Are Copies as Acceptable as Original Documents?

This is a question that I seem to be hearing with increasing frequency! I think the reason for this is that an increasing number of companies and organizations are introducing electronic document management systems (EDMS). Where there are hard-copy records generated, these are digitized (scanned) and the resulting electronic files uploaded into the EDMS. The question then remains: What do I do with the original source paper records?

On Thursday 1st December this question will be addressed at the Drug Information Association (DIA) Electronic Document Management conference in Zurich. Lisa Mulcahy (Mulcahy Consulting) and Steve Scribner (International Life Science Solutions) will be presenting a framework that has been developed by a Special Interest Area Community to facilitate the destruction of original records following digitization. Of course, there are caveats to this process and Lisa/Steve will be outlining what some of those caveats are, including the certification of copies to provide assurance that the copy is a complete and accurate representation of the original record.

Incidentally, this question was put to FDA GCP Questions some time ago with the following response given:

“The scanning of study records to CDs and/or pdf files is acceptable for clinical trials provided the scanning process ensures that the resulting copy contains all of the original attributes and information found in the original records and someone certifies, after verification, that the records are an accurate and complete reflection of the original.

If you wish to use the scanned copies in lieu of the paper source data, (i.e. destroy the paper source data) then the scanned copies would have to meet the definition of a certified copy as described in our guidances. If you wish to retain these copies in electronic form in lieu of paper your computer system would have to comply with part 11 [21CFR11]. 

Certification should be accomplished by having the person who makes the copy, sign or initial and date the copy to indicate it meets the requirements of a certified copy as described above. This should be described in the SOP and can be accomplished by initialing and dating each copy or by initialing and dating a document certifying copies in bulk. Whichever method is used the SOP should describe the procedure.”

I find the reference to certifying copies in bulk particularly interesting as companies often ask whether each individual page or individual document needs to be certified. The process of certifying documents in batches or in bulk has long been the practice in the world of microfilming so it makes absolute sense to accept the same principle in the world of electronic digitization too.

Posted in Compliance, e-records, Litigation, Records management practice, TMF | 2 Comments

MHRA Opens Public Consultation on Review of UK Medicines Legislation

On 25th October, the MHRA opened a consultation period of 12 weeks for their review and consolidation of UK legislation pertinent to manufacture and use of medicines. Many requirements relating to the creation, management and retention of medical records are covered by the regulations within scope. However, an initial review of the proposed changes do not appear to reveal anything specifically about this topic.

Of note, the requirements for clinical trials is explicitly excluded from this exercise. The consultation document states:

“There are ongoing negotiations at a European level about the introduction of a Directive that would require substantial changes to the regulation of clinical trials. In addition, on 23 March the Chancellor of the Exchequer announced that the Government will review the UK’s implementation of the Clinical Trials Directive in order to reduce perceived gold-plating and to increase the proportionality of the system. We intend to leave the existing UK legislation regulating clinical trials as it is for the moment, rather than consolidate it now and