Manual of Standard Operating Procedures and Policies

Regulatory - Communication

Use of Email for Regulatory Communications

SOPP 8119

Version #2

February 13, 2009
  1. Purpose
    2.

    The purpose of this SOPP is to describe the policies and procedures for the Center for Biologics Evaluation and Research (CBER) staff on the handling of regulatory electronic messages (emails). Regulatory emails may be either internal communications or messages received from or sent to sponsors/applicants.

    Outgoing emails can be used in place of telephone or fax communication to relay regulatory issues and requests for information. Regulatory letters are NOT sent via email.

    Internal emails may document a decision reached by a review committee or a decision regarding a regulatory submission.

  2. Definitions

    3. Regulatory Email

    A regulatory email is an electronic message received or sent by CBER as part of an investigational or marketing application or pre-application. A regulatory email may be a stand alone message or a message with an attached file.

    Secure Email

    A secure email is an electronic message with substantive information received or sent from a sponsor/applicant that has exchanged secure email certificates with FDA. Secure email certificates may include the entire corporate or organization structure of a sponsor/applicant or a subset of users. Secure email makes use of encryption during transmission; the messages are decrypted upon receipt using the certificate.

    Instructions on how to obtain a secure email certificate are included in Appendix 1.

    Administrative File

    Administrative file means the file or files containing all documents pertaining to a particular administrative action, including internal working memoranda, and recommendations. (21 CFR 10.3)

    Administrative Record

    Administrative record means the documents in the administrative file of a particular administrative action on which the Commissioner relies to support the action. (21 CFR 10.3). Administrative records include sponsor/applicant submissions, CBER/FDA generated documents, and CBER/FDA database records.

  3. Background
    4.

    Increasing overall review efficiency was a significant component of the Prescription Drug User Fee Act (PDUFA) at its inception. Additional efforts to increase review efficiency, including the Medical Device User Fee Modernization Act (MDUFMA), PDFUA reauthorizations, development of electronic submission infrastructure such as the CBER Electronic Document Room (EDR) and the Agency Electronic Submission Gateway (ESG), necessitate streamlining the review process. The FDA Amendment Act of 2007 (FDAAA) established performance goals for devices. In order to meet these new goals, FDA and regulated industry agreed that FDA should implement a formalized interactive review process to encourage and facilitate communication between FDA staff and industry during the review process. See Guidance to Industry: Interactive Review for Medical Device Submissions: 510(k)s, Original PMAs, PMA Supplements, Original BLAs and BLA Supplements.

    This streamlining in no way mitigates FDA’s responsibility to maintain a complete and accurate administrative file ensuring that all actions are appropriately documented. The Office of Chief Counsel (OCC), Food and Drug Administration (FDA) determined that emails are legal communications acceptable as regulatory documents upon which decisions can be made and transmitted. The OCC advised that CBER should follow the guidelines in 21 CFR 601.14.

  4. Policy

    5. A secure email account is not required for email communication. CBER staff should strongly encourage the sponsor/applicant to establish an FDA secure email account. A secure email account may be established by following the instructions in Appendix 1.

    Applicants or sponsors authorized to use secure email are listed in the EDR on the main screen, using the "Secure Partners" tab on the second line drop down list, near the top of the screen.

    Once secure email is established, the emails sent from your FDA email account to the applicant or sponsor will be encrypted and will not require additional configuration.

    A sponsor or applicant may authorize non-secure e-mail communication by a statement to that effect in the cover letter of a regulatory submission. The simple inclusion of an e-mail address in the letterhead, or elsewhere in the file, does not provide authorization for FDA to communicate by e-mail. Authorization to communicate via non-secure email must be agreed to by the sponsor/applicant and obtained in writing for each investigational or marketing submission.

    For all outgoing non-secure email CBER staff will include a signature block that includes name, organization address, and phone/fax numbers. CBER staff will use the following disclaimer:

    "THIS MESSAGE IS INTENDED ONLY FOR THE USE OF THE PARTY TO WHOM IT IS ADDRESSED AND MAY CONTAIN INFORMATION THAT IS PRIVILEGED, CONFIDENTIAL, AND PROTECTED FROM DISCLOSURE UNDER LAW. If you are not the addressee, or a person authorized to deliver the document to the addressee, you are hereby notified that any review, disclosure, dissemination, copying, or other action based on the content of this communication is not authorized. If you have received this document in error, please immediately notify the sender by e-mail or phone."

    All FDA generated email communication must meet the Department of Health and Human Services (HHS) requirements for accessibility (Section 508) (See Reference Section for additional information).

    Incoming regulatory emails and attachments

    Incoming emails will ordinarily contain responses to information requests or meeting requests related to specific existing investigational and marketing submissions, including pre-application submissions.

