Get in touch with us. We'd love to hear from you.
Clinical Trials Software Validation in Compliance with 21 CFR Part 11
As of September 15, 2016, the number of registered clinical studies in the world was as high as 225,506, which is double the number of clinical studies seen in 2011. Conducting effective clinical studies is a very labor-intensive and time-consuming process. To sort and analyze the vast amount of data, pharmaceutical and biotech companies deploy various Clinical Trial Data Management Systems to meet a wide set of requirements.
There are four phases of clinical trials to test the safety and effectiveness of a new medical strategy, drug, or device before going to market, if it even makes it there: 1) Preclinical testing and laboratory tests on animals; 2) Clinical research such as dose finding, proof of concept and comparison; 3) Data analysis; and 4) Follow-up to continually test the drug to ensure its effectiveness. All stages are considered separate trials and upon completion of each phase, a research team sends the results to the U.S. Food and Drug Administration (FDA) for approval before proceeding to the next phase.
Because all drug makers, medical device manufacturers, and biotech companies must comply with the FDA regulations, companies need to record, manage, store, and provide easy access to documentation of every phase of the process. To simplify this seemingly difficult and time-intensive process, companies use Clinical Trial Data Management Systems to track study performance, conduct data reports, and inform decision-making.
Since the Code of Federal Regulations (CFR) Part 11 was introduced in 1997, the FDA accepts electronic records and signatures for compliance. The regulations outlined in 21 CFR Part 11 set the ground rules for the technology systems that manage information used by organizations subject to FDA regulation. CFR Part 11 sets security requirements to ensure that electronic records and electronic signatures are trustworthy, reliable, and compatible with FDA procedures, as well as verifiable and traceable in comparison to paper records and traditional handwritten signatures.
CFR 21 Part 11 requires that electronic signatures come with a detailed history of the document— an audit trail. Here are some of key requirements for electronic signatures:
- Printed name of the signer, the date/time the signature was applied, and the meaning of the electronic signature;
- Human readable form of the record and not separable from their record;
- Unique to a single user and not used by anyone else;
- Utilize biometrics to identify the user or use at least two distinct identifiers (ex: the user ID and password);
- Passwords checked periodically and will expire; and
- Loss management procedures exist to reauthorize lost, stolen, or missing passwords.
While other software and consulting companies have developed their own approaches to systems validation and verification, based on our experience, we developed our own automation framework that ensures tech solutions used by pharma companies are compliant with the FDA requirements and will continue to meet the compliance requirements over time. If you would like to learn more about the framework and how EPAM can help you develop a Clinical Trial Data Management System, download our Clinical Trial Data Automation Framework one-pager or contact us today.