This interview is with Pravin Ullagaddi, Systems Compliance Manager.

Pravin Ullagaddi, Systems Compliance Manager

Can you introduce yourself and share your current role in the pharmaceutical industry?

Hi, I'm Pravin Ullagaddi. I work as a Systems Compliance Manager at a CRO (Contract Research Organization), where I lead our Systems Validation (CSV) program. That basically means I make sure all our digital systems used in regulated work are fully compliant and audit-ready. I also handle data integrity, data governance, and help keep the company ready for regulatory inspections and client audits.

My job sits at the intersection of tech, pharma, and compliance, which gives me a unique view into how digital tools can actually make regulatory work more efficient—not just more complicated. I'm passionate about building smart, sustainable systems that support both compliance and innovation, especially as the pharma world shifts more and more into digital transformation.

How did your career path lead you to specialize in pharmaceutical regulatory compliance?

Honestly, I didn't plan on going into pharmaceutical regulatory compliance — it sort of found me. I started my career working on system implementation and validation projects in the life sciences space, and pretty quickly realized how critical compliance was to everything we did. I got hands-on with Computerized Systems Validation (CSV) early on, and that opened the door to understanding how much regulatory oversight impacts tech in pharma.

Over time, I became the go-to person for validation strategy, audit support, and system documentation. From there, I expanded into data integrity, inspection readiness, and broader compliance initiatives. I found that I actually enjoyed solving those "gray area" challenges — the ones where technology and regulation intersect — and helping teams build processes that are both efficient and audit-proof.

Now, I see compliance not as a roadblock, but as a framework that can drive smarter systems and better decision-making. That shift in mindset is what's kept me passionate about this field.

Given your experience with integrating DocuSign and SharePoint for compliance, what other technological innovations do you see transforming regulatory processes in pharma?

One of the biggest game-changers I see now is the use of Low-Code/No-Code platforms like Power Apps and Power Automate. These tools let teams quickly build validation-friendly workflows without needing full development resources — which is ideal in regulated environments that still need to move fast.

I'm also seeing a growing role for AI-based continuous monitoring in pharmaceutical manufacturing. Instead of relying solely on manual sampling or spot checks, AI and machine learning models can now track real-time process data, flag anomalies, and even predict deviations before they happen. That kind of proactive monitoring could completely change how we approach compliance — from firefighting to foresight.

Another exciting space is AI-assisted document review — tools that can intelligently scan SOPs, protocols, and validation documents for missing signatures, inconsistencies, or compliance gaps. It's still early days, but I see huge potential to reduce human error and speed up review cycles.

And finally, cloud-based QMS platforms like Veeva and MasterControl continue to transform how companies manage quality — not just as document repositories, but as full-fledged compliance ecosystems with built-in audit trails, dashboards, and process automation.

We're moving from manual oversight to intelligent, data-driven compliance — and that shift is only just beginning.

Can you share a challenging regulatory hurdle you've faced when bringing a new drug to market, and how you overcame it?

One of the most challenging regulatory hurdles I've faced was during the validation phase of a new drug project where multiple computerized systems — including electronic lab notebook, chromatography acquisition systems, and an electronic document management system — needed to be validated and aligned under a tight submission deadline. The issue wasn't just the volume of work — it was the lack of integration between systems, misaligned documentation practices, and siloed teams working on different parts of the validation lifecycle. This created gaps in traceability and inconsistent audit readiness, which could have easily led to regulatory delays or even observations.

To overcome this, I led a cross-functional initiative to streamline the validation approach. We implemented a centralized tracking system. I also introduced standardized templates for validation deliverables and set up weekly compliance checkpoints to proactively flag issues.

Additionally, I worked closely with QA and IT to ensure that all systems were aligned with Part 11 requirements, and I hosted mock audits to prepare the team for inspection scenarios.

We achieved full validation within the timeline and actually kept some of the new frameworks in place for future projects. It was a real test of coordination, but it proved how powerful the right mix of people, process, and technology can be.

How do you navigate the differences between FDA and EMA requirements when developing a drug for both US and European markets?

Navigating the differences between FDA and EMA requirements requires a combination of regulatory knowledge, early planning, and strong cross-functional collaboration. While both agencies follow ICH guidelines and share many core expectations, there are key differences in documentation, terminology, and expectations for system validation and data integrity that I always factor into the strategy. One approach I take is to establish a global compliance baseline based on ICH guidelines and then layer on specific requirements from FDA and EMA. For example, EMA tends to have more detailed expectations around data privacy (aligned with GDPR) and periodic review of computerized systems, while FDA often focuses more on audit trail review and predicate rule compliance under 21 CFR Part 11.

From a systems compliance perspective, we build our validation packages and SOPs to meet the stricter of the two standards, so we're never caught off guard. We also involve both QA and Regulatory Affairs early in the process to ensure alignment on submission readiness, especially when dealing with electronic records and signatures.

Clear documentation, proactive communication, and regular mock audits are also essential tools we use to stay ready for either agency's inspection approach. At the end of the day, the goal is to harmonize practices without overcomplicating operations — so we remain efficient, compliant, and globally aligned.