    It is CBER policy that incoming regulatory emails and attachments:

    1. Will be treated as official communications and will be entered into the administrative file and regulatory database if CBER either requests the email or the sponsor/applicant and CBER reached an agreement on the acceptance of the email as the official document.
      1. Emails received that were not requested or agreed to willnot be acknowledged as part of the administrative file for the submission. Regulatory decisions/actions will not be made on the basis of these types of emails. These emails are not tracked in CBER’s regulatory databases.
      2. Agreement by a sponsor/applicant to use either secure or non-secure email for a submission does not constitute an agreement to send emails without prior agreement with CBER.
      3. CBER staff will consider whether or not acceptance of the email will either start or stop a review clock.
      4. Amendments for guidance compliant electronic submissions (eCTD format and roadmap/.pdf based eBLAs and eINDs) MUST be submitted via the Gateway or on a CDrom through CBER’s Document Control Center (DCC).
    2. Will not be accepted by CBER in lieu of submitting a formal initial/ original investigational or marketing submission/supplement.
    3. Should be sent to the following CBER personnel who will be responsible for the further processing of incoming emails:
      1. the Regulatory Project Manager (RPM) or designee in the appropriate product Application Division, or
      2. the Division of Manufacturing and Product Quality (DMPQ) in the Office of Compliance and Biologics Quality (OCBQ) or
      3. Consumer Safety Officer (CSO) in the Advertising and Promotional Labeling Branch (APLB)/Division of Case Management (DCM/OCBQ), or the
      4. Regulatory Management Staff in the Office of Cellular, Tissue, and Gene Therapies (OCTGT).
    1. In order for an email to be documented as received on a specific date, the email must be received before 4:30 PM (16:30) EST on a regular business day. If the email is received after that time or on a non-business day, the receipt date will be the next business day. Exceptions may be made on a case by case basis.
    2. The emailed submission should be complete. All relevant information must be contained within the email, including responses to previous emails.
      1. If CBER receives an email or attachment that is incomplete or cannot be read, the sponsor/applicant will be notified by phone within one business day of receipt. An example of an incomplete email or one that cannot be read is an email that indicates an attachment, but the attachment is not there or the attachment cannot be opened.
      2. CBER and the sponsor/applicant will reach a decision on whether the email should be resent or should be submitted in hard copy.
    3. If an email contains an attachment, the email will be considered an amendment and processed as a non-guidance compliant electronic submission using the process outlined in DCC Procedure Guide #22.
    4. No compressed or Zip files will be allowed as email attachments.
    5. Submissions that would normally be sent via the Gateway or the electronic submission procedures should continue to use those procedures. Amendments for guidance compliant electronic submissions (eCTD format and roadmap/.pdf based eBLAs and eINDs) MUST be submitted via the Gateway or on a CDrom through CBER’s Document Control Center (DCC).

    Outgoing regulatory emails and attachments or internal emails and attachments

    1. CBER staff will send outgoing regulatory emails containing confidential or product information through secure email unless the sponsor/applicant agrees to non-secure communications (see above).
    2. CBER staff will usually avoid creating email strings when communicating information regarding regulatory applications, regulatory reviews and decisions. This includes internal email communications and emails sent to sponsor/applicants. This is further outlined in Responsibilities and Procedures under the Outgoing and Internal email sections.

  5. Responsibilities and Procedures
    6.

    Incoming Regulatory Emails

    1. When a sponsor/applicant is requesting to communicate with CBER via email the RPM must instruct the firm that:
      • Permission to use non-secure must be in writing. The RPM will obtain the authorization. The authorization will be for one specific submission (for example, STN 123456) and not for any or all submissions the sponsor/applicant may have in CBER.
        • This authorization will be forwarded to DCC and processed as an amendment to the file.
      • The email must be a complete submission. All relevant information must be contained within the email, including responses to previous emails. If CBER receives an email or attachment that is incomplete or cannot be read, the sponsor/applicant will be notified by phone within one business day of receipt. CBER and the sponsor/applicant will reach a decision on whether the email should be resent or should be submitted in hard copy.
      • The email should be sent only to the RPM in the appropriate product Application Division, DMPQ/OCBQ, or APLB/DCM/OCBQ or the Regulatory Management Staff in OCTGT to ensure records management integrity. However, if a CBER reviewer other than the RPM agrees with a sponsor/applicant to communicate via email, that person is responsible for notifying the RPM immediately of the decision.

     NOTE: If a sponsor/applicant sends an email to a reviewer rather than an RPM, then the CBER recipient is obligated to immediately forward the email to the RPM for processing and remind the sponsor/applicant that they should submit all emails to the appropriate RPM . If the CBER recipient does not notify the RPM, that person is responsible for ensuring administrative processing occurs.

