Validation of data logs in eCRD clinical trials

We review the characteristics and stages that are carried out to perform the validation of electronic case report forms for data collection in clinical trials, known as eCRF.

The collection of data is key in clinical research and one of the crucial phases for the launch of a new drug to the market.

Although traditionally, this data collection has been done manually, the complexity and slowness of the process – which has an impact on the time it takes to launch a drug to the market – has led many pharmacists to adopt the digital format: electronic case report forms for capturing data or eCRF.

The computerized capture of data through the use of electronic data collection notebooks allows pharmacists to have information in real-time, to have more accurate data, to accelerate decision-making when there are alerts about patient safety, to improve the efficiency in the management of clinical trials and reduce costs.

We will review the characteristics of the electronic data collection notebooks and what is the process to carry out their validation.

Characteristics of the eCRF

The electronic data capturing case report forms are computerized technological development aimed at collecting, managing and storing clinical and laboratory data. The eCRF has the following characteristics:

• Data entry: the eCRF incorporates forms for data entry by the researcher. This will allow the incorporation of data of different types: texts, lists, dates, etc.
• Data export: although the eCRF are not applications for statistical purposes data must be exported for analysis outside the notebook environment.
• Management of inconsistencies: it is necessary that the system offers the possibility of noting inconsistencies so that they are investigated, corrected or justified, as the case may be.
• Security and users: the data registered in the eCRF are very sensitive and must be in accordance with the different legislations in each country. In Spain, the LOPD (Organic Law for the Protection of Personal Data and the Guarantee of Digital Rights) is the norm to be followed, as well as for the USA the FDA 21 CRF Part 11 must be complied with. Therefore, it is important and essential to guarantee the privacy and ensure access to information with sufficient controls and mechanisms such as user name, password, and, if necessary, digital signature or any type of biometric identification.
• Traceability: finally, the eCRF will have to offer a log that allows recording a history of all the actions that are carried out in the system. And, in addition, you must keep the information on who performs them and the exact moment when you do them. This log or “Audit Trail”, thus ensures the traceability of the information collected.
• Validation of data: the validation of data collection case report forms in clinical investigation, starts from the moment of incorporation of the information. In this way, the system must have controls that guarantee the validity of the collected data, ensuring its integrity and traceability.

Validation of electronic case report forms – eCRF

Since these are computerized systems, to ensure that the data is reliable, its necessary to validate the electronic care report forms.

In our article, Computer Validation in Clinical Trials, we gather together in detail the points that refer to the integrity of data and the validation of computerized systems in clinical trials in the latest version of the Guide to Good Clinical Practice (GCP) – ICH Guide E6 (R2) published by the EMA in 2016.

Briefly, we can collect the requirements for computerized systems in clinical trials such as:

Validation	Ensure and document that they meet the requirements established by the sponsor regarding integrity, accuracy, reliability and expected performance (i.e. validation).
Risk management	Base the validation of computerized systems on a risk assessment that considers the intended use of the system and the potential of the system to affect the proception of people and the reliability of test results.
User support	Maintain SOPs (Standard operating procedures). Adequate training for users. Technology provider support.
Access management	Only authorized persons have access to the data. Identifiable users (User ID, Password). Documentation of system usage times.
Data security	Protection against data manipulation, backup copies and contingency plans. Maintain backup copies of data and contingency plans.
Audit trail	Record of all changes in a trial audit
Data integrity	Ensure the integrity of the data

The life cycle of the validation of electronic case report forms for data collection in clinical trials

In general, this type of validation process of electronic case report forms of data collection in clinical trials is developed in a life cycle consisting of 9 stages:

1. Specification of the functional and system requirements.
2. Software specifications.
3. Installation qualification (IQ).
4. Design qualification (DQ).
5. Qualification of the operation (OQ).
6. Process qualification (PQ).
7. Results and reports for IQ, DQ, OQ, PQ.
8. Final validation report.
9. User acceptance test and release for use.

Deepening in the necessary verifications, in a project of validation of electronic case report forms of data collection will be carried out:

• Qualification of the installation (IQ): the characteristics, installation, and configuration of the system are verified in this stage, in its test environment and its final productive environment.
• Design qualification (DQ): the operational, technical and safety design of the computerized system is verified.
• Operation qualification (OQ): the operation of the software is verified in practice.
• Process qualification (PQ): the computerized process and the integrity of all the elements that compose it are verified to ensure its management, control, and traceability. It is also verified that the operators are properly trained and authorized.

Documentation

The documentation to be developed during the validation process of the electronic data collection case report forms from the objective evidence that guarantees that the system is well configured and behaves in accordance with the proposed objectives and security standards.

Among others, it is required to develop the following documents:

• Validation plan.
• Own documentation for validation:
  • User requirements
  • Standard operation procedures (SOPs)
  • Protocols, tests, and reports of the verification phase IQ, DQ, OQ, and PQ.
• Procedures to maintain the validated environment: for the control of changes, incident management, training plan, and user and security management.
• Procedures for the periodic evaluation of the control status: internal audits and critical service providers.

In Oqotech, we have an optimized work methodology based on the identification of risks to help our clients guarantee the quality of their processes, ensure the traceability and integrity of the data and comply with current regulations. Contact our team.