In your opinion, what's the most common misconception about regulatory compliance in the pharmaceutical industry?

One of the most common misconceptions about regulatory compliance in pharma is that it's just about "checking boxes" or generating paperwork to keep auditors happy. In reality, good compliance is about building trust — in your data, your processes, and ultimately your product.

I've seen this mindset lead to reactive behavior, where teams rush to prepare for audits instead of designing systems and workflows that are inherently compliant from the start. Compliance isn't just documentation — it's culture. It's how decisions are made, how changes are managed, and how data is captured and protected across the entire lifecycle.

Another big misconception is that compliance slows things down. When done right, compliance actually drives efficiency. For example, having validated systems, clear SOPs, and automated audit trails makes you faster, not slower, when it's time to scale, submit data, or respond to findings. The trick is to integrate compliance into daily operations — not treat it as an afterthought.

Can you describe a time when proactive regulatory planning significantly benefited a drug development project you were involved in?

One situation stands out where we had to validate several lab and manufacturing systems under tight timelines while preparing for both FDA and EMA inspections. Early on, I pushed to conduct a regulatory gap assessment across all GxP systems — even those that weren't on the radar yet — and flagged several areas where we'd need remediation to be inspection-ready.

That proactive planning allowed us to build a compliance roadmap that included risk-based validation, audit trail reviews, and data integrity controls — all before formal submission timelines kicked in. We also aligned early with QA and Regulatory Affairs to ensure our documentation strategy would meet both FDA and EMA expectations, especially around Part 11 and Annex 11 requirements.

By the time we entered the final submission window, our systems were fully validated, SOPs were in place, and we had already run internal mock audits. That level of preparedness helped us avoid last-minute scramble, and when we did undergo regulatory inspections, there were no major findings.

In the end, that proactive compliance strategy not only gave leadership confidence — it also allowed the project team to focus more on clinical deliverables, knowing the backend systems were solid. It was a perfect example of how early regulatory planning saves time, reduces stress, and sets you up for success.

How do you stay updated with the constantly evolving health regulations across different markets?

First, I subscribe to regulatory update feeds directly from agencies like the FDA, EMA, MHRA, and WHO. Their newsletters, RSS feeds, and press releases are great for getting official guidance and announcements firsthand. I also follow updates from PIC/S and ICH to track harmonization efforts and new guidelines.

Second, I stay connected through industry associations like ISPE, DIA, and PDA. These organizations not only publish whitepapers and position statements but also host webinars and training sessions that often include real-world case studies and upcoming regulatory trends.

Third, I regularly participate in professional forums, LinkedIn groups, and discussion panels where peers share their audit experiences and interpretations of new guidances. Sometimes those practical insights are just as valuable as the official documents.

Lastly, I treat regulatory intelligence as a team sport. Internally, I work closely with Regulatory Affairs and QA to share updates and review implications for our systems and processes. We also conduct periodic compliance risk reviews to make sure we're not just aware of changes — but actively planning for them.

It's a continuous process, but it's also what makes the role dynamic and impactful.

What advice would you give to emerging biotech companies to build a strong foundation for regulatory compliance from the start?

My biggest advice to emerging biotech companies is: don't wait until you're close to submission or scale-up to start thinking about compliance. Build it into your company culture from the very beginning — not as red tape, but as a framework for quality, consistency, and trust.

Start by establishing simple but clear SOPs, and make sure everyone understands the "why" behind them. Even if you're a small team, documenting your processes, version-controlling your data, and having structured change control will save you time, money, and stress later.

Invest early in validated systems — even if they're lightweight or modular. Cloud-based tools that are Part 11/Annex 11 compliant (like MasterControl, Veeva, or even Power Apps with SharePoint + DocuSign) can scale with your growth and show regulators that you're serious about data integrity.

Also, designate someone to own compliance — even if it's a hybrid role at first. Having a point person for quality and regulatory activities ensures nothing slips through the cracks as the science accelerates.

Finally, be proactive with regulatory intelligence — stay informed, engage with industry groups, and connect with experienced consultants or advisors who've been through inspections. Learning from others' successes (and missteps) is one of the best ways to avoid costly mistakes.

Start lean, stay audit-ready, and grow with compliance in mind — not as an afterthought.

Thanks for sharing your knowledge and expertise. Is there anything else you'd like to add?

Thank you for the opportunity to share my experience — I really believe that compliance doesn't have to be a burden; it can be a real enabler of innovation when approached the right way. As the pharmaceutical and biotech industries continue evolving with digital transformation, AI, and global collaboration, it's more important than ever to build compliance into the foundation — not just the final step.

I'm passionate about helping teams create smart, scalable systems that align with regulatory expectations while also supporting agility and growth. Whether it's through technology integrations, process design, or cross-functional training, I enjoy solving the "compliance puzzle" in a way that works in the real world.

I'm always open to connecting with others in the industry, learning from new perspectives, and collaborating on meaningful solutions — feel free to reach out!