In March 2023, FDA released a draft guidance on Part 11 Application to Clinical Investigations. The specific introduction in the guidance stated:
This document provides guidance to sponsors, clinical investigators, institutional review boards(IRBs), contract research organizations (CROs), and other interested parties on the use of electronic systems, electronic records, and electronic signatures in clinical investigations of medical products, foods, tobacco products, and new animal drugs. The guidance provides recommendations regarding the requirements, including the requirements under 21 CFR part 11 (part 11), under which FDA considers electronic systems, electronic records, and electronic signatures to be trustworthy, reliable, and generally equivalent to paper records and handwritten signatures executed on paper.
The guidance also explains how the lifecycle of this guidance document will fit in with related guidance documents. As illustrated below, the intention for this guidance is to:
- Revise (and retitle) the guidance, “Use of Electronic Records and Electronic Signatures in Clinical Investigations Under 21 CFR Part 11 — Questions and Answers (June 29, 2017)”
- Expand upon the recommendations in the guidance, “Part 11, Electronic Records; Electronic Signatures — Scope and Application (August 2003)”
- Supersede (replace) the guidance, “Computerized Systems Used in Clinical Investigations (May 2007)”
Some key take-aways from the guidance:
- 21 CFR Part 11 applies to real-world data used in support of predicate rules.
- 21 CFR Part 11 applies to data collected at non-US sites in support of predicate rules.
- Use validated process to create certified copies of clinical investigation records.
- Ensure storage of clinical investigation records are maintained with reliable method.
- While 21 CFR Part 11 does NOT address security of records during transmission, other privacy and security laws may necessitate encryption or other types of protection.
Validation of electronic systems used in clinical investigations
The guidance provides input and considerations to the software validation plan for an electronic system used in clinical investigations:
- Criticality and significance of the record.
- Intended use functionality – consider the workflow and the essential operations of the software to support the clinical investigation over the entire lifecycle of use, e.g., pre-study, peri-study, post-study.
- Some office productivity tools may not need protocoled test cases – examine existing downstream QC.
- Assess your vendor’s / supplier’s custom-made or custom-configured systems for state-of-the-art software validation activities: planning, requirements generation, software design rather than ad-hoc coding, testing at multiple levels such as unit and system, change control, and configuration management. Do they have a clear strategy for “maintaining” a validated state for subsequent software releases.
- Audit trail integrity.
What documentation should the sponsor have in place for electronic systems that fall under the scope of part 11, and what will be FDA’s focus during inspections of the sponsor? The guidance gives input to this question – the electronic system “package” should include:
- Have clear description of the software system. SoftwareCPR would recommend layered architecture diagrams mapping data flow, software components, configurable items, control checkpoints.
- Validation as described above.
- Describe roles and responsibilities of sponsors, clinical sites, and other parties.
- Describe installation process and necessary infrastructure, including any expected or required testing or “checks” to be performed by the sponsor.
- Describe any necessary interfaces if applicable and how to ensure or verify interoperability.
- User management process including instructions for sponsor if applicable.
- Data backup, recovery, and contingency plan including any required actions by the sponsor. Contingency plan to cover manual data entry or other method.
- Training materials.
- Auditing plans and reports to verify data integrity.
Refer to the guidance for more detail and requirements.
Need help with planning your Part 11 strategy? Our partner John Murray was the internal expert with 21 CFR Part 11 during his tenure at FDA. Contact us to setup a consultation with John.