The following reasons have been given for the failure of computerized systems
This document addresses issues pertaining to computerized systems used to create, modify, maintain, archive, retrieve, or transmit clinical data intended for submission to the Food and Drug Administration (FDA). These data form the basis for the Agency's decisions regarding the safety and efficacy of new human and animal drugs, biologics, medical devices, and certain food and color additives. As such, these data have broad public health significance and must be of the highest quality and integrity. FDA established the Bioresearch Monitoring (BIMO) Program of inspections and audits to monitor the conduct and reporting of clinical trials to ensure that data from these trials meet the highest standards of quality and integrity and conform to FDA's regulations. FDA's acceptance of data from clinical trials for decision-making purposes is dependent upon its ability to verify the quality and integrity of such data during its onsite inspections and audits. To be acceptable the data should meet certain fundamental elements of quality whether collected or recorded electronically or on paper. Data should be attributable, original, accurate, contemporaneous, and legible. For example, attributable data can be traced to individuals responsible for observing and recording the data. In an automated system, attributability could be achieved by a computer system designed to identify individuals responsible for any input. This guidance addresses how these elements of data quality might be satisfied where computerized systems are being used to create, modify, maintain, archive, retrieve, or transmit clinical data. Although the primary focus of this guidance is on computerized systems used at clinical sites to collect data, the principles set forth may also be appropriate for computerized systems at contract research organizations, data management centers, and sponsors. Persons using the data from computerized systems should have confidence that the data are no less reliable than data in paper form. Computerized medical devices, diagnostic laboratory instruments and instruments in analytical laboratories that are used in clinical trials are not the focus of this guidance. This guidance does not address electronic submissions or methods of their transmission to the Agency. This guidance document reflects long-standing regulations covering clinical trial records. It also addresses requirements of the Electronic Records/Electronic Signatures rule (21 CFR part 11). The principles in this guidance may be applied where source documents are created (1) in hardcopy and later entered into a computerized system, (2) by direct entry by a human into a computerized system, and (3) automatically by a computerized system. II. DEFINITIONS Audit Trail means, for the purposes of this guidance, a secure, computer generated, time-stamped electronic record that allows reconstruction of the course of events relating to the creation, modification, and deletion of an electronic record. Certified Copy means a copy of original information that has been verified, as indicated by dated signature, as an exact copy having all of the same attributes and information as the original. Commit means a saving action, which creates or modifies, or an action which deletes, an electronic record or portion of an electronic record. An example is pressing the key of a keyboard that causes information to be saved to durable medium. Computerized System means, for the purpose of this guidance, computer hardware, software, and associated documents (e.g., user manual) that create, modify, maintain, archive, retrieve, or transmit in digital form information related to the conduct of a clinical trial. Direct Entry means recording data where an electronic record is the original capture of the data. Examples are the keying by an individual of original observations into the system, or automatic recording by the system of the output of a balance that measures subjectÂ’s body weight. Electronic Case Report Form (e-CRF) means an auditable electronic record designed to record information required by the clinical trial protocol to be reported to the sponsor on each trial subject. Electronic Patient Diary means an electronic record into which a subject participating in a clinical trial directly enters observations or directly responds to an evaluation checklist. Electronic Record means any combination of text, graphics, data, audio, pictorial, or any other information representation in digital form that is created, modified, maintained, archived, retrieved, or distributed by a computer system. Electronic Signature means a computer data compilation of any symbol or series of symbols, executed, adopted, or authorized by an individual to be the legally binding equivalent of the individual's handwritten signature. Software Validation means confirmation by examination and provision of objective evidence that software specifications conform to user needs and intended uses, and that the particular requirements implemented through the software can be consistently fulfilled. For the purposes of this document, design level validation is that portion of the software validation that takes place in parts of the software life cycle before the software is delivered to the end user. Source