A Basic Introduction to Clinical Data Management Regulations
This page provides an introduction to why some processes are in place for clinical data management activities.
Regulations are in place to ensure accuracy and safety of clinical trial data collection of participants. Failure to adhere to governance may result in a study or marketed drug being stopped temporarily or permanently, fines to the sponsor but most important of all compromising patient safety.
Historical events have resulted in the regulations that we have in place today. Public outcry from Thalidomide, which resulted in genetic abnormalities in the 1960s and 1970s highlighted that the collection and monitoring of safety data during drug development was needed regardless of efficacy. Unethical collection of study data from uniformed participants in the Tuskegee Syphilis study and prisoners of war experimentation plus cases of fraud and incompetence, have all been fundamental in establishing governance that the Pharmaceutical industry must follow for drug development.
Use the button below to access the PDF on History of Clinical Research and Ethics
Some early studies maybe based on few study sites and within a single country, later studies with the same Investigational Medicinal Product maybe based on multi-country, multi-site trial participants. Regulations must be followed primarily for patient safety but also to ensure data integrity and accuracy of the analysis performed. International Clinical Harmonisation Good Clinical Practice guidelines are endorsed and adopted by many countries, but be aware that there maybe some local regulations that should be considered when a study is conducted e.g. EU General Data Protection Regulations.
Clinical Trials and submissions of Investigational Medical Products typically involve multiple countries and multiple sites.
Global Data Management Procedures should be created to cover the majority of the regulatory requirements BUT some countries have additional local regulations. Local knowledge is important.
Why & How
Whistle-blowers, complaints, reports, regulatory inspections and audits which have identified critical issues that a clinical study is not following regulations and therefore may compromise patient safety, maybe terminated, fined or discredited. Patient safety is paramount and if clinical study data is not collected with consent, accurately or data is unreported. Regulations and procedures are there to ensure patient safety, confidence in our clinical data and analysis has been performed on clean, accurate and complete data.
- Patient Safety
- Regulatory penalties, warnings, withdrawn marketing approvals or approval rejection ££££
- Reduction in industry/company confidence £££
Data Management Regulations
How do we ensure that Clinical Trial regulations are met for our specific data management activities? Standard Operating Procedures (SOPs) must be created to ensure that both global and local regulations are met. The procedures should be clear and concise detailing responsibilities, roles, inputs and outputs that are required to ensure regulatory compliance is followed.
The use of approved standardised templates, ensure that consistent deliverables are produced.
Internal and external quality reviews to ensure compliance of process SOPs.
Metrics should be put in place to ensure activities are being followed e.g. Study documentation reviews of content and finalisation.
Qualified individuals should be recruited for the task and importantly training should be delivered.
Deliverables must be of a high standard and the risks associated with non compliance understood (e.g. Risk to patient safety, loss of business confidence, fines and drug approval withdrawals).
- Procedures & Templates
- Audits & Quality Reviews
Creating Quality Document Deliverables
Just creating a study document from a standard template is not enough. Processes must be in place to ensure that input from other study documents such as the Study Protocol, should be referenced in its creation. Stakeholder and Peer, review and approvals ensure that the document has input from all key personnel who are appropriately qualified. These steps will help ensure that the best initial ‘fit for purpose’ version is created, all documents have a life-cycle so change control process should be established should an omission or error be observed or if the study has a protocol amendment. Unnecessary recreating next version of a document as a result of lost documents, errors all cost time and money and could result in study delays.
Standard templates, inputs from Key documents, Stakeholder and Peer reviews, Approvals and Filing into the Trial Master File all help to prevent unnecessary work, lost documents, errors in study documents all cost time and money and could result in study delays.
Data Management Essential Documents
Essential Documents ‘listed in the regulations’ are the minimum required as part of the Trial Master File (see Guideline for Good Clinical Practice (GCP) E6 (r2) Step 5). Essential documents are key documents that are called out so that the Clinical Study could be ‘recreated’ with the same outcome. In addition to Essential Documents, evidence from other activities which have been mandated, within the procedures should be retained to provide evidence that the activity was performed such as approved ‘Go-live forms’, ‘Data Lock’ and ‘Data Unlock’ forms, Medical coding forms and many others, procedures must be in place to ensure ‘evidence’ of the activities on the study is retained for audit and inspection transparency.
Regulation ICH GCP E6(R2) Step 5 Section 8
‘Essential Documents are those documents which individually and collectively permit evaluation of the conduct of a trial and the quality of the data produced’.
Business Benefit: Confidence
- Sample Case Report Form (CRF)
- Signed, Dated and Completed CRFs
- Normal Reference Ranges
- Document of CRF Corrections
- Source Documents
CDISC (Clinical Data Interchange Standards Consortium): a global not for profit organization that develops data standards for the pharmaceutical industry. CDISC creates clarity in clinical research by bringing together a global community of experts to develop and advance data standards of the highest quality. Together, they enable the accessibility, interoperability, and reusability of data for more meaningful and efficient research that has greater impact on global health. CDISC Standards are required for regulatory submissions to FDA (US) and PMDA (Japan).
