Inspection Logistics: Granting Inspectors Direct Access to Systems

Can regulatory authority inspectors request direct access to an inspectee’s electronic systems? They can and do.  Today’s blog post gives us some background on these requests.

European Medicines Agency (EMA) and the United Kingdom’s Medicines and Healthcare products Regulatory Agency (MHRA – and yes, this is how they capitalize it) have done this for some time.  EMA’s draft Guideline on computerised systems and electronic data in clinical trials (again, their capitalization) states plainly in section 4.11, “All relevant computerised systems should be readily available and directly accessible (this requires a unique username and password) upon request by inspectors of regulatory authorities.” Decommissioning the system does not get you off the hook: “Direct access (with personal username and password) to the data should be still ensured.” Section 6.11 of this guideline cautions sponsors that “the sponsor should ensure [contractually]…that archived pformats provide the possibility to restore the database.  This includes restoring of dynamic functionality and all relevant metadata (audit trail, event logs, implemented edit checks, queries, user logs, etc.).”

FDA has started requesting direct access more recently.  The process for doing so is buried within the agency’s hulking and oddly-paginated FDA Investigation Operations Manual 2022 (IOM). Section 5.10.2.1 outlines a special process for Bioresearch Monitoring (BIMO) inspections.  If the inspectee can provide read-only access, can make personnel available to provide an orientation to the system and answer questions on an ongoing basis, and if the inspectee is “agreeable,” FDA inspectors can utilize direct access to electronic systems in their inspections.

“Agreeability” is an interesting word choice in conjunction with inspections.  Is any inspectee ever “agreeable” to anything other than an early wrap-up with no 483?  The IOM suggests that direct system access is an expedient solely for the convenience of the “firm” (FDA’s quaint term for “inspected party”), so that a team member doesn’t have to be pulled from their desk for hours to walk the inspector through a case report form (never mind the twenty people in the back room furiously pulling documents for two weeks).  At the recent Society for Quality Assurance annual meeting in April 2022, FDA BIMO directors reiterated this point: the objective was to access the information they needed as easily as possible, not to undertake a fishing expedition through the sponsor’s files.

The IOM references “electronic data capture” systems as those likely to require direct access, giving specific examples of “electronic case report forms, medical records, patient-reported outcomes, informed consent systems and other electronic study records.”  Trial Master Files (TMFs) are not specifically called out in this list.  Historically, FDA inspectors have not shown a tremendous amount of interest in the Trial Master File as a concept.  FDA inspection findings are tied to the Code of Federal Regulations; sponsors may be cited for failure to generate, maintain, or retain records, or failure to permit FDA access to records, but there is no regulation requiring sponsors to maintain records neatly, or in an organized fashion.  In theory, 21 CFR Part 11 requires eTMFs to be maintained in Part 11-compliant systems, but FDA has long exercised “enforcement discretion” with regard to Part 11.  A review of inspection citations from 2008 through 2021 shows only one finding related to electronic records, from 2015:  “Failure to ensure proper monitoring of the study. Electronic records are used, but they do not meet electronic and human readable copy and audit trail requirements to ensure that they are trustworthy, reliable and generally equivalent to paper records.”

EMA does not take such a laissez-faire approach. Its Reflection paper on GCP compliance in relation to trial master files (paper and/or electronic) for management,
audit and inspection of clinical trials (EMA is quite stingy with its capital letters) has thoughts about how your TMF should be planned, structured, secured, and controlled. Section 6 outlines expectations for access to TMFs during inspections:  in short, expect it. “The inspectors must have access to the entire TMF…which means reviewing the TMF as used by the staff conducting the trial. A copy or artificial construction of it is unlikely to be accepted for trials currently in the live phase and puts an additional QC requirement on the sponsor. ….Direct access includes all the systems that comprise the TMF as defined by the sponsor” (emphasis mine).  The reflection paper goes on to warn that “GCP inspectors may not wish to be supervised during the review of the TMF.”  There’s also this note, which seems to anticipate our current reality:  “Remote access to eTMF without the inspector visiting the site may assist in planning inspections and could, in future, potentially form part of the inspection dependent upon national legislation and inspection practices” (again, emphasis mine).

Section 9 of this reflection paper lists the various ways that TMFs have been found wanting in EMA inspections, including the following:

• Document retrieval was delayed because some TMF documents were located separately from the main TMF
• A shadow copy was provided instead of the actual TMF
• Sponsor could not provide documentation that QC activities had been completed, and discrepancies were noted, giving the inspectors “no confidence” that the TMF was accurate
• Lack of migration documentation
• The inspectee did not provide big enough monitors for review of electronic TMF documents

To ensure that sponsors are ready to have their electronic systems directly accessed by inspectors, we recommend the following steps:

• Document locations of all TMF documents, not just the documents in the primary TMF typically held by the CRO. Documents frequently held outside the CRO’s eTMF include contracts, safety case documents and correspondence, regulatory submissions and correspondence, CMC and Clinical Supply records, CVs, job descriptions, analysis datasets, data management records, and data capture systems (EDC, IRT, ePRO, and safety databases).
• For each repository, identify trained inspection team members who can navigate the system and locate records.  If there are systems to which the team does not have access, obtain access. If they are not sufficiently trained, train them.
• For data capture systems, identify all roles that can enter and change data in the system, and document which actions each role is permitted to perform.  Include operations such as invalidating empty forms and making back-end changes.
• Review the audit trail for each system to determine whether initial entries, changes, and other operations (e.g., saving a form, setting an SDV flag, unlocking a visit) can be easily identified by a human reviewer.
• Gather documentation of any data or document migration activities, including planning, execution, and QC documentation.
• For FDA inspections, determine which systems you are “comfortable” having inspectors access and what alternative arrangements you will make for indirect access to other systems