Survey
* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project
* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project
Staying 21 CFR Part 11 Compliant Using a Validated OpenClinica Environment Patrick Murphy, Sr. Director of Data Management, RTI-Health Solutions 1 Regulations and Guidance 21 CFR Part 11 Good Clinical Practices Guidance © #OC15Europe 2 21 CFR Part 11 21 CFR Part 11: Electronic Records, Electronic Signatures http://www.21cfrpart11.com/files/library/government/21cfrpart11_fi nal_rule.pdf “The regulations in this part set forth the criteria under which the agency considers electronic records, electronic signatures, and handwritten signatures executed to electronic records to be trustworthy, reliable, and generally equivalent to paper records and handwritten signatures executed on paper.” Outlines the need/methods to validate electronic signature systems © #OC15Europe 3 Good Clinical Practice Good Clinical Practice is an international ethical and scientific quality standard for designing, conducting, recording and reporting trials that involve participation of human subjects http://www.fda.gov/downloads/Drugs/Guidances/ucm07312 2.pdf International Conference on Harmonisation of Technical Requirements for Registration of Pharmaceuticals for Human Use, Published May 1996 Based on practices in the European Union, Japan, United States, Australia, Canada, Nordic countries, and World Health Organization © #OC15Europe 4 Guidance Documents 21 CFR Part 11 Guidance http://www.fda.gov/downloads/RegulatoryInformation/Guidances/ UCM126953.pdf GCP E6 Guidance http://www.fda.gov/downloads/Drugs/Guidances/ucm073122.pdf Guidance for Industry: Computerized Systems Used In Clinical Investigations (FDA, May 2007) http://www.fda.gov/downloads/Drugs/GuidanceComplianceRegul atoryInformation/Guidances/UCM070266.pdf © #OC15Europe 5 What Comprises Compliance? There is no “Part 11 compliance” out of the box Compliance is achieved with an ecosystem Software/hardware Installation/Validation Training Controlled processes/Standard Operating Procedures (SOPs) Change Control Documentation “If it isn’t documented, it didn’t happen.” © #OC15Europe 6 Topics Hardware/software Validation of data system Hardware and software installation Functionality/performance Training Standard Operating Procedures Change Control © #OC15Europe 7 Tools Data Management plan (including outline) Design specification document (including outline) Study build and quality control User acceptance testing and documentation (including an outline of the tests performed) Authorizing user access (including form) Data entry accuracy (single and double data entry) Data cleaning (rules and managing discrepancies) Data set creation and the use of the DataMart Database lock (including form) © #OC15Europe 8 Hardware and Software Software systems are typically designed and validated for use in specified environments You must match your hardware/software environment to the OpenClinica recommended environments Operating system Database system Web server © #OC15Europe 9 Validation of an OpenClinica System Validation Plan Installation Plan Hardware, operating system, database system, web server Installation Report Documentation that installation was successful Performance Testing Plan Requirements (functionality) Test Cases/Scripts Traceability Matrix Maps requirements to test cases/scripts Performance Testing Report Validation Report © #OC15Europe 10 GCP Connection 5.5.3 When using electronic trial data handling and/or remote electronic trial systems, the sponsor should (a) Ensure and document that the electronic data processing system(s) conforms to the sponsor’s established requirements for completeness, accuracy, reliability, and consistent intended performance (i.e., validation). © #OC15Europe 11 Training Staff should be trained on the use of OpenClinica Administration Design User access Site setup Data entry Notes/flags resolution Data extraction Keep the documentation of all training © #OC15Europe 12 GCP Connection 5.5.1 The sponsor should utilize appropriately qualified individuals to supervise the overall conduct of the trial, to handle the data, to verify the data, to conduct the statistical analyses, and to prepare the trial reports. © #OC15Europe 13 Standard Operating Procedures GCP defines SOP: Detailed written instructions to achieve uniformity of the performance of a specific function Purpose and benefits: Internal training material Meet FDA regulations Opportunity to examine and improve processes Promote consistency and efficiency on how work is performed and checked across sites and studies Accountability © #OC15Europe 14 GCP Connection 5.5.3 When using electronic trial data handling and/or remote electronic trial systems, the sponsor should (b) Maintain SOPs for using these systems. © #OC15Europe 15 Recommended SOPs System setup/installation System operating manual Validation and functionality testing Data collection and handling (including archiving, audit trails, risk assessment) System maintenance and security Change control Data backup, recovery, and contingency plans Alternative recording methods Computer user training Roles and responsibilities of sponsors, clinical sites, and other parties © #OC15Europe 16 Change Control Once a system is validated and tested, any changes may adversely affect the system Updates to software, operating system, database server, web server Changes required to data entry screens/data cleaning routines Evaluate the risk of the changes before they are implemented (form) Make a backup of data system and data!!!! © #OC15Europe 17 Data Management Plan A document that describes how data (clinical, behavioral, lab) will be handled during the course of the study Similar in nature and scope to a statistical analysis plan