Documents means original documents and records including, but not limited to, hospital records, clinical and office charts, laboratory notes, memoranda, subjects' diaries or evaluation checklists, pharmacy dispensing records, recorded data from automated instruments, copies or transcriptions certified after verification as being accurate and complete, microfiches, photographic negatives, microfilm or magnetic media, x-rays, subject files, and records kept at the pharmacy, at the laboratories, and at medico-technical departments involved in the clinical trial. Transmit means, for the purposes of this guidance, to transfer data within or among clinical study sites, contract research organizations, data management centers, or sponsors. Other Agency guidance covers transmission from sponsors to the Agency. III. GENERAL PRINCIPLES
Security measures should be in place to prevent unauthorized access to the data and to the computerized system. IV. STANDARD OPERATING PROCEDURES Standard Operating Procedures (SOPs) pertinent to the use of the computerized system should be available on site. SOPs should be established for, but not limited to: ! System Setup/Installation DATA ENTRY A. Electronic Signatures
B. Audit Trails
C. Date/Time Stamps Controls should be in place to ensure that the system's date and time are correct. The ability to change the date or time should be limited to authorized personnel and such personnel should be notified if a system date or time discrepancy is detected. Changes to date or time should be documented. Dates and times are to be local to the activity being documented and should include the year, month, day, hour, and minute. The Agency encourages establishments to synchronize systems to the date and time provided by trusted third parties. Clinical study computerized systems will likely be used in multi-center trials, perhaps located in different time zones. Calculation of the local time stamp may be derived in such cases from a remote server located in a different time zone. VI. SYSTEM FEATURES
VII. SECURITY
SYSTEM DEPENDABILITY The sponsor should ensure and document that computerized systems conform to the sponsor's established requirements for completeness, accuracy, reliability, and consistent intended performance.
IX. SYSTEM CONTROLS
X. TRAINING OF PERSONNEL
XI. RECORDS INSPECTION
XII. CERTIFICATION OF ELECTRONIC SIGNATURES As required by 21 CFR 11.100(c), persons using electronic signatures to meet an FDA signature requirement shall, prior to or at the time of such use, certify to the agency that the electronic signatures in their system, used on or after August 20, 1997, are intended to be the legally binding equivalent of traditional handwritten signatures. As set forth in 21 CFR 11.100(c), the certification shall be submitted in paper form signed with a traditional handwritten signature to the Office of Regional Operations (HFC-100), 5600 Fishers Lane, Rockville Maryland 20857. The certification is to be submitted prior to or at the time electronic signatures are used. However, a single certification may cover all electronic signatures used by persons in a given organization. This certification is a legal document created by persons to acknowledge that their electronic signatures have the same legal significance as their traditional handwritten signatures. An acceptable certification may take the following form: "Pursuant to Section 11.100 of Title 21 of the Code of Federal Regulations, this is to certify that [name of organization] intends that all electronic signatures executed by our employees, agents, or representatives, located anywhere in the world, are the legally binding equivalent of traditional handwritten signatures." XIII. REFERENCES FDA, Software Development Activities, 1987. FDA, Guideline for the Monitoring of Clinical Investigations, 1988. FDA, Guidance for Industry: Good Target Animal Practices: Clinical Investigators and Monitors, 1997. FDA, Compliance Program Guidance Manual, "Compliance Program 7348.810 - Sponsors, Contract Research Organizations and Monitors," October 30, 1998. FDA, Compliance Program Guidance Manual, "Compliance Program 7348.811 - Bioresearch Monitoring - Clinical Investigators," September 2, 1998. FDA, Information Sheets for Institutional Review Boards and Clinical Investigators, 1998. FDA, Glossary of Computerized System and Software Development Terminology, 1995. FDA, 21 CFR Part 11, Electronic Records; Electronic Signatures; Final Rule. Federal Register Vol. 62, No. 54, 13429, March 20, 1997. FDA, [draft] Guidance for Industry: General Principles of Software Validation, draft 1997. International Conference on Harmonisation, Good Clinical Practice: Consolidated Guideline, Federal Register Vol 62, No. 90, 25711, May 9, 1997. What is the difference between a data entry error and a data retrieval error?What is the difference between a data entry error and a data retrieval error? A data-entry error is an error resulting from incorrect data being entered into a com- puter system. A data-retrieval error is an error resulting from the output of a computer system being misunderstood.
Which mistake was not made by aecl the manufacturer of the therac 25?162. Which mistake was not made by AECL, the manufacturer of the Therac-25? a) It did not include software or hardware devices to detect and report overdoses.
|