Any pharmaceutical or biotech company seeking a medicinal product marketing authorisation in the European Union (EU) now faces the need to implement the requirements of the European Medicines Agency (EMA) Guideline on Computerised Systems and Electronic Data in Clinical Trials. Effective on 9 September 2023, the guideline introduces a framework of standards for computerised systems and electronic data in clinical trials and drives the imminent need to assess whether those standards are complied with upon the effective date.
The purpose at a glance
To ensure the integrity, reliability and regulatory compliance of computer systems in clinical trials, the EMA has established a guideline that governs their use and addresses the complexity of these computerised systems. The guideline consolidates expectations on the use of computerised systems, the collection and use of electronic data, and provides a framework to be upheld by sponsors, investigators and their service providers.
Who is impacted by the new EMA guidelines?
In alignment with the ICH GCP, the responsibility for the proper use of computerised systems and management of electronic data in clinical research is assigned to two key stakeholders:
- Investigators and their institutions, laboratories and other technical departments or clinics
- Sponsors that directly or via service providers supply, store and/or manage and operate computerised systems (software and hardware) and the records generated by them.
Understanding vs underestimating the scope
The discussion within the wider industry about the scope of the guideline and its impacts has directed us to seek a clarification on the definition of ‘clinical data’. The EMA confirmed to ICON that “the scope of the guideline should not be considered to be restricted to systems handling data of trial participants, and we would encourage a more global reading and interpretation”. Thus, the scope of this guideline broadly extends across computerised system and electronic data use and management in clinical trials. Therefore, an assumption that the scope is limited to clinical data generated at investigative sites is an underestimation of the scope.
Building confidence in EMA compliance
One of the key aspects the guideline addresses is the validation of computerised systems. It outlines the requirements for establishing the reliability and accuracy of these systems, ensuring that they consistently perform their intended functions. By maintaining a comprehensive documentation of system specifications, testing protocols and maintenance procedures, and by implementing thorough validation processes, sponsors should achieve the confidence in the integrity of the data generated by these systems and compliance to the standards expected by the EMA.
With paramount importance of data integrity and security in clinical research, it comes with no surprise that the EMA guideline places a great emphasis on the need for appropriate access controls, user authentication and data encryption to protect against unauthorised access and data breaches. The guideline also stresses the importance of audit trails, ensuring transparency and traceability of data modifications.
Considerations for the EMA guidelines beyond technology
When thinking about computerised systems and electronic data, some but not all may be tempted to arrive at a conclusion that the guideline pertains purely to technical, information technology (IT) related aspects. However, we encourage you to think about it through the lenses of several key perspectives:
- Processes: Do your standard operating procedures (SOPs) and other controlled documents embed and comply to the requirements of this guideline? Do they allow and guide the relevant process roles to make appropriate assessment on the systems and electronic data or guide them on relevant procedures to be used for electronic data access and use?
- People: Do you have any people in impacted roles who need to have a specific level of awareness of this guideline, its requirements, and the extent to which it impacts their roles? What level of training and change management is needed?
- Clinical trial project delivery: How does the guideline impact your delivery in ongoing or new clinical trials? What considerations should apply to be in compliance for any investigational product targeting a marketing authorisation in EU?
- Vendors: Do your vendors comply with the requirements of this guideline and how that compliance is ensured and overseen?
- Budgets and other financial implications: Does the adherence to this guideline impact costs on clinical research projects or require investments by the company in technology and system updates, process updates, people training?
- Investigators: How do we qualify investigators ensuring appropriate electronic system suitability, access and use? How do we define source data agreements and access to source data and EMR source data at investigative sites?
These are some key considerations where each clinical research related function within complex, matrix-based organisations – whether a sponsor, CRO or vendor – need to assess their daily interface with systems and electronic data. The guideline encourages all impacted stakeholders to think about clinical data as both “data derived from a trial participant and any other trial related data handled in e-systems for the purposes of conducting and reporting a clinical trial, and relevant for the clinical trial”, as explained by EMA in the clarification letter to ICON.
Preparing to comply with new EMA guidelines
The clinical research industry has had line of sight on the guideline and its implications since the first draft was released in September 2021. Some have been working across their organisational functions to assess the impacts and ensure effective and timely implementation of this guideline. Achieving readiness with an adequate assessment and mitigation of the ultimate impacts of this guidance will be a significant undertaking given the complexity and multilayer nature of clinical research. ICON recommends clients, investigators and other stakeholders conduct assessments of their clinical trial computerised systems and electronic data use, access and management, and advocates for raising the awareness of this new guideline globally.
Compliance of computerised systems and electronic data to the regulatory standards is critical for clinical trial data reliability and protection of patient safety and rights. As the new EMA guidance compliance date approaches, everyone in the industry should be readying to comply.
Contact us to learn how we can help you navigate the challenges of meeting the new regulations and prepare your business for success.
Vesta Marciulioniene, Director Global Regulatory Clinical Services, ICON Biotech
Jo Hulbert, Executive Director Global Regulatory Clinical Services, ICON Biotech