When you buy a pill, an inhaler, or a sterile injection, you assume it’s safe. But behind that assumption is a complex web of inspections, records, and rules that manufacturers must follow - and that the FDA has the right to check. FDA inspection records aren’t secret. They’re the backbone of drug safety in the U.S. But knowing what’s accessible, what’s protected, and how to prepare for an inspection can mean the difference between a clean report and a shutdown.
What the FDA Can and Can’t See
The FDA doesn’t get to look at everything. Under Compliance Policy Guide (CPG) Sec. 130.300, internal quality audit reports - the kind companies use to find their own mistakes - are generally off-limits. This isn’t a loophole. It’s intentional. The idea is to let manufacturers be honest with themselves. If every internal flaw became public, companies might stop doing honest audits altogether.
But here’s the catch: if an audit uncovers a real problem - say, a batch of pills with wrong dosage - and the company investigates it, that investigation report? That’s fair game. The FDA can and will demand to see it. The line isn’t between internal and external. It’s between preventive audits and reactive investigations. One is protected. The other is mandatory.
Think of it like this: your car’s maintenance log is private. But if your car fails a safety check because the brakes were worn, and you tried to fix it yourself, the mechanic will want to see your repair notes. The FDA treats quality records the same way.
What Records Are Always Open for Inspection
Manufacturers must keep a long list of records ready - and they must be real-time. No backdating. No guessing. The FDA requires contemporaneous documentation. That means if you made a batch on Tuesday, your records should reflect that on Tuesday, not Friday.
Here’s what the FDA can demand at any moment:
- Production and control records for every batch
- Validation protocols for equipment and processes
- Deviation reports - when something went wrong during production
- Corrective and Preventive Action (CAPA) logs
- Complaint files and product recall records
- Training records for all staff handling product
These aren’t suggestions. They’re required under 21 CFR 211.180 for drugs and 21 CFR 820.180 for medical devices. For drugs, records must be kept for at least one year after the expiration date. For devices, they must be kept for the life of the product plus two years. If you can’t produce them, you’re in violation - even if the product itself is fine.
FDA Inspection Types: Routine vs. For-Cause
Not all inspections are the same. In 2024, about 75% of pharmaceutical inspections were routine surveillance checks. These are scheduled. The company knows they’re coming. The FDA sticks to the standard checklist: production logs, cleaning procedures, equipment calibration records.
Then there are “for-cause” inspections. These make up about 18% of inspections and are triggered by complaints, adverse events, or whistleblower tips. In these cases, the FDA drops the usual rules. They can demand internal audit reports, emails between quality teams, and even draft versions of CAPA plans. No protections apply.
And now, foreign facilities are under even more pressure. In 2023, only 12% of inspections at overseas plants were unannounced. By the end of 2025, that number will jump to 35%. The FDA is no longer waiting for permission to show up. They’re coming without notice - and they expect you to be ready.
What Happens When the FDA Finds Something Wrong
If inspectors spot issues, they leave with Form FDA 483 - the Notice of Inspectional Observations. This isn’t a fine. It’s a list of problems. Each item is specific: “Batch #B7721 lacked final weight verification,” or “Training records for Line 3 were not updated since 2022.”
Companies have exactly 15 business days to respond. No extensions. No excuses. The response isn’t just an apology. It needs a root cause analysis, a correction plan, and a prevention plan. The FDA tracks how well companies do this. Those who follow the official root cause methodology close 89% of their 483s within six months. Those who rush? Only 62% get resolved.
And if you ignore the 483? The FDA can issue a warning letter. In Q1 2025, warning letters for inspection denials or delays rose 17% compared to the same period last year. That’s not a coincidence. The FDA is cracking down.
Remote Inspections Are Changing the Game
In July 2025, the FDA finalized its guidance on Remote Regulatory Assessments (RRAs). These aren’t inspections. They’re virtual reviews. The FDA can ask for read-only access to your digital quality system. They can ask for video tours of your facility. They can review electronic records without ever stepping foot on your property.
RRAs don’t generate Form 483s. But they’re becoming a gatekeeper. If you fail an RRA, you’re more likely to get a full, unannounced physical inspection next. And 73% of Fortune 500 pharma companies have already upgraded their systems to be RRA-ready. If you haven’t, you’re falling behind.
Companies using RRAs report 65% less production downtime during inspections. Why? Because they’ve already cleaned up their digital records. No last-minute scrambling. No missing files. Just a clean, searchable system.
