Common EudraVigilance Inspection Findings

Introduction

EudraVigilance-related activities are routinely reviewed during pharmacovigilance inspections.

Inspectors recognise that EudraVigilance sits at the centre of many critical pharmacovigilance processes, including:

• Adverse event reporting
• Signal management
• Literature monitoring
• Product data management
• Regulatory compliance monitoring

As a result, deficiencies affecting EudraVigilance frequently attract regulatory attention.

Importantly, inspectors are rarely interested only in whether reports were submitted.

They are typically evaluating whether the wider governance system is functioning effectively.

For QPPVs, understanding common inspection findings can help identify weaknesses before they become inspection observations.

How Inspectors Review EudraVigilance Activities

Inspection review commonly includes:

• Reporting compliance
• Submission timeliness
• Acknowledgement management
• Reconciliation activities
• Signal detection processes
• Access governance
• Vendor oversight
• Deviation management
• CAPA effectiveness

Inspectors often trace individual activities from source documentation through to EudraVigilance records.

This allows them to assess whether processes operate effectively in practice.

Finding Category 1: Late Reporting

Late reporting remains one of the most common EudraVigilance findings.

Examples may include:

• Serious cases submitted after regulatory timelines
• Follow-up information submitted late
• Delayed literature cases
• Delayed processing of downloaded cases

Late reporting may indicate:

• Resource constraints
• Process weaknesses
• Poor oversight
• Training deficiencies

Because reporting timelines are objectively measurable, late reporting findings are often difficult to defend.

Finding Category 2: Failure to Monitor Acknowledgements

A common misconception is that successful transmission equals successful reporting.

In reality, EudraVigilance performs validation checks after submission.

Reports may be:

• Accepted
• Rejected
• Accepted with warnings

Inspectors frequently identify situations where:

• Acknowledgements are not reviewed
• Rejections are not investigated
• Failed submissions remain unresolved

This may result in reports never entering the regulatory database.

Finding Category 3: Weak Reconciliation Processes

Reconciliation activities help ensure that:

• Submitted reports were accepted
• Downloaded reports were processed
• Data remain complete

Observed deficiencies may include:

• Missing reconciliation procedures
• Infrequent reconciliations
• Unresolved discrepancies
• Poor documentation

Inspectors generally expect organisations to demonstrate systematic reconciliation activities.

Finding Category 4: Inadequate Signal Management Oversight

Signal management increasingly receives regulatory attention.

Inspectors may review:

• EVDAS outputs
• Signal review records
• Escalation decisions
• Governance structures

Common deficiencies include:

• Failure to review outputs
• Missing documentation
• Unclear responsibilities
• Delayed assessments

For additional information see:

[[evdas-and-signal-detection]]

Finding Category 5: Access Governance Deficiencies

Access management findings remain common.

Examples include:

• Inactive users retaining access
• Missing access reviews
• Excessive permissions
• Shared accounts
• Poor documentation

Inspectors often consider access governance a component of pharmacovigilance system control rather than merely an IT responsibility.

Finding Category 6: Vendor Oversight Failures

Many EudraVigilance-related activities are outsourced.

Examples include:

• Case processing
• Reporting
• Literature surveillance
• Signal management

Observed deficiencies may include:

• Poor oversight
• Missing metrics
• Weak governance
• Inadequate performance monitoring

Outsourcing activities does not transfer accountability.

For additional information see:

[[vendor-oversight]]

Finding Category 7: Inadequate Deviation Management

Significant EudraVigilance issues should be investigated appropriately.

Common deficiencies include:

• Missing investigations
• Poor root cause analysis
• Repeated deviations
• Weak CAPAs

Inspectors often focus on whether organisations learn from failures and prevent recurrence.

Finding Category 8: Poor Documentation

Documentation deficiencies frequently amplify other findings.

Examples include:

• Missing evidence of review
• Incomplete records
• Poor traceability
• Inconsistent documentation

Inspectors generally place substantial emphasis on documented evidence.

If an activity cannot be demonstrated, inspectors may conclude that it did not occur.

Finding Category 9: Weak QPPV Oversight

The QPPV is not expected to perform every operational activity.

However, inspectors commonly assess whether the QPPV maintains sufficient oversight of:

• Reporting compliance
• Signal management
• Compliance risks
• Escalations
• Significant deviations

Common observations include:

• Limited visibility of metrics
• Inadequate escalation pathways
• Delayed awareness of compliance issues

For additional information see:

[[qppv-responsibilities]]

Root Causes Behind EudraVigilance Findings

Although findings may appear diverse, root causes are often similar.

Common themes include:

• Insufficient resources
• Weak governance
• Poor procedural design
• Inadequate training
• Lack of monitoring
• Incomplete oversight

Addressing root causes is generally more effective than addressing individual findings in isolation.

CAPAs Following Inspection Findings

Following inspection observations, organisations typically implement CAPAs.

Examples may include:

• Procedure updates
• Additional training
• Enhanced monitoring
• Governance improvements
• System enhancements
• Additional reconciliation controls

Effective CAPAs should address both immediate deficiencies and underlying causes.

For additional information see:

[[what-is-capa-in-pharmacovigilance]]

Inspection Readiness Considerations

Inspection readiness should be maintained continuously rather than only before inspections.

Good practices commonly include:

• Routine compliance monitoring
• Metric review
• Governance meetings
• Access reviews
• Reconciliation activities
• Internal audits

These activities help identify issues before regulators do.

For additional information see:

[[inspection-readiness]]

What Inspectors Usually Want to See

Inspectors generally seek evidence demonstrating:

• Effective reporting compliance
• Active governance
• Appropriate oversight
• Timely issue escalation
• Effective CAPAs
• Sustainable controls

Perfect metrics are rarely expected.

Effective control of the pharmacovigilance system is.

Key Takeaways

• EudraVigilance activities are routinely reviewed during inspections.
• Reporting compliance remains a major inspection focus.
• Acknowledgement management and reconciliation activities are frequently assessed.
• Signal management oversight receives increasing regulatory attention.
• Access governance deficiencies remain common findings.
• QPPVs are expected to maintain visibility of significant compliance risks.
• Strong governance often prevents operational issues from becoming inspection findings.

References

1. EMA Good Pharmacovigilance Practices (GVP) Module III – Pharmacovigilance Inspections.
2. EMA Good Pharmacovigilance Practices (GVP) Module I – Pharmacovigilance Systems and Their Quality Systems.
3. EMA Good Pharmacovigilance Practices (GVP) Module VI – Collection, Management and Submission of Reports of Suspected Adverse Reactions.
4. EMA Good Pharmacovigilance Practices (GVP) Module IX – Signal Management.
5. Regulation (EC) No 726/2004.
6. Directive 2001/83/EC.
7. Commission Implementing Regulation (EU) No 520/2012.