When you buy a pill, an inhaler, or a sterile injection, you assume it’s safe. But behind that assumption is a complex web of inspections, records, and rules that manufacturers must follow - and that the FDA has the right to check. FDA inspection records aren’t secret. They’re the backbone of drug safety in the U.S. But knowing what’s accessible, what’s protected, and how to prepare for an inspection can mean the difference between a clean report and a shutdown.
What the FDA Can and Can’t See
The FDA doesn’t get to look at everything. Under Compliance Policy Guide (CPG) Sec. 130.300, internal quality audit reports - the kind companies use to find their own mistakes - are generally off-limits. This isn’t a loophole. It’s intentional. The idea is to let manufacturers be honest with themselves. If every internal flaw became public, companies might stop doing honest audits altogether.
But here’s the catch: if an audit uncovers a real problem - say, a batch of pills with wrong dosage - and the company investigates it, that investigation report? That’s fair game. The FDA can and will demand to see it. The line isn’t between internal and external. It’s between preventive audits and reactive investigations. One is protected. The other is mandatory.
Think of it like this: your car’s maintenance log is private. But if your car fails a safety check because the brakes were worn, and you tried to fix it yourself, the mechanic will want to see your repair notes. The FDA treats quality records the same way.
What Records Are Always Open for Inspection
Manufacturers must keep a long list of records ready - and they must be real-time. No backdating. No guessing. The FDA requires contemporaneous documentation. That means if you made a batch on Tuesday, your records should reflect that on Tuesday, not Friday.
Here’s what the FDA can demand at any moment:
- Production and control records for every batch
- Validation protocols for equipment and processes
- Deviation reports - when something went wrong during production
- Corrective and Preventive Action (CAPA) logs
- Complaint files and product recall records
- Training records for all staff handling product
These aren’t suggestions. They’re required under 21 CFR 211.180 for drugs and 21 CFR 820.180 for medical devices. For drugs, records must be kept for at least one year after the expiration date. For devices, they must be kept for the life of the product plus two years. If you can’t produce them, you’re in violation - even if the product itself is fine.
FDA Inspection Types: Routine vs. For-Cause
Not all inspections are the same. In 2024, about 75% of pharmaceutical inspections were routine surveillance checks. These are scheduled. The company knows they’re coming. The FDA sticks to the standard checklist: production logs, cleaning procedures, equipment calibration records.
Then there are “for-cause” inspections. These make up about 18% of inspections and are triggered by complaints, adverse events, or whistleblower tips. In these cases, the FDA drops the usual rules. They can demand internal audit reports, emails between quality teams, and even draft versions of CAPA plans. No protections apply.
And now, foreign facilities are under even more pressure. In 2023, only 12% of inspections at overseas plants were unannounced. By the end of 2025, that number will jump to 35%. The FDA is no longer waiting for permission to show up. They’re coming without notice - and they expect you to be ready.
What Happens When the FDA Finds Something Wrong
If inspectors spot issues, they leave with Form FDA 483 - the Notice of Inspectional Observations. This isn’t a fine. It’s a list of problems. Each item is specific: “Batch #B7721 lacked final weight verification,” or “Training records for Line 3 were not updated since 2022.”
Companies have exactly 15 business days to respond. No extensions. No excuses. The response isn’t just an apology. It needs a root cause analysis, a correction plan, and a prevention plan. The FDA tracks how well companies do this. Those who follow the official root cause methodology close 89% of their 483s within six months. Those who rush? Only 62% get resolved.
And if you ignore the 483? The FDA can issue a warning letter. In Q1 2025, warning letters for inspection denials or delays rose 17% compared to the same period last year. That’s not a coincidence. The FDA is cracking down.
Remote Inspections Are Changing the Game
In July 2025, the FDA finalized its guidance on Remote Regulatory Assessments (RRAs). These aren’t inspections. They’re virtual reviews. The FDA can ask for read-only access to your digital quality system. They can ask for video tours of your facility. They can review electronic records without ever stepping foot on your property.
RRAs don’t generate Form 483s. But they’re becoming a gatekeeper. If you fail an RRA, you’re more likely to get a full, unannounced physical inspection next. And 73% of Fortune 500 pharma companies have already upgraded their systems to be RRA-ready. If you haven’t, you’re falling behind.
Companies using RRAs report 65% less production downtime during inspections. Why? Because they’ve already cleaned up their digital records. No last-minute scrambling. No missing files. Just a clean, searchable system.
