Owner's Responsibilities Vol. 5 — Reading the vendor's QC/QA records | Owner's Responsibilities

Reading the vendor's QC/QA records

The deliverable arrives with a QC checksheet and a QA disposition report attached. There are signatures, dates, and a tidy column of "conforms" down the page. The owner glances at it, feels reassured, and pushes it into internal review. But is that record evidence of verification, or a form filled in to say verification happened? This installment is about the skill of reading a vendor's process records from the owner's seat. Without that skill, neither your intake flow nor your disposition decision holds up.

01Why reading records is the owner's job

Vol. 3 covered the intake flow and Vol. 4 the scope of verification at receipt. What we should have paused on there is the act of reading the records a vendor attaches. When you outsource production, you also outsource much of the verification to the vendor's QC (Quality Control) and QA (Quality Assurance). What reaches your desk is the deliverable itself plus a bundle of records that claim to back it up.

The common error here is mistaking "a record exists" for "verification happened." Reading a filled-in signature box as proof of verification is like reading a stamp on a delivery slip as proof the contents are correct. Responsibility for what reaches the market stays with the owner (see Vol. 2, Moral Responsibility). If so, refusing to take records at face value — distinguishing what a record guarantees from what it does not — becomes work the owner cannot outsource.

Principle: A record is evidence of verification, not a substitute for it. A record you cannot read leaves the owner exposed as if no record existed.

02QC records and QA records are different things

Separate the character of the two records first. Conflate them and you will feel you checked both after reading only one.

Dimension	QC record (checksheet)	QA record (disposition)
Question	Was the piece built to spec?	Was the process sound, and may it ship?
Object	Each deliverable element (copy, figures, citations, efficacy claims)	QC execution, deviation handling, overall conformity
Performed by	A checker separate from the creator	A QA function independent of production and QC
What the owner reads	Coverage of items and the basis for each judgment	Independence, deviation handling, logic of the call

QC is "checking what was built"; QA is "assuring the process and deciding fitness to ship." Before pushing to internal review, the owner looks for traces that both layers actually functioned. A thick QC sheet topped by a one-line QA "no issues" is not a two-layer structure. The vendor's quality system itself is the subject of the sister series Production Quality Management; the owner needs only enough resolution to read its output.

03Telling formal records from substantive verification

This is the most practical point. Records come in two kinds: substantive records that transcribe a verification that happened, and formal records produced to claim it happened. The latter is harder to spot the tidier it looks.

Signs of a formal record

Every item uniformly "conforms," all comment fields blank. Check date identical to production completion date (no time to actually compare). The citation field says only "confirmed," with no reference to which version or page of the approved information was consulted. Zero deviation or finding history — improbable that a human review surfaces nothing.

Signs of substantive verification

A trail of findings and corrections; first draft to revision diffs are traceable. Each efficacy and dosage claim ties to the relevant location (version, page, section) of the approved information. Several small findings like "minor wording fix." A note, even one line, of where the checker hesitated and how it was resolved.

The keys are "linkage to a basis" and "traces of friction." When verification really occurs, it bumps into something and small corrections appear. A flawless, frictionless record is itself grounds to suspect the absence of verification.

04Checklist for assessing sufficiency

When you receive the records, assess whether the record itself is sufficient before tracing the substance item by item. Apply a fixed set of questions every time.

Independence — Are the QC and QA roles distinct from the creator? Are signatures all from one person or one team?
Traceability — Does each judgment tie to a source (approved information, package insert, the MSA guidelines, the advertising standards clause)?
Coverage — Are efficacy, dosage, safety information, citations, comparative claims, figure/graph alteration, and audience (HCP-directed?) all present as items?
Norm references — Are Act §66 (exaggeration), §68 (pre-approval), §68-2 (the duty of effort on information provision), the advertising standards, the MSA guidelines, and the JPMA Code cited by specific clause, not abstract name?
Deviation handling — Where a finding arose, does a correction and re-check follow? If findings are zero, question that separately.
Version control — Does the version the record covers match the final delivered version (no QC record from an old version reused for a new one)?

Principle: Sufficiency assessment precedes substance verification. If the record is insufficient, return it before reading the content. A judgment built on an insufficient record has no foundation.

05Flagging the gaps — the usual blanks

A record's weakness shows in what is not written more than in what is. The owner hunts not for empty cells but for "fields that should exist and don't." The frequent gaps:

Often-missing item	Why it matters	The owner's question
Citation version and page	A revision of the approved information can make wording improper	Which version was used? Is it current?
Check against approved indication scope	Suggesting an unapproved use touches §68	Where is the field comparing against scope?
Basis for comparative/superiority claims	Unsupported superiority is exaggeration (§66) and a guideline breach	Were the source and statistical support checked?
Validity of audience limitation	HCP-directed material reaching the general public	Was channel-audience consistency reviewed?
Alteration history of figures/graphs	Truncated or emphasized axes can manipulate impression	Was processing from raw data verified?