How Companies Prepare - And Why It Costs So Much
Preparing for an FDA inspection isn’t a one-day task. It’s a full-time job. The average company spends $385,000 a year just on inspection readiness. That includes hiring staff, training, software, audits, and consultants.
Many now have dedicated inspection readiness teams. These aren’t quality managers doing it on the side. They’re specialists who live and breathe 21 CFR Part 211 and 820. New hires take 6 to 9 months to get up to speed. Certification through RAPS (Regulatory Affairs Professionals Society) improves readiness by 37%, according to 2024 data.
One of the biggest headaches? Knowing what to share. A 2024 survey of 215 quality professionals found that 41% had received conflicting guidance from different FDA district offices. One inspector says internal audits are protected. Another says they want everything. That inconsistency forces companies to over-disclose - just to be safe. And that’s risky. Sharing protected records can weaken your legal position if you’re ever challenged.
The Bigger Picture: Why Transparency Matters
There’s a political push to make inspection reports public. The 2024 Pharmaceutical Supply Chain Transparency Act proposed forcing manufacturers to release certain findings. The drug industry fought back, arguing it would kill honest internal audits. The FDA agrees - for now. They want transparency, but not at the cost of safety.
Still, the message is clear: if you’re not ready, you’re at risk. The FDA isn’t just checking boxes. They’re watching for patterns. A single deviation might be an accident. Ten deviations across three batches? That’s a system failure. And they’re getting better at spotting them.
Manufacturing transparency isn’t about being perfect. It’s about being honest, organized, and ready. The records you keep today determine whether you’re still in business tomorrow.
What You Need to Do Right Now
If you work in manufacturing, here’s what to do:
- Separate your internal audit reports from your investigation records. Use different folders, different systems, different access controls.
- Make sure every record is dated and signed at the time of the activity. No backdating.
- Train your team on what’s protected and what’s not. Confusion leads to mistakes.
- Review your CAPA process. Can you trace every problem to its root cause? Can you prove you fixed it?
- Start preparing for remote assessments. Update your digital systems. Make sure your quality data is searchable and exportable.
- Know your deadlines. 15 business days to respond to a Form 483. No grace period.
The FDA doesn’t want to shut you down. They want you to make safe products. But if you’re not ready to show them how, they’ll find a way to make you.
Can the FDA inspect my facility without warning?
Yes, especially for foreign facilities. As of 2025, the FDA plans to conduct unannounced inspections at 35% of overseas manufacturing sites - up from 12% in 2023. Domestic facilities are still mostly scheduled, but for-cause inspections can happen without notice at any time.
What’s the difference between a Form 483 and a warning letter?
A Form 483 lists observations - issues the inspector noticed during the visit. It’s not a penalty. A warning letter is the next step if the company doesn’t respond adequately within 15 business days. Warning letters are public, can trigger import alerts, and may lead to legal action.
Are internal quality audits protected from FDA review?
Generally, yes - under CPG Sec. 130.300. But only if they’re part of a written quality assurance program and used to improve systems, not to cover up failures. If an internal audit leads to a formal investigation of a product defect, that investigation record is fully accessible to the FDA.
How long do I need to keep manufacturing records?
For pharmaceuticals, keep records for at least one year after the product’s expiration date. For medical devices, keep them for the device’s lifespan plus two years. These are minimums under 21 CFR 211.180 and 820.180. Many companies keep them longer for internal audits or litigation protection.
Can the FDA inspect my digital quality system remotely?
Yes. Since July 2025, the FDA has formal guidance for Remote Regulatory Assessments (RRAs). These allow inspectors to request access to electronic records, conduct virtual tours, and review data without visiting your facility. RRAs don’t result in Form 483s, but failing one can trigger a physical inspection.
What happens if I refuse an FDA inspection?
Refusing or delaying an inspection is a violation of Section 301(f) of the FD&C Act. The FDA can issue a warning letter, block imports, or even pursue criminal charges. In Q1 2025, warning letters for inspection denials rose 17% year-over-year, showing the agency is actively enforcing this rule.
Scott Butler
December 15, 2025 AT 08:49The FDA’s got no business even looking at our records. This isn’t China. We’re not some third-world factory farm. If you want to make pills, you earn the right to keep your internal stuff private. They’re just using ‘transparency’ as an excuse to bully American manufacturers into submission. This is regulatory overreach dressed up as safety.