How Companies Prepare - And Why It Costs So Much
Preparing for an FDA inspection isn’t a one-day task. It’s a full-time job. The average company spends $385,000 a year just on inspection readiness. That includes hiring staff, training, software, audits, and consultants.
Many now have dedicated inspection readiness teams. These aren’t quality managers doing it on the side. They’re specialists who live and breathe 21 CFR Part 211 and 820. New hires take 6 to 9 months to get up to speed. Certification through RAPS (Regulatory Affairs Professionals Society) improves readiness by 37%, according to 2024 data.
One of the biggest headaches? Knowing what to share. A 2024 survey of 215 quality professionals found that 41% had received conflicting guidance from different FDA district offices. One inspector says internal audits are protected. Another says they want everything. That inconsistency forces companies to over-disclose - just to be safe. And that’s risky. Sharing protected records can weaken your legal position if you’re ever challenged.
The Bigger Picture: Why Transparency Matters
There’s a political push to make inspection reports public. The 2024 Pharmaceutical Supply Chain Transparency Act proposed forcing manufacturers to release certain findings. The drug industry fought back, arguing it would kill honest internal audits. The FDA agrees - for now. They want transparency, but not at the cost of safety.
Still, the message is clear: if you’re not ready, you’re at risk. The FDA isn’t just checking boxes. They’re watching for patterns. A single deviation might be an accident. Ten deviations across three batches? That’s a system failure. And they’re getting better at spotting them.
Manufacturing transparency isn’t about being perfect. It’s about being honest, organized, and ready. The records you keep today determine whether you’re still in business tomorrow.
What You Need to Do Right Now
If you work in manufacturing, here’s what to do:
- Separate your internal audit reports from your investigation records. Use different folders, different systems, different access controls.
- Make sure every record is dated and signed at the time of the activity. No backdating.
- Train your team on what’s protected and what’s not. Confusion leads to mistakes.
- Review your CAPA process. Can you trace every problem to its root cause? Can you prove you fixed it?
- Start preparing for remote assessments. Update your digital systems. Make sure your quality data is searchable and exportable.
- Know your deadlines. 15 business days to respond to a Form 483. No grace period.
The FDA doesn’t want to shut you down. They want you to make safe products. But if you’re not ready to show them how, they’ll find a way to make you.
Can the FDA inspect my facility without warning?
Yes, especially for foreign facilities. As of 2025, the FDA plans to conduct unannounced inspections at 35% of overseas manufacturing sites - up from 12% in 2023. Domestic facilities are still mostly scheduled, but for-cause inspections can happen without notice at any time.
What’s the difference between a Form 483 and a warning letter?
A Form 483 lists observations - issues the inspector noticed during the visit. It’s not a penalty. A warning letter is the next step if the company doesn’t respond adequately within 15 business days. Warning letters are public, can trigger import alerts, and may lead to legal action.
Are internal quality audits protected from FDA review?
Generally, yes - under CPG Sec. 130.300. But only if they’re part of a written quality assurance program and used to improve systems, not to cover up failures. If an internal audit leads to a formal investigation of a product defect, that investigation record is fully accessible to the FDA.
How long do I need to keep manufacturing records?
For pharmaceuticals, keep records for at least one year after the product’s expiration date. For medical devices, keep them for the device’s lifespan plus two years. These are minimums under 21 CFR 211.180 and 820.180. Many companies keep them longer for internal audits or litigation protection.
Can the FDA inspect my digital quality system remotely?
Yes. Since July 2025, the FDA has formal guidance for Remote Regulatory Assessments (RRAs). These allow inspectors to request access to electronic records, conduct virtual tours, and review data without visiting your facility. RRAs don’t result in Form 483s, but failing one can trigger a physical inspection.
What happens if I refuse an FDA inspection?
Refusing or delaying an inspection is a violation of Section 301(f) of the FD&C Act. The FDA can issue a warning letter, block imports, or even pursue criminal charges. In Q1 2025, warning letters for inspection denials rose 17% year-over-year, showing the agency is actively enforcing this rule.
Scott Butler
December 15, 2025 AT 08:49The FDA’s got no business even looking at our records. This isn’t China. We’re not some third-world factory farm. If you want to make pills, you earn the right to keep your internal stuff private. They’re just using ‘transparency’ as an excuse to bully American manufacturers into submission. This is regulatory overreach dressed up as safety.