    The RPM (or designee) receiving the email should, within two working days of receipt:

    • Review the incoming email and attachments to determine its acceptability as outlined in Section 4 of this SOPP.
    • Review the document and obtain concurrence from the chairperson or reviewers to determine what regulatory action is to be taken based on the content, e.g., resubmission, response to a clinical hold, meeting request, response to Complete Response Letter, requested information or revisions.
    • Determine the appropriate communication type for the email: telecon or letter. Emails will be entered as telecons only if the information would generally have been discussed in a telecon. Refer to SOPP 8104: Documentation of Telephone Contacts with Regulated Industry for additional information.
      • SOPP 8104 defines substantive as those telecons which add new information or change old information in a submission. All CBER requests for information are substantive teleconferences.
    • Enter the email in the appropriate database and identify the submission as an email.
    • Provide CBER’s Document Control Center (DCC) with a full electronic version of the email per DCC Procedure Guide #26.

    2. Follow-up hard copies:

    • Hard copies of documents emailed to CBER are not necessary and are discouraged.
    • If a firm decides to send in a hard copy once an email is received, the subsequent hard copy will be treated as a new submission, e.g., new amendment.

    Outgoing Regulatory Emails

    When an email is sent to a sponsor/applicant:

    • If the email’s author is not the RPM, the RPM will be included as a convenience copy (cc:) on the email. The sponsor/applicant should be informed to include the RPM on any responses or future emails.
    • The author is responsible for entering the data into the appropriate database and loading a copy into CBER’s EDR.
      • The outgoing email should be entered in the appropriate regulatory database. Enter the outgoing email based on the document type rather than “email,” for example, letter, memo, meeting minutes, etc.
      • Procedures for entering emails can be found in the User Guide/Data Dictionary for the appropriate regulatory database or the Common Communication Module (CCM).
    • The RPM is ultimately responsible for ensuring all communication is captured in the database and resides with the administrative file located in CBER’s EDR.
    • The email will not be followed up with a hard copy.
    • The email will be included in the administrative file as a CBER communication.
    • The date of the outgoing email and the date the action was taken should be the same. If there is a difference, use the date the action was taken when entering the communication in the appropriate regulatory database. For example, if an email is sent on March 1 (action date) but is not entered in the database until March 2, the March 1 date is used to document the communication.
    • In order to control email strings CBER staff will judiciously use the “Reply” or “Reply to All” functions when responding to internal emails.
    • If an email string is started, it should be broken if the string moves away from the original topic. Emails should not discuss more than one submission except in a few cases. These exceptions would include a Trans-BLA or a bundled submission, i.e., multiple submissions “bundled” consistent with MDUFMA provisions for bundling and the citing of precedents.
    • When filing an email string the date of the document must be the date of the last email. The author must confirm all relevant responses found in the email string are included prior to filing.
    • Each reply (not part of a string) to an email must be entered into the regulatory database and loaded into CBER’s EDR as a new record so that the email response stands independent of the originating email.
    • The email’s subject line will clearly define the topic addressed in the communication.
    • Emails must be sent from official FDA email accounts only.

    Internal Emails Related to Regulatory Actions

     Emails between FDA staff that capture regulatory actions or decisions are records and must be captured in the corresponding administrative file.

    • The author of the email will be responsible for ensuring the communication is entered in the correct regulatory database and loaded into CBER’s EDR.
    • The content of the email should be limited to one specific product or trans-BLA group for a Marketing submission and one specific sponsor for an Investigational submission.
    • All emails should be viewed as business correspondence and must maintain professional language and tone.
    • In order to control email strings CBER staff will judiciously use the “Reply” or “Reply to All” functions when responding to internal emails.
    • If an email string is started, it should be broken if the string moves away from the original topic. Emails should not discuss more than one submission except in a few cases. These exceptions would include a Trans-BLA or a bundled submission, i.e., multiple submissions “bundled” consistent with MDUFMA provisions for bundling and the citing of precedents.
    • When filing an email string the date of the document must be the date of the last email. The author must confirm all relevant responses found in the email string are included prior to filing.
    • Each reply (not part of a string) to an email must be entered into the regulatory database and loaded into CBER’s EDR as a new record so that the email response stands independent of the originating email.
    • The email’s subject line will clearly define the topic addressed in the communication.

  6. Appendices
    7.

    Appendix 1: Exchanging Certificates with the External Individual and FDA (PDF- 94 KB)
    Appendix 2: Lotus Instructions for Secure Email (PDF- 88 KB)

  7. References
    8.
  1. Effective Date

    2. February 13, 2009

  2. History
    3.

    Written/Revised Approved Approval Date Version Number Comment
    BPWG/RMCC R. A. Yetter, PhD February 11, 2009 2 Revised to include additional information on secure email
    Richard Thomas R. A. Yetter, PhD September 12, 2008 1 First issuance of this SOPP

 
Updated: February 13, 2009