or a clinical monitoring plan Important to plan in advance for details of data management Barriers can be identified and rectified early Document important changes in data management so that others can understand the process later © #OC15Europe 18 Data Management Plan (2) Needed to write DM plan: Study Protocol The study protocol defines how and why the study is being conducted. This document is key to understanding the study. Study Manual/Monitoring Plan CRFs Data coming from external sources, e.g., laboratory data © #OC15Europe 19 DM Plan Outline Data Capture Data Transfer of forms and external data files (e.g., labs) Data Transcription from Source Documents Data Entry/Filing Data Cleaning Data Set Creation Data Storage Data Processing Data System Validation © #OC15Europe 20 Design Specification Document Describes the requirements of a particular study data system Approve before programming begins Data collection forms should be approved prior Discuss environment, features with study team Details can be used as basis for user acceptance testing routines © #OC15Europe 21 Design Specification Outline Development and production environment Data forms to be programmed/naming conventions Audit trail commencement Security requirements Data export formats Data cleaning requirements Discrepancy resolution © #OC15Europe 22 Study Build and Quality Control Version control of Excel forms used for data entry Use correct Excel form Track each version of CRF Excel file Approve CRF Excel file Independent quality control Compare each field’s question text, data type, answer set, data validations to the approved data collection form Maintain documentation Use separate environments with separate controls Development/testing environment (no change control) Production environment (change control implemented) © #OC15Europe 23 User Acceptance Testing and Documentation Systematic testing of functionality of specific data system Should be performed one each study Documentation Make available for audits If an error is found in your data system, you can investigate how it was not identified in UAT and then modify your UAT process UAT Plan describes process UAT Report documents results © #OC15Europe 24 UAT Plan Outline (1) Introduction Define scope of testing List features to be tested Secure user access Performance (especially between continents) Comparison of data forms to data system Entry of test data Data cleaning checks, skip patterns, auto-fills Extraction of test data to data sets/comparison Reports Audit trail UAT Report summarizing results of UAT © #OC15Europe 25 UAT Plan Outline (2) Test scripts Pre-defined steps to determine that a feature is working correctly A test script can test more than one feature Test data entry screen Test data cleaning program Traceability Matrix Table showing which test scripts test which features Ensures that all features are tested Define how to deal with exceptions Script is inaccurate System doesn’t function correctly © #OC15Europe 26 UAT Report Outline Introduction Refers to UAT plan Describes results of testing How many rounds of testing occurred Describes any limitations found for system Concludes that system is ready for use in production environment Recommend to perform test data entry (e.g., a test site) in the production area to confirm that the system is working after migration from testing environment © #OC15Europe 27 Authorizing User Access Use a form to document and control access to your data system Role setting Data entry person Data manager Study director Data specialist Investigator Monitor Clinical research coordinator © #OC15Europe 28 User Access Form © #OC15Europe 29 Data Entry Accuracy Data entry modes EDC (single entry) Paper data entry (double entry) Tips: Use pull-down lists Use OpenClinica validations and rules Use ranges Display units Hide fields until they are needed Include ‘data not available’, ‘not applicable’ options to ensure that all questions can be answered Encourage the use of notes © #OC15Europe 30 GCP Connection 4.9.1 The investigator should ensure the accuracy, completeness, legibility, and timeliness of the data reported to the sponsor in the CRFs and in all required reports. But it doesn’t say how to do it © #OC15Europe 31 Data Cleaning Discrepancies are generated when OpenClinica data cleaning rules are violated Data manager should review notes and discrepancies Resolve or propose resolution to site Describe in Data Management Plan If a data cleaning rule/validation is creating an inordinate number of discrepancies, consider revising the rule/validation or retraining the sites Run additional quality checks in external systems (e.g., SAS, Excel) © #OC15Europe 32 Data Set Creation and the Use of the DataMart OpenClinica supports many output formats for data Import data into the DataMart Set up with help of OpenClinica staff PostgreSQL database Use SQL statements to query the data Can establish a daily extract from OpenClinica to DataMart Data is in “record-oriented” format SAS programs link to DataMart to create SAS data sets © #OC15Europe 33 Database Lock Ensure that all expected data is entered Ensure that all notes and discrepancies are resolved Ensure that all coding of data (e.g., medical coding with MedDRA) is complete Create data sets Remove users ‘write’ access to data system © #OC15Europe 34 Database Lock Form (1 of 2) © #OC15Europe 35 Database Lock Form (2 of 2) © #OC15Europe 36 Conclusion Regulatory compliance is a combination of the proper hardware, software, validation, training, standard operating procedures, change control, documentation Retain documentation for audits, process improvements, and to show control over your systems Write a plan to implement and maintain a regulatory compliant system – it won’t happen overnight © #OC15Europe 37