How will you navigate the new TMF regulatory landscape?
Many organizations today still struggle to develop effective compliance strategies. In recent years we have seen a dramatic change in pace from regulatory authorities and standards organizations. With a wealth of new updates coming in, it is becoming increasingly more complex to remain compliant. With this in mind, our upcoming webinar will focus on the recent regulatory changes that will impact trial master files and provide a practical outlook on how to apply them and stay one step ahead.
3. 3
Agenda
LIVE WEBINAR
1. Review key aspects of regulations governing TMF
2. Discuss the big issues relating to the
implementation of the regulations
3. Explore practical considerations for complying with
the regulations
5. 5
House
Keeping
L I V E W E B I N A R
• This webinar is being recorded and
will be made available after this
session
• Feel free to use the chatbox to
submit your questions at anytime
• Q&A will take place at the end of
the webinar
9. FDA CGMP
Guideline on GCP compliance in
relation to trial master file (paper
and/or electronic) for content,
management, archiving, audit and
inspection of clinical trials (March
2017)
Integrated addendum to
ICH E6(R1): Guideline for
Good Clinical Practice
E6(R2) (November 2016)
MHRA GxP Data Integrity
Definitions and Guidance for
Industry Draft version (July
2016)
FDA Data Integrity and
Compliance with CGMP
(April 2016)
FDA Use of Electronic Records and
Electronic Signatures in Clinical
Investigations Under 21 CFR Part 11
Questions & Answers’
(June 2017)
21 CFR PART 11
MHRA GxP Data
Integrity
Definitions
ICH
E6 (R2)
EMA
15975/2016
11. Certified
Copies and
Destruction
of Paper
ICH
“A copy (irrespective of the type of media used) of the original record that has
been verified (i.e. by a dated signature or by generation through a validated
process) to have the same information, including data that describe the context,
content and structure, as the original.”
ICH
“[…] When a copy is used to replace an original document (e.g., source
documents, CRF), the copy should fulfill the requirements for certified copies.”
FDA
“The copy of the original record should be verified as having all of the same
attributes and information as the original record and certified as indicated by a
date signature.”
EMA
A certified copy is a paper or electronic copy of the original record that has been
verified (e.g. by a dated signature) or has been generated through a validated
process to produce a copy having the exact content and meaning of the
original.”
12. Certified Copies & Destruction of Paper
Big Issues Practical Considerations
• FDA guidance is currently not in line with ICH E6
R2 or EMA
• How practical is it to sign certified copies
(electronically or handwritten)?
• Do we destroy paper or not?
• Define what is a record and what you understand
to be a certified copy
• Develop a process for validation of certified
copies, including ongoing QC, should be detailed
in SOPs to ensure consistency
• Remember that a certified copy is only required if
the copy is permanently replacing the original or
if the eTMF is being presented as the official TMF,
for example, during an inspection
• Only destroy paper if you are confident that your
validated process works
• Remember to initiate documents electronically if
you can
13. Have you generated certified copies and
destroyed paper records in your organization?
1) Yes, after putting in place a validated
process
2) Yes, after certifying copies with a signature
3) Yes, after putting in place a validated
process and certifying copies with a
signature
4) No, we still maintain paper records
13
POLL
A B O U T T H E C O M P A N Y
14. Audit
Trails
EMA
“audit trail […] to identify date/time/user details for creation, uploading, approval
and deletion of and changes to a document”
FDA
“audit trail is a process that captures details of information, such as additions,
deletions, or alterations, in an electronic record without obscuring the original
record. An audit trail facilitates the reconstruction of the course of such details
relating to the electronic record.”
FDA
"Electronic audit trails include those that track creation, modification, or deletion
of data (such as processing parameters and results) and those that track actions
at the record or system level (such as attempts to access the system or rename
or delete a file)."
MHRA
"There should be adequate traceability of any user defined parameters used
within data processing activities. Audit trails and retained records should allow
reconstruction of all data processing activities regardless of whether the output
of that processing is subsequently reported or otherwise used."
15. Audit Trails
Big Issues Practical Considerations
• When does an artifact become a record?
• What metadata or processing parameters need to
be audit trailed?
• What is an audit trail vs transaction log and where
does it apply?
