Final GCP Guideline on Computerized Systems and Data Integrity
Recommendation
4-6 March 2025
Management, Supply and Quality Assurance of Clinical Trials
Following the draft guideline published in June 2021 the final EMA Guideline on computerised systems and data integrity in clinical trials has now been published. The document will bcome effective 6 months after publication (10 September 2023). The guideline aims in understanding of regulatory expectations to validation, operation and safe use of IT systems in clinical trials. It replaces the "Reflection paper on expectations for electronic source data and data transcribed to electronic data collection tools in clinical trials". In addition, a new expression is defined: ALCOA++. In addition to the ALCOA + principles it includes Traceability. This means that data should be traceable throughout the data life cycle. Any changes to the data should be documented as part of the metadata (e.g. audit trail).
Responsibilities
Roles and responsibilities in clinical trials should be clearly defined. The responsibility for the conduct of clinical trials is assigned to the following two parties, which may each have implemented computerized systems for holding / managing data:
- Investigators and their institutions, laboratories and other technical departments or clinics,
- Sponsors that supply, store and/or, manage and operate computerized systems and the records generated by them. Sponsors may do this directly, or via service providers that collect and store data on behalf of them.
Audit Trail and Audit Trail Review
An audit trail should be enabled for the original creation and subsequent modification of all electronic data. The audit trail should be secure, computer generated and timestamped. The audit trail should record all changes made as a result of data queries or a clarification process. However, care should be taken to ensure that information jeopardising the blinding does not appear in the audit trail accessible to blinded users.
Procedures for risk-based trial specific audit trail reviews should be in place and data review should be generally documented. Data review should focus on critical data and should be proactive and ongoing. Manual review as well as review by the use of technologies to facilitate the review of larger datasets is possible. The investigator should receive an introduction on how to navigate the audit trail of their own data in order to be able to review changes.
Annexes
The new guideline includes the following 6 Annexes on:
- Agreements
- Computerized Systems Validation (e.g. User Requirements, Validation and Test Plans, Periodic Review, Change Control)
- User Management (e.g. Segregation of Duties)
- Security (e.g. Ongoing Security Measures, Penetration Testing, Protection Against Unauthorized Back-End Changes)
- Additional Consideration to Specific Systems (e.g. IRT System, Electronic Informed Consent)
- Clinical Systems (e.g. User Management, Trial Specific Data Acquisition Tools, Archiving)
More information is available in the EMA Guideline on computerised systems and electronic data in clinical trials published on the GCP Inspectors Working Group website.
Related GMP News
05.12.2024ICH E6(R3) Annex 2 Draft Guideline Released
05.12.2024ICH M15 Draft Guideline on Model-Informed Drug Development
07.11.2024Interim-Report on EMA's Clinical Study Data Proof-of-Concept Pilot
07.11.2024FDA Issues Guidances to Support Clinical Trial Innovation
17.10.2024FDA's final Q&A Document on Electronic Systems & Data in Clinical Trials
17.10.2024EMA Guideline on Quality and Equivalence of Topical Products