1 / 35

Session 6: Data Integrity and Inspection of e-Clinical Computerized Systems

Session 6: Data Integrity and Inspection of e-Clinical Computerized Systems. May 15, 2011 | Beijing, China Kim Nitahara Principal Consultant and CEO META Solutions, Inc. (USA). Purpose of this session:.

andra
Download Presentation

Session 6: Data Integrity and Inspection of e-Clinical Computerized Systems

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Session 6: Data Integrity and Inspection of e-Clinical Computerized Systems May 15, 2011 | Beijing, China Kim Nitahara Principal Consultant and CEO META Solutions, Inc. (USA)

  2. Purpose of this session: • To understand data integrity and its relation to computerized systems used in clinical trials • To review key issues related to the inspection of e-clinical computerized systems www.diahome.org

  3. Topics to be discussed: • Data Integrity • Regulatory Requirements for e-Clinical Computerized Systems • Inspection of e-Clinical Computerized Systems • Expectations • Results www.diahome.org

  4. Data Integrity Topics: • What is Data Integrity? • How is Data Integrity Lost? • How Do We Ensure Data Integrity? • Why is Data Integrity Important? www.diahome.org

  5. What is data integrity? • Data Integrity is the “validity” of the data for its intended purpose and use • Accurate • Complete • Reliable • Accessible • Enduring www.diahome.org

  6. How is data integrity lost? • Human Errors and Tampering • Storage and Transfer Errors • Software Errors • Software Viruses • Hardware Malfunction • Disasters Loss of Data Control Loss of Data Integrity www.diahome.org

  7. How do we ensure data integrity? • Personnel Training • Procedural Controls • SOPs • Quality Assurance and Management • Computerized Systems Controls • Error Detection and Correction • System Validation • Information Technology (IT) Controls • Backup and Disaster Recovery Plans • Network Security www.diahome.org

  8. Why is data integrity important? • Clinical Trials Data May be Used to Make Important Decisions • Industry • Regulatory Agencies • Public • Data May be Re-Used in the Future • Repeated Analysis • New Purposes Data Integrity is a Regulatory Requirement www.diahome.org

  9. Regulatory requirements topics: • How Do Agencies Ensure Data Integrity? • What is Expected During Inspections? • What Are the Requirements? www.diahome.org

  10. How do agencies ensure data integrity? • Regulations and Guidance • Review of Submitted Data • Independent Analysis of Data • On-Site Inspections 1) They Provide Requirements 2) They Confirm Adherence www.diahome.org

  11. What is expected during inspections? • Effective controls for trustworthy data • Accurate and complete records • Reliable systems and processes • Secure data, systems and facilities • Qualified and trained personnel Requirements to Ensure Data Integrity www.diahome.org

  12. What are the requirements? Provided in: • Regulations • Guidelines and Guidance for Industry • Compliance Policy Guides; Program Manuals; Advisory Documents • Published Presentations www.diahome.org

  13. Example of US FDA Regulation “An investigator is required to prepare and maintain adequate and accurate case histories… and other data…” (FDA 21 CFR 312.62 Investigator Recordkeeping and Record Retention) www.diahome.org

  14. Example of ICH Guidance “Systems with procedures that assure the quality of every aspect of the trial should be implemented.” (ICH E6 Good Clinical Practice; Consolidated Guidance) www.diahome.org

  15. Examples of FDA and ICH Guidance • (FDA/ICH) E6 “Good Clinical Practice: Consolidated Guidance” (April 1996) • (FDA) “Computer Systems Used in Clinical Investigations” (May 2007) • (FDA) “Part 11, Electronic Records; Electronic Signatures – Scope and Application” (August 2003) These Are Not Regulations www.diahome.org

  16. Examples of US FDA ComplianceProgram Manuals • “Clinical Investigators” (CP 7348.811) • “Sponsors, CROs and Monitors” (CP 7348.810) These are used by FDA personnel(and are useful to you!) www.diahome.org

  17. Computerized System Inspection Topics: • What does FDA ask during inspections? • What records are inspected? • What has FDA observed? • What is FDA’s response to deficiencies? www.diahome.org

  18. What does FDA ask during inspections? • Were there any problems experienced during the course of the study? • What is the source of data entered into the computer? Direct (no paper)? Case report form? Office record? Other? (CP 7348.811 Clinical Investigators) www.diahome.org

  19. What does FDA ask during inspections? • What is the source of the hardware and software? • Who enters data? When? • How are data changed? By whom? • Is an audit trail produced? (CP 7348.811 Clinical Investigators) www.diahome.org

  20. What does FDA Ask during inspections? • “If a firm is keeping eRecords or using eSignatures determine if they are in compliance with 21 CFR 11.” • “At a minimum, ensure that:” • Corrective Action Plan is in Progress • Accurate/Complete Copies Available • Employees Are Held Accountable and Responsible (CP 7348.810 Sponsors, Monitors and CROs) www.diahome.org

  21. What records are inspected? • Software Development Documentation • Validation Plans and Documentation • System Description/Configuration Diagram • System Operations Records • Configuration and Change Control Records www.diahome.org

  22. What records are inspected? • Personnel Training Procedures and Records • Data Collection and Transmission Controls • IT Security Procedures and Records • Emergency and Back-up Procedures and Records www.diahome.org

  23. What has FDA observed? • Lack of programming standards and conventions • No documents describing the intended function(s), operation and performance of software • Failure to test software at its operational limits • Incomplete test documentation www.diahome.org

  24. What has FDA observed? • The firm did not monitor and keep track of changes to hardware, application or operating system software. • There was no validation data to show that the system gave accurate and reliable results • There was no written validation plan reviewed or approved by management www.diahome.org

  25. What has FDA observed? • No documentation of training of persons engaged in writing, validating or supporting computer programs • No written SOPs for user operations, security guidelines, software revision control, virus detection, disaster recovery, and database backup and audit trail archival. www.diahome.org

  26. What has FDA observed? • The audit trail switch was intentionally disabled and prevented the recording of data that was modified or edited • There is no written procedure to describe the process that is used to assign, maintain passwords and access levels to the system • There were no restrictions on who could create, rename, or delete data. www.diahome.org

  27. What has FDA observed? • Lack of validation • Validation protocols for upgraded software do not contain diagrams or lists of hardware configurations and peripheral devices within the system. • The validation team and individual responsibilities are not specified www.diahome.org

  28. What is FDA’s response to deficiencies? • Form FDA 483 Inspectional Observations (“483”) • Establishment Inspection Report (EIR) • Notification to assigning Center • Regulatory sanctions for violations www.diahome.org

  29. What is FDA’s response to deficiencies? “If initial findings indicate the firm’s electronic records and/or …signatures may not be trustworthy and reliable, or when …systems inhibit meaningful FDA inspection, a more detailed evaluation may be warranted.” (CP 7348.810 Sponsors, CROs and Monitors) FDA may perform another inspection www.diahome.org

  30. What is FDA’s response to deficiencies? “In addition to a response to the deficiencies noted earlier in this letter, please outline your firm's global corrective action plan, including timeframes for correction, to address this Part 11 issue…” FDA Warning Letter www.diahome.org

  31. What is FDA’s response to deficiencies? “When substantial and significant part 11 deviations exist, FDA will not accept use of electronic records and …signatures to meet the requirements of the applicable predicate rule.” (CP 7348.810 Sponsors, CROs and Monitors) FDA may not accept the clinical trials data www.diahome.org

  32. Summary of discussed topics: • Data Integrity • Regulatory Requirements for e-Clinical Computerized Systems • Inspection of e-Clinical Computerized Systems • Expectations • Results www.diahome.org

  33. Conclusions: • Regulatory agencies establish regulations and guidance to ensure clinical trials data quality and integrity • Regulatory agencies confirm compliance with regulations to ensure that clinical trials data and reports are accurate and reliable for their purposes www.diahome.org

  34. Conclusions (continued): • Regulatory agencies generally follow their standard procedures when they conduct their inspections of e-clinical systems • If deficiencies are found during inspections, regulatory agencies have the authority to take actions, including rejection of clinical trials data. www.diahome.org

  35. Questions and discussion kim.nitahara@metasol.com www.diahome.org

More Related