When you find a gap, treat it not as "the vendor's mistake" but as "an unverified area the owner needs to know about now." Flagging gaps is not for blame; it is the work of filling the blanks before the piece enters internal review.

06How to read the QA disposition

The QA disposition sits at the top of the records. Here the vendor declares "fit to ship." The owner reads the logic of that declaration — not just the conclusion, but the path to it.

Disposition categories — Just "conforms," or are there "conditional" and "non-conforming, re-judge after correction"? A disposition with a single category likely lacks a criterion for failing anything.
Deviation handling — Are QC findings consolidated here with each resolution state stated? Is it "fit to ship" with unresolved findings still open?
Who judged — Is the signer different from the QC performer? Is the judge's scope of authority (what they stand behind) stated?
Reservations — Are caveats like "X to be finally confirmed by the owner" written in? A blanket guarantee with zero reservations actually blurs the boundary.

The point of the read is whether the disposition is "a boundary line of who guaranteed how far" rather than "a declaration of infallibility." A disposition with a clear line tells the owner what to check next. A line-less "all fine" leaves the guaranteed scope unreadable, and the owner ends up carrying everything.

07Criteria for sending records back

What do you do when reading shows the record is insufficient? Accept it vaguely and the defect slips straight through internal review into the market. Fix the return decision as categories in advance.

State of the record	Disposition	Owner's action
Sufficient, traceable, deviations handled	Accept	Proceed to substance verification; attach to internal review
Some gaps but the deliverable itself is checkable	Conditional accept	Ask the vendor to complete the gaps; finalize after
Signs of a formal record; no linkage to basis	Return	Require re-running QC/QA and rebuilding the record
Disposition logic broken (ships with open findings)	Return	Demand explanation of the basis; do not advance until resolved

A return is not an act that breaks the relationship. The more the criteria are shared in writing, the easier it is for the vendor to meet the bar from the start. Compromising case by case while leaving criteria vague is what erodes quality over time. The return decision and how to record it are covered in Vol. 6 (in preparation).

08Handing records to internal review

The records the owner has read pass on to internal material review. So the owner's reading does not end as a one-off, shape the handoff. Put the reviewer in a position to distinguish "what the vendor checked," "what the owner confirmed," and "what review still needs to see."

Intake summary — The sufficiency assessment result (accept / conditional / return history) on one page.
Stated unverified areas — Items missing from the vendor record and their completion status, so review can focus there.
Norm mapping — A table mapping key claims to cited clauses (§66/§68/§68-2, advertising standards, MSA guidelines, JPMA Code). Misassigning clauses is a source of incidents in review too, so fix it here.
Carry over the disposition's reservations — Convert points the vendor marked "owner to finally confirm" into review checklist items.

Reading records is not about policing the vendor. It is the work of keeping the chain of verification unbroken and handing it to internal review, so the owner discharges responsibility for what reaches the market. Passing an unreadable record straight through produces the same result as abdicating that responsibility.

Key Points ── three to carry home

A record existing and verification happening are different. The owner separates substantive verification from formal records by "linkage to a basis" and "traces of friction" (findings and corrections).
Read QC (checking the deliverable) and QA (process assurance and ship/no-ship) separately. Read the disposition not as a claim of infallibility but as "a line of who guaranteed how far."
Keep the order sufficiency assessment then substance verification; return insufficient records before reading content. Hand the result to internal review as an intake summary, stated unverified areas, and a norm mapping.

Sources and references

MHLW, Guidelines for Sales Information Provision Activities for Prescription Drugs, 2018 (effective 2019). (Basis for recording, monitoring, and review of information-provision activities)
MHLW, Standards for Fair Advertising of Drugs and Medical Devices (2017 revision). (Criteria for efficacy, comparative, and exaggerated claims)
Act on Pharmaceuticals and Medical Devices, §66 / §68 / §68-2. (Exaggerated advertising / pre-approval advertising / duty of effort on information provision)
JPMA, Code of Practice, current edition. (Member self-regulation and where responsibility for materials sits)
JPMA, Guidelines for Preparing Promotional Printed Materials. (Practical standards for creating and checking materials)
Arai, I. et al., Practice of Pharmaceutical Quality Assurance and GQP, Jiho. (Thinking on quality assurance, ship disposition, and record review)
ISO 9001:2015, Quality Management Systems. (General principles on control of externally provided processes and evidential value of records)

← Back to Owner's Responsibilities