GDPR: Considerations and ramifications
Over recent years, how personal data is treated has been at the forefront of data privacy discussions and rules – this extends to personally identifiable data.
Whilst there have been no updated regulations and legislations regarding GDPR and wearable devices within clinical trials, we shouldn’t be surprised if this changes.
Currently, there must be a valid and lawful purpose for collecting this data. It must then be handled fairly, lawfully and securely.
The purpose and subsequent handling must be outlined from the offset but how can patients be confident that this is the case when partaking in clinical trials?
Informed consent must be given by the patient as long as the data collected is appropriate and what has been agreed to.
Ensuring data integrity with good data management principles
Ensuring data integrity with ALCOA
ALCOA is a set of principles for ensuring data integrity. Introduced in the 90s by the US Food and Drug Administration (FDA), the ALCOA acronym was developed as a guide outlining their expectations regarding data and evidence (including paper-based, electronic, and hybrid).
The ALCOA principles generally apply across the board for good data management and their application has evolved across a range of areas, particularly in relation to pharmaceutical research, manufacturing, testing, and the supply chain.
We see many of the ALCOA principles utilized in GxP guidelines and they are often referenced alongside the FDA’s 21 CFR Part 11 and the EMA’s eTMF regulations.
The key principles are:
- Attributability: Who acquired the data or performed an action and when?
- Legibility: Can you read the data and any entries?
- Contemporaneous: Documented at the time of the activity.
- Original: A written printout or observation or a certified copy thereof.
- Accurate: No errors or editing without documented amendments.
*It’s also worth noting that these principles can also be referred to as ALCOA+ and ALCOA-C. These include additional principles to support in resolving additional challenges.
Data integrity is the degree to which data is complete, consistent, accurate, trustworthy, reliable.
The data should be collected and maintained in a secure manner, so that they are attributable, legible, contemporaneously recorded, original and accurate.
Assuring data integrity requires appropriate quality and risk management systems, including adherence to sound scientific principles and good documentation practices.
MHRA GXP Data Integrity Guidance and Definitions March 2018