• Data integrity guidance is still in draft
• Define what you consider to be a record (records
management process) and what needs an audit
trail (system requirements) based on your
interpretation of the regulations
• Transaction logs are useful – ask your vendors
what they offer and include this in your
specifications
• Lobby the regulators to come up with better
descriptions and requirements
16. TMF Scope
&
Signposts
ICH
"The sponsor and investigator/institution should maintain a record of the
location(s) of their respective essential documents including source documents.”
EMA
“The sponsor and the investigator should identify and make a record of the
location(s) of all the potential documentation that is considered to form the TMF,
even if several locations, departments, country organizations and systems are
involved, so that it is effectively organized.”
17. TMF Scope & Signposts
Big Issues Practical Considerations
• How do you present TMF information to an
inspector that is contained in multiple different
systems and locations?
• What is TMF relevant?
• When multiple systems are involved, what is the
authoritative source?
• In the TMF plan, specify what is TMF relevant,
authoritative source vs. shadow and where this
information is being held
• Label artifacts in eTMF as authoritative source or
shadow copies
• Identify TMF records using signposts within your
eTMF, if your system allows you to do it
• Define process for access to signposted content
being held in different locations
18. TMF
Exchange
EMA
“When different TMF systems are linked to facilitate the trial conduct, for
example the CRO eTMF system uploads documents into the sponsor eTMF
system, the process for transferring documents should be robust and should be
validated to prevent failure of transferring parts of the entire content of the
original TMF without loss i.e. there should be a demonstrable 1:1 mapping
between the content of the two systems.”
FDA
“During an inspection, FDA will focus on any source data that are transferred to
another data format or system to ensure that checks are in place and critical
data are not altered in value or meaning during the migration.”
19. TMF Exchange
Big Issues Practical Considerations
• How do you conduct exchange of TMF information
across different eTMF systems:
• At the end of a study?
• In the case of a merger and acquisition?
• In the case of interim TMF transfers?
• In the case of an inspection?
• Mapping metadata and migrating content is time
consuming and error prone
• Transferred content, if electronic, must be held in a
compliant manner
• TMF RM exchange mechanism standard will
hopefully solve this problem
• Find out from your vendor if they plan to support the
TMF RM exchange mechanism standard
20. Timeliness
EMA
“Article 57 states “the clinical trial master file shall at all times contain the
essential documents relating to that clinical trial.” The requirement “at all times”
means that the TMF should be updated, and completed in a timely manner.”
EMA
“[…] it is important, therefore, to keep the TMF up to date, with documents
placed in the TMF in a timely manner as this greatly assists the successful
management of a trial by the investigator and sponsor (or party to whom the
sponsor has delegated its duties).”
ICH
“Filing essential documents at the investigator/institution and sponsor sites in a
timely manner can greatly assist in the successful management of a trial by the
investigator, sponsor and monitor.”
21. Timeliness
Big Issues Practical Considerations
• Terminology used in the guidance is vague and
open to interpretation
• What is timeliness?
• What date determines timely completion?
• Consider a process to define when TMF artifacts
need to be in a TMF
• Establish methods for measuring timeliness and
standards around dates
• eTMF should have a mechanism for detecting
missing artifacts
• Most documents can be tied to a milestone
• e.g. Site Selected -> Site Initiated
• Compliance with protocol timelines, study
plans established at trial start
22. What do you consider to be timely filing of TMF
content (artifacts) in your organization?
1) Artifacts must be filed as soon as they are
produced
2) Artifacts must be filed within 30 days or less
of their production
3) Artifacts must be filed within 3 months of
their production
4) Artifacts must be filed before the end of the
study
5) We do not have a policy on timely filing of
artifacts
22
POLL
A B O U T T H E C O M P A N Y
23. Direct
Access
EMA
“With reference to Article 57 of the Regulation, direct access to the TMF is
expected.”
EMA
“Direct access includes all the systems that comprise the TMF as defined by the
sponsor […]”
EMA
The eTMF should allow review in an efficient manner, analogous to that possible
with paper TMFs.”
EMA
“Any training should be an option for the inspector to choose and is anticipated
to be very brief (taking no more than an hour).”
24. Direct Access
Big Issues Practical Considerations
• Systems are not well-adapted for
inspector use (especially with minimal
training)
• Many systems could hold TMF content
and providing direct access to all
systems becomes challenging
• How do you control access to
inspectable content only?