Emma Sbarge
December 16, 2025 AT 17:42They’re right about the CAPA logs and batch records - those need to be airtight. But the real problem? Companies treat compliance like a checklist, not a culture. I’ve seen labs where people backdate logs because they’re too lazy to log in real time. That’s not the FDA’s fault. That’s corporate laziness. Fix your house before complaining about the inspector knocking.
Deborah Andrich
December 17, 2025 AT 16:10I’ve worked in pharma for 22 years and I’ve seen inspectors come in with a smile and leave with a 483 because someone forgot to initial a form. It’s not about punishment - it’s about making sure no one gets sick because someone didn’t write down what they did. I get why companies hate it. But if your product saves lives, you owe it to the people who take it to be organized. No one’s asking you to be perfect. Just honest.
Rawlson King
December 18, 2025 AT 06:55Let’s be real - the FDA doesn’t care about safety. They care about control. They’ve got 12 regional offices that contradict each other. One says internal audits are protected. Another says ‘send us everything.’ That’s not regulation. That’s chaos. And companies are paying millions just to play whack-a-mole with inspectors who don’t even know the rules they’re enforcing.
Yatendra S
December 18, 2025 AT 11:16🤔 The FDA’s obsession with records is a mirror of our society’s addiction to documentation over truth. We’ve turned human responsibility into a spreadsheet. The real question isn’t ‘what’s on the form?’ - it’s ‘why did we stop trusting people to do the right thing?’
Himmat Singh
December 19, 2025 AT 08:33It is of paramount importance to note that the regulatory framework governing pharmaceutical manufacturing is codified under Title 21 of the Code of Federal Regulations, specifically Sections 211.180 and 820.180. Any deviation from contemporaneous documentation constitutes a material breach of Good Manufacturing Practices and may result in the imposition of administrative sanctions under Section 301(f) of the Federal Food, Drug, and Cosmetic Act. The agency's authority is neither arbitrary nor capricious.
kevin moranga
December 20, 2025 AT 21:33Man, I used to think this stuff was boring - until my cousin’s kid got sick from a contaminated generic. Turned out the company had skipped cleaning validation because ‘it was fine last time.’ That’s not negligence - that’s gambling with lives. The FDA’s not the enemy. The enemy is the guy who thinks ‘we’re good enough’ when the stakes are someone’s life. You wanna save money? Train your team. Use digital systems. Get certified. It’s not expensive - it’s cheaper than a lawsuit, a recall, or a funeral.
Jamie Clark
December 21, 2025 AT 05:53Transparency is a myth. The FDA doesn’t want transparency - they want control. They’ll take your internal audits, your emails, your drafts, your Slack messages. And if you don’t comply, they’ll shut you down. This isn’t about safety. It’s about power. And the people who benefit? The big pharma giants who can afford 20 compliance officers. The small guys? They’re just collateral damage in a bureaucracy that’s lost its soul.
Keasha Trawick
December 22, 2025 AT 02:50Let me tell you - I’ve seen a Form 483 that looked like a horror movie script. ‘Batch #B7721: Final weight verification not performed. Training records for Line 3: 2022. CAPA #144: ‘Investigation pending’ since 2021.’ This isn’t paperwork. This is a death warrant. And the worst part? The company’s CEO didn’t even know his own team was falling apart. That’s not incompetence - that’s arrogance with a corporate title. You don’t get to run a factory like it’s a garage sale.
Webster Bull
December 24, 2025 AT 01:00Just do the damn work. Date it. Sign it. Don’t backdate. Train your people. Use software that doesn’t suck. You think this is hard? Try explaining to a mom why her kid got sick because you cut corners. That’s the real cost. And yeah, RRAs are annoying - but if your system’s clean, they’re a breeze. Stop whining. Start organizing.
Bruno Janssen
December 24, 2025 AT 22:34I used to work in compliance. I saw people cry when the FDA came. Not because they were guilty - because they knew their job was over. No warning. No mercy. Just a clipboard and a shutdown. And the worst part? The people who got punished weren’t the ones who made the decisions. They were the ones who signed the logs. This system doesn’t fix safety. It just makes scapegoats.
Tommy Watson
December 26, 2025 AT 20:02lol who even reads this stuff? i bet 90% of these regs are just made up by some lawyer who got bored one weekend. why do we need to keep records for the life of the product plus 2 years? who cares? just make sure the pill works. that’s it. stop overthinking. the fda is just here to make consultants rich.