Validated Data Management Tools/Systems
FDA 21 CFR Part 11 ‘Validation of systems to ensure accuracy, reliability, consistent intended performance..’ Clinical data can be directly entered by the investigational site, into an off the shelf Electronic Data Capture tool or a bespoke data entry tool. Whichever system is used it must be validated to ensure that the system meets the user requirements. The system must be validated for accuracy and reliability and meet Good Clinical Practice requirements such as access controls and audit trails. GxP clinical repositories must have adequate back-up and disaster recovery procedures in place.
Regulations: FDA 21 CFR Part 11
‘Validation of systems to ensure accuracy, reliability, consistent intended performance..’
Business Benefit: Confidence
- Requirement Specification
- System life-cycle procedures
- Validation Plans & User Testing
- System Training
- GxP (Access, audit, trails, secure)
Restricted Access & Roles
ICH E9 Section 5.5. & 5.9. ‘Inappropriate access to data during the conduct of the study may compromise study’. Processes must be in place to ensure functional system roles are defined (e.g. System Owner, System user), Approved user access forms are filed and regularly reviewed for access removal, preferred transfer methods which ensure copying or sending are restricted and finally a GxP data repository is in place to house the data.
Regulations: ICH E9 Sections 5.5 & 5.9
‘Inappropriate access to data during the conduct of the study may compromise study’
Business Benefit: Confidence
- Functional System Roles
- Access Procedures & Forms
- Secure Transfers (e.g. sFTP, PGP encryption)
- GxP Data Repository
ICH E8 Section 5.5 ‘Methods to Reduce Bias’ can be performed by detailing the ‘treatment revealing’ data points up front, this may include Pharmacokinetic data which maybe only made available to an ‘Unblinded study team’ if this information is reviewed during the conduct of the data for safety reason. Other processes such as randomisation processes, restricted access to data and anonymised data all mitigate bias.
Regulations: ICH E8 Section 5.5.
‘Methods to Reduce Bias’.
Business Benefit: Confidence
- Anonymised data e.g. Subject codes
- Randomisation Processes
- Restricted Data Access
- Blinded Data Review Teams
- Masked data or Header reconciliation of external data
To ensure ICH E8 (R1) #6 Risk proportionate mitigation measures should be employed and E6 (R2) predefined quality tolerance limits should be established. An approved study-level document reviewed by all stakeholders, that list ‘Critical to Quality data’ must be created. This document can then be referenced as an input when creating the monitoring plan for source data verification assignments and when creating a list of the data validation edit checks to aid data cleaning.
Regulation: E8(R1) #6
‘Risk proportionate mitigation measures should be employed’.
E6 (R2) Predefined quality tolerance limits should be established
Business Benefit: Focus effort
A study-level document should be referenced, which lists the critical to quality data types. This is where the primary or secondary objects or safety could be effected.
ICH E8 (R1) Section 5. The study data should contain the necessary information to conduct the statistical analysis specified …as well as to monitor for participant safety, protocol adherence, and data integrity. The clinical data must be complete, missing data can jeopardize a study. Mitigations can be put in place to resolve missing data, by training staff, ensuring the participant is aware of the impact to the trial data. In addition, site staff may require additional training on the Study Protocol. The complete, reviewed and categorised Protocol Deviation list is part of the study data and maybe received from many different sources and formats, it must be standardised e.g. Standard Data Tabulation Model DV.
Regulation: E8 (R1) Section 5
‘The study data should contain the necessary information to conduct the statistical analysis specified …as well as to monitor for participant safety, protocol adherence, and data integrity’.
Business Benefit: Data Integrity. Subject & Site non-compliance.
A Protocol Deviation (PD) Plan is used to identify protocol adherence e.g missed assessments, which can be categorised Major/Minor deviations. PD detection maybe a hybrid of manual reporting & programming.
Serious Adverse Event Reconciliation
ICH E6 Section 5 5.15 & 6.16 Safety ‘The sponsor is responsible for the ongoing safety evaluation of the investigational product(s)’. Ensuring that the safety profile of the Investigational Medicinal Product is known, adverse events and Serious Unexpected Serious Adverse Events are critical to patient safety. On-line tools to report events expedite safety data reporting. Data entry of hard-copy CRF data must be prioritised to ensure regulatory reporting is performed. Timely, reporting of safety data is a regulatory requirements regardless if whether the exposure of the study drug is known.
Regulation: ICH E6 Section 5 5.15 & 6.16 Safety
‘The sponsor is responsible for the ongoing safety evaluation of the investigational product(s)’
Business Benefit: Confidence, Patient safety and Program evaluation
- Standardisation of Adverse Events and Serious Adverse Events.
- Reconciliation of AE & SAE for completeness and data integrity.
- Missed Page Reports
There are three distinct phases of a clinical study, Set-up, Conduct and Close-Out. Procedural documents should be structured to ensure that Data Management understand all of the important milestones and have evidence to support the activities performed. For example ‘Go-live’ (GxP tools and systems are validated and complete for clinical data to be collected), ‘Conduct’ this phase is when the clinical study data is being collected, cleaned, coded and reconciled. Close-out and ensures reports of the complete data is received, medical coding is completed and approved, the data is deemed clean and the data is considered final and ‘Data Lock’ is declared.
The three distinct Phases of a Clinical Study for which regulations apply are set-up, conduct and close-out.
Here are links to some historic events, that has significant impact on the foundation of the clinical regulations in place today, to make participation safety paramount.