• Include a section in TMF plan for inspections
• Define which systems contain TMF content and
plan for access in the case of inspection
• Establish whether inspector will have direct access
(is there an interface for this provided by your
vendor?) or guided access (who will do it?) or will
you provide a verified listing?
• Include requirements in your eTMF for inspector view
• For other systems, evaluate whether that capability exists,
otherwise consider guided access
25. Have you experienced an inspection where direct
access was requested?
1) Yes
2) No
3) I don’t know
25
POLL
A B O U T T H E C O M P A N Y
26. Record
Retention
ICH
ICH E6: at least 2 years after marketing approval or at least 2 years since the
discontinuation of clinical development of the investigational product.
ICH
Regulation in ICH countries
• EMA (EU): At least 25 years after end of trial
• MHLW (Japan): Until the day marketing approval is obtained or 3 years
after date of premature termination or completion of the clinical trial,
whichever comes later
• FDA (US): 2 years after marketing approval or 2 years after shipment
and delivery of IP is discontinued
• Health Canada (Canada): 25 years after end of trial
• Swissmedic (Switzerland): at least 10 years after completion or
discontinuation of the trial (15 years for implantable devices)
27. Record
Retention
ICH
Ensure the integrity of the data including any data that describe the context,
content and structure of the data. This is particularly important when making
changes to the computerized systems, such as software upgrades or migration.“
EMA
"Media used to store the data may potentially deteriorate or become obsolete,
thus transfer to an alternative would need to be considered. The media should
be stored under appropriate conditions. Any transfer or migration needs to be
validated. The transfer of data to new media as technology advances would
need to be considered by the organisation."
28. Record Retention
Big Issues Practical Considerations
• How do you retain electronic records for 25 years?
(Remember those floppy disks)
• No real harmonization between RAs...
• Define the plan for archiving at the beginning of a
trial
• Define process for periodic verification of archived
electronic records
• Follow ISO standards
• ISO 19005, Document management –
Electronic document file format for long-term
preservation – Part 1, Use of PDF 1.4 (PDF/A-
1)
29. Cloud
Computing
FDA
Ensure adequate controls in place to ensure reliability and
confidentiality of the data.
Some key factors to consider:
• Validation documentation
• Ability to generate accurate and complete copies of records
• Availability and retention of records for FDA inspection for as long as records
are required by
• Archiving capabilities
• Access controls
• Secure, computer-generated, time-stamped audit trails of users’ actions and
changes to data
• Encryption of data at rest and in transit
• Electronic signature controls
• Performance record of the electronic service vendor and the electronic service
provided
• Ability to monitor the electronic service vendor’s compliance with electronic
service security and the data integrity controls
30. Cloud Computing
Big Issues Practical Considerations
• How do you ensure that whoever is holding your
eTMF content in the cloud allows you to meet the
regulatory requirements around electronic
records?
• Lack of guidance from the regulators with regards
to cloud computing
• Important to establish who is responsible for what
(vendor, subcontractors, third parties) (quality
agreements)
• Ask vendor how they meet 21 CFR part 11
requirements
• Ask industry colleagues how they’ve done it
• Perform due diligence – regularly
• Look for certifications like SOC and ISO
31. Site
Documents
/eISF
EMA
“The investigator TMF may be electronic with the system either provided
by the sponsor, a vendor or health care institution. A situation where all
the investigator site records are sent to the external sponsor for
uploading onto an eTMF system, which the investigator then accesses
via a portal, would potentially breach data privacy requirements and give
sole custody to the sponsor for source documents. Therefore, such a
construct is considered unacceptable. Remote access, i.e. access to
investigator documentation at the investigator site from a different
location by sponsor personnel, to personal data of trial subjects in the
investigator TMF, is unacceptable. Where a portal is used to provide
documents to the investigator, if this is not part of the investigator TMF
there needs to be a mechanism to ensure such documentation is filed in
the official investigator TMF. Also, there should be an audit trail to
demonstrate investigator access to documents in the portal at the
appropriate time.”
EMA
“In organizing the TMFs, it is essential to segregate some documents
that are generated or held by the sponsor only, from those that are
generated or held by the investigator only, and vice versa.”
32. Site Documents/eISF
Big Issues Practical Considerations
• Sponsor cannot hold certain site documents and
vice versa
• Do sites really want another system?
