspection test data, in-process data, final inspection test information, quality assurance unit inspection findings, scrap and yield rates and process control data. Internal feedback sources can be anything that is routinely tested as well as environmental control data and data regarding scraps and defect rates.
• Incoming inspection data collected relative to the part number, a supplier, a batch or a lot number. Although they might be relative to products that come in from the outside, these things are also parts of the internal data sources. Internal audits, equipment maintenance, and calibration data can also be valuable in understanding processes.
• Various reports and records that are generated during manufacturing, packaging, labeling and employee training.

External feedback can come from several different places, including:

• The FDA gets complaints from consumers and employees through various systems like MedWatch, MDR, drug adverse event reports, and field service reports relative to products, product returns, and journal articles.
• Legal claims, warranty issues and claims, regulatory audits and client audits. Companies sometimes forget legal claims and warranty claims. These are handled in a slightly different way than a normal complaint or problem would be.