research documentation and data security sandra l. alfano, pharm.d. chair, hic-i april 10, 2007
TRANSCRIPT
Research Research Documentation and Documentation and
Data SecurityData Security
Sandra L. Alfano, Pharm.D.Sandra L. Alfano, Pharm.D.
Chair, HIC-IChair, HIC-I
April 10, 2007April 10, 2007
ObjectivesObjectives
Discuss essential elements of a data Discuss essential elements of a data and document management planand document management plan
Present strategies for efficient Present strategies for efficient management of research related management of research related documentationdocumentation
Highlight effective tools for use in Highlight effective tools for use in managing study filesmanaging study files
Describe measures for ensuring Describe measures for ensuring subject confidentiality and data subject confidentiality and data securitysecurity
““Remember your Remember your responsibility to responsibility to get organized”get organized”
--Mrs. Archick--Mrs. Archick
Jessica Alfano’s 2Jessica Alfano’s 2ndnd grade teachergrade teacher
Documentation is EssentialDocumentation is Essential
““If it isn’t documented, it didn’t If it isn’t documented, it didn’t happen”happen”
Viewed as a bother, but invaluable if Viewed as a bother, but invaluable if a problem arisesa problem arises
No one method is mandatory (no No one method is mandatory (no one-size-fits-all solution)one-size-fits-all solution)
But there are certain essential But there are certain essential elementselements
Range of ComplexityRange of Complexity
Simple anonymous survey or use of Simple anonymous survey or use of de-identified existing samplesde-identified existing samples
VersusVersus
Multi-site coordination of a double-Multi-site coordination of a double-blinded drug study with 12 visits over blinded drug study with 12 visits over two yearstwo years
JargonJargon
““Regulatory Binder”Regulatory Binder” ““Trial Master Files”Trial Master Files” ““Source Documentation” (original Source Documentation” (original
documents, data and records, such documents, data and records, such as hospital records, lab reports, as hospital records, lab reports, subjects’ diaries, pharmacy records, subjects’ diaries, pharmacy records, etc.)etc.)
““Trust, but verify”Trust, but verify”
Ronald ReaganRonald Reagan
JargonJargon
Memo To File or Note to FileMemo To File or Note to File An amendment is an amendmentAn amendment is an amendment (Study personnel added via (Study personnel added via
amendment)amendment)
International Conference on International Conference on HarmonizationHarmonization
The International Conference on The International Conference on Harmonization of Technical Harmonization of Technical Requirements for Registration of Requirements for Registration of Pharmaceuticals for Human Use (ICH) is Pharmaceuticals for Human Use (ICH) is a unique project that brings together a unique project that brings together the regulatory authorities of Europe, the regulatory authorities of Europe, Japan and the United States and Japan and the United States and experts from the pharmaceutical experts from the pharmaceutical industry in the three regions to discuss industry in the three regions to discuss scientific and technical aspects of scientific and technical aspects of product registrationproduct registration
ICHICH
The purpose is to make The purpose is to make recommendations on ways to achieve recommendations on ways to achieve greater harmonization in the greater harmonization in the interpretation and application of interpretation and application of technical guidelines and requirements technical guidelines and requirements for product registration in order to for product registration in order to reduce or obviate the need to duplicate reduce or obviate the need to duplicate the testing carried out during the the testing carried out during the research and development of new research and development of new medicines medicines
E6:Good Clinical PracticeE6:Good Clinical PracticeConsolidated GuidanceConsolidated Guidance
An international ethical and scientific An international ethical and scientific quality standard for the design, quality standard for the design, conduct, performance, monitoring, conduct, performance, monitoring, auditing, recording, analyses, and auditing, recording, analyses, and reporting of clinical trialsreporting of clinical trials
GCPGCP
Compliance with this standard Compliance with this standard provides public assurances that the provides public assurances that the rights, safety and well-being of trial rights, safety and well-being of trial subjects are protected, consistent subjects are protected, consistent with the Declaration of Helsinki, and with the Declaration of Helsinki, and that the clinical trial data are crediblethat the clinical trial data are credible
Provide a unified standard to Provide a unified standard to facilitate internal acceptance of facilitate internal acceptance of clinical data by the regulatory clinical data by the regulatory authorities in these jurisdictionsauthorities in these jurisdictions
GCP 2.10GCP 2.10
All clinical trial information should be All clinical trial information should be recorded, handled, and stored in a recorded, handled, and stored in a way that allows its accurate way that allows its accurate reporting, interpretation, and reporting, interpretation, and verificationverification
Approaches to research Approaches to research documentationdocumentation
ChronologicalChronological
By topic/sectionBy topic/section
Some combination of the twoSome combination of the two
Maintain copies of all final Maintain copies of all final documentsdocuments
History or ‘bread-crumb trail’History or ‘bread-crumb trail’ Word-processing functions such as Word-processing functions such as
‘track changes’‘track changes’ Header/footer use for version/datesHeader/footer use for version/dates Version Control: only one version is Version Control: only one version is
‘active’ at a point in time‘active’ at a point in time Future electronic submission will Future electronic submission will
necessitate strict electronic version necessitate strict electronic version controlcontrol
Important sections of a Important sections of a regulatory binderregulatory binder
Protocol (including all amendments Protocol (including all amendments and all versions)and all versions)
Consent forms and HIPAA research Consent forms and HIPAA research authorization forms (approved by authorization forms (approved by IRB)IRB)
Regulatory approvals (IRB, RSC, PRC, Regulatory approvals (IRB, RSC, PRC, etc) and any required reapprovalsetc) and any required reapprovals
Important sections, cont’dImportant sections, cont’d
All correspondence, including emails, All correspondence, including emails, letters, faxes, notes of phone callsletters, faxes, notes of phone calls
Signature log, including name, initials, Signature log, including name, initials, signature, dates of involvement, and signature, dates of involvement, and study responsibilitiesstudy responsibilities
Recruitment materials, including Recruitment materials, including letters, advertisements, flyers, etc letters, advertisements, flyers, etc (approved by IRB)(approved by IRB)
Important sections, cont’dImportant sections, cont’d
Samples of all forms to be used for Samples of all forms to be used for data collection, including screening data collection, including screening logs, eligibility checklists, case report logs, eligibility checklists, case report forms, drug accountability logsforms, drug accountability logs
Assessment tools to be usedAssessment tools to be used
Important sections, cont’dImportant sections, cont’d
Any reporting requirements, such asAny reporting requirements, such as– Annual report to FDAAnnual report to FDA– Continuing review approved by IRBContinuing review approved by IRB– Adverse event reportsAdverse event reports– Protocol deviation/violation reportsProtocol deviation/violation reports– Evidence of periodic monitoring (per the Evidence of periodic monitoring (per the
protocol’s DSMP)protocol’s DSMP)– DSMB recommendations (if any)DSMB recommendations (if any)
Important sections, cont’dImportant sections, cont’d
Versions of all sponsor materials, if Versions of all sponsor materials, if applicable, including:applicable, including:– Sponsor’s clinical protocol, Sponsor’s clinical protocol, – Investigator’s Brochure, Investigator’s Brochure, – Amendments, Amendments, – Sponsor’s correspondenceSponsor’s correspondence– Records of monitoring visitsRecords of monitoring visits
ICH Essential DocumentsICH Essential Documents
Those documents which individually Those documents which individually and collectively permit evaluation of a and collectively permit evaluation of a trial and the quality of the data trial and the quality of the data producedproduced
Focus heavily on pharmaceutical-Focus heavily on pharmaceutical- sponsored trialssponsored trials Include groups of documents, Include groups of documents,
generated before the trial generated before the trial commences, during the clinical trial, commences, during the clinical trial, and after termination of the studyand after termination of the study
GCP Essential DocumentsGCP Essential Documents
Many sponsor-related items, such as Many sponsor-related items, such as – CVs of investigatorsCVs of investigators– 1572s1572s– Laboratory certificationsLaboratory certifications– Laboratory normal valuesLaboratory normal values– Master randomization list with plan to Master randomization list with plan to
decodedecode
Individual Subject FilesIndividual Subject Files
Consent form and RAF, signed and Consent form and RAF, signed and dated*dated*
Eligibility ChecklistEligibility Checklist Visit flowchartVisit flowchart Case report formsCase report forms Lab dataLab data AE summaryAE summary Patient diariesPatient diaries
*Separate storage*Separate storage
Signed consent Signed consent formsforms
Key linking Key linking identifiers to codesidentifiers to codes
Study Termination/Close-outStudy Termination/Close-out
Final reportFinal report PublicationPublication Local dissemination of results*Local dissemination of results* Retention and storage of regulatory Retention and storage of regulatory
documents per requirementsdocuments per requirements
More complex scenariosMore complex scenarios
Yale PI is the Sponsor-investigator of Yale PI is the Sponsor-investigator of an IND, or the lead investigator on a an IND, or the lead investigator on a multi-site studymulti-site study
Additional responsibilities, including Additional responsibilities, including maintaining CVs and training maintaining CVs and training certificates of all personnel from all certificates of all personnel from all sites, and IRB approvals (and sites, and IRB approvals (and reapprovals) from all sitesreapprovals) from all sites
Multi-site coordinationMulti-site coordination
Lead PI is responsible for data integrity Lead PI is responsible for data integrity and data and safety monitoringand data and safety monitoring
Monitoring is an evaluation of the Monitoring is an evaluation of the clinical research process which should clinical research process which should occur throughout the life of the protocoloccur throughout the life of the protocol
Lead PI is responsible for informing all Lead PI is responsible for informing all co-investigators of progress, and events co-investigators of progress, and events such as SAEs, etcsuch as SAEs, etc
Data SecurityData Security
Recent developments:Recent developments:– Loss of a CD with identified dataLoss of a CD with identified data– Theft of a laptop with identified dataTheft of a laptop with identified data– VA data security directivesVA data security directives– NIH web posting on data security NIH web posting on data security
commitmentscommitments
Best practicesBest practices
Work in progressWork in progress Several task forces working on these Several task forces working on these
issuesissues Review some basics to think about Review some basics to think about
and incorporate into practiceand incorporate into practice
ConfidentialityConfidentiality
Common Rule has always required Common Rule has always required that confidentiality be protected to that confidentiality be protected to the extent possiblethe extent possible
Good medical practice also Good medical practice also incorporates pledges of incorporates pledges of confidentialityconfidentiality
Steps must be taken to minimize the Steps must be taken to minimize the risk of breaches of confidentialityrisk of breaches of confidentiality
Common Rule definitionCommon Rule definition Private informationPrivate information includes information includes information
about behavior that occurs in a context in about behavior that occurs in a context in which an individual can reasonably expect which an individual can reasonably expect that no observation or recording is taking that no observation or recording is taking place, and information which has been place, and information which has been provided for specific purposes by an provided for specific purposes by an individual and which the individual can individual and which the individual can reasonably expect will not be made public reasonably expect will not be made public (for example, a medical record) (for example, a medical record)
Private information must be individually Private information must be individually identifiable (i.e., the identity of the subject is identifiable (i.e., the identity of the subject is or may readily be ascertained by the or may readily be ascertained by the investigator or associated with the investigator or associated with the information) in order for obtaining the information) in order for obtaining the information to constitute research involving information to constitute research involving human subjectshuman subjects
HIPAAHIPAA
Adds layers of ensuring privacy and Adds layers of ensuring privacy and data securitydata security
HIPAA Security focuses on electronic HIPAA Security focuses on electronic media, but Privacy covers all forms media, but Privacy covers all forms of dataof data
Uses somewhat different definitionsUses somewhat different definitions
Both CR and HIPAABoth CR and HIPAA
Need to get permission to access, Need to get permission to access, share personal information, via share personal information, via consent or authorization.consent or authorization.
If authorized, sharing is allowed per If authorized, sharing is allowed per the specifics of the approved the specifics of the approved documentsdocuments
JargonJargon
AnonymousAnonymous CodedCoded De-identifiedDe-identified
Terms are not synonymous!Terms are not synonymous!
JargonJargon
Anonymous:Anonymous:11: not named or identified <an : not named or identified <an anonymousanonymous author> <they wish to author> <they wish to remain remain anonymousanonymous>>22 :: of unknown authorship or origin of unknown authorship or origin <an <an anonymousanonymous tip> tip>33 :: lacking individuality, distinction, lacking individuality, distinction, or recognizabilityor recognizability
Merriam-Webster, on-lineMerriam-Webster, on-line
JargonJargon
Coded:Coded: a system used for brevity or secrecy a system used for brevity or secrecy
of communication, in which of communication, in which arbitrarily chosen words, letters, or arbitrarily chosen words, letters, or symbols are assigned definite symbols are assigned definite meaningsmeanings
Dictionary.comDictionary.com
Implies there is a link somewhereImplies there is a link somewhere
JargonJargon
De-identified:De-identified: Not a wordNot a word Usually thought to refer to stripping Usually thought to refer to stripping
the 18 HIPAA identifiers (including the 18 HIPAA identifiers (including dates)dates)
So may be more stringent than So may be more stringent than anonymous, but also could be coded anonymous, but also could be coded or notor not
JargonJargon
Anonymous is not de-identified nor codedAnonymous is not de-identified nor coded
Some use the term ‘no identifiers’Some use the term ‘no identifiers’
Anonymous should be reserved for Anonymous should be reserved for situations when there are no identifiers situations when there are no identifiers and no code to link backand no code to link back
Anonymous would allow recording of Anonymous would allow recording of datesdates
CodedCoded
Some code is used to track subjects Some code is used to track subjects and their dataand their data
Must be master file listing identifiers Must be master file listing identifiers (name) with code to allow decoding, (name) with code to allow decoding, addition of new dataaddition of new data
NEVER store the link with the dataNEVER store the link with the data
Separate Separate means means separate!separate!
JargonJargon
Moveable media: Moveable media: CDs, diskettes, jump CDs, diskettes, jump drives, laptops, palm drives, laptops, palm tops, Blackberry, tops, Blackberry, flash drives, thumb flash drives, thumb drivesdrives
EncryptionEncryption Secure networksSecure networks Password protectionPassword protection
AdviceAdvice
Do not keep data with identifiers on Do not keep data with identifiers on moveable mediamoveable media
May become more than just adviceMay become more than just advice
AdviceAdvice
““Tell them never to Tell them never to leave their laptops leave their laptops in the back seat of in the back seat of the car.”the car.”
Kristina Borror,Kristina Borror,
OHRPOHRP
Other methods to secure Other methods to secure datadata
Password protectionPassword protection FingerprintingFingerprinting Auto log-offAuto log-off Lock-down cables on laptopsLock-down cables on laptops Restrictions on downloadingRestrictions on downloading
Confidentiality section of the Confidentiality section of the HIC applicationHIC application
Describe all sites where data will be Describe all sites where data will be used or storedused or stored
Describe how the data will be Describe how the data will be transmitted or transportedtransmitted or transported
Describe specifically who will have Describe specifically who will have accessaccess
Describe how the data will be securedDescribe how the data will be secured If copies of data are on moveable media, If copies of data are on moveable media,
describe security measures for these describe security measures for these mediamedia
Sharing with co-Sharing with co-investigatorsinvestigators
Avoid unprotected emailAvoid unprotected email Coded data bestCoded data best
DestructionDestruction
Old data/old computersOld data/old computers Via ITS, Procedure 1609, Media Via ITS, Procedure 1609, Media
Control:Control:
http://mire.med.yale.edu/hipaapolicies/http://mire.med.yale.edu/hipaapolicies/
ConclusionsConclusions
RYRTGORYRTGO Take steps to develop a specific Take steps to develop a specific
document management plan tailored document management plan tailored to the protocolto the protocol
Take steps to implement data Take steps to implement data security measuressecurity measures
Stay tuned!Stay tuned!
ReferencesReferences
Common Rule: Common Rule: http://www.hhs.gov/ohrp/humansubjects/guidance/45cfr46.htm
ICH GCP: ICH GCP: http://www.fda.gov/cder/guidance/959fnl.pdf
HIPAA Privacy and Security: HIPAA Privacy and Security: http://info.med.yale.edu/hic/hipaa/index.hthttp://info.med.yale.edu/hic/hipaa/index.htmlml
Quotable QuotesQuotable Quotes
Remember your responsibility to get Remember your responsibility to get organizedorganized
If it isn’t documented, it didn’t If it isn’t documented, it didn’t happenhappen
No one-size-fits-all solutionNo one-size-fits-all solution Trust, but verifyTrust, but verify Bread-crumb trailBread-crumb trail Separate means separateSeparate means separate An amendment is an amendmentAn amendment is an amendment