• How can you ensure that sites are properly
maintaining their ISF?
• Ask your vendor about the mechanism in place to
segregate site only vs. sponsor only documents
• Evaluate eISF systems that may exist to see if
they are a fit. Remember that the Sponsor cannot
hold the ISF for the site
33. Risk Based
TMF
ICH
“Evolutions in technology and risk management processes offer new
opportunities to increase efficiency and focus on relevant activities. […]
Advances in use of electronic data recording and reporting facilitate
implementation of other approaches.”
EMA
“The essential documents for the trial may be supplemented or may be reduced
where justified (in advance of the trial initiation), based on the importance and
relevance of the specific documents to the trial.”
EMA
“As part of the validation a formal process should be in place for regular QC
checks of digitised and indexed documents in the e-TMF. This would usually be
undertaken on a sampling basis, including escalation procedures where errors
occur beyond a pre-defined Acceptance Quality Limit (AQL). ”
34. Risk Based TMF
Big Issues Practical Considerations
• We don’t take a risk based approach today....
• How do you demonstrate and measure quality?
• Multiple vendors, multiple systems makes risk
management challenging
• Difficult to join the dots to fully understand the
sequence of events
• Define a plan for risk-based TMF review, consider:
• Study design and complexity
• Number of vendors
• Number of systems used containing TMF records
• Assigning risk scores to document types based on
process risk and other factors
• Ask your vendor if they have or plan to introduce
risk based functionality for QC and risk
identification
• Think about how you can better organize
information to better tell the story of what
happened and leverage this information to assess
risk
35. Sponsor
Oversight
ICH
“The sponsor should ensure oversight of any trial-related duties and functions
carried out on its behalf, including trial-related duties and functions that are
subcontracted to another part by the sponsor’s contracted CRO(s).”
EMA
“The sponsor may choose to outsource duties and functions of the sponsor to a CRO
The sponsor remains responsible for the trial and will need to maintain oversight, so
access to the sponsor TMF (e.g. remote access to an e-TMF) or at least to relevant
documents from it will be necessary in order to discharge their responsibilities
effectively.”
EMA
“FDA recognizes that sponsors and other regulated entities may choose to
outsource electronic services. […] When these electronic services are used to
process data for FDA-regulated clinical investigations, sponsors and other
regulated entities should consider whether there are adequate controls in place
to ensure the reliability and confidentiality of the data.”
36. Sponsor Oversight
Big Issues Practical Considerations
• What is oversight?
• How do you demonstrate and measure it to
provide evidence of oversight?
• Define process for sponsor TMF oversight in TMF
plan
• Define methods for oversight for example,
process for QC and QA of the TMF by the
sponsor and supporting documentation
• Define KPIs in service level agreements
• Avoid duplicate records available at sponsor and
vendor levels – increases risk for error and
inconsistency. Use signposts and defined process
for access instead.
37. Do you feel that the regulations that are in place
provide enough clarity on what is required in
relation to TMF and eTMF systems?
1) Yes, the regulations are clear
2) No, the regulations are not specific enough
and do not provide enough clarity
3) I don’t know
37
POLL
A B O U T T H E C O M P A N Y
38. State of the Union
S E C T I O N # 2
38A B O U T T H E C O M P A N Y
Presented by Paul
39. • TMF is changing – moving away from being a document repository and
moving towards being an information management system
• TMF is a gold mine of information which if leveraged in the right way
can not only tell a better story of what happened in the study but also
provide more insight into study risks
• The regulators seems to be moving quickly and not everything is
100% clear yet
State of the Union
40. • The future of eTMF will be more data driven, connected and holistic
and will focus on presenting processed based views of study activities
• Easier exchange of eTMF information and artifacts is on the horizon
with the implementation of the TMF RM Exchange Mechanism
Standard
• Paper is starting to finally disappear and a new wave of more
intelligent eTMF solutions should be here soon!
State of the Union
41. 41
• Facilitate exchange of clinical trial
information to all stakeholders
• Accurately track the progress of
TMF completeness
• Quickly comply with regulatory
requirements, audits and
inspections
A Complete eTMF
Platform Engineered for
Growth Organizations
42. Are you interested in receiving more information
about eTMF Connect?
1) Yes, could be useful
2) No, not interested
42
POLL
A B O U T T H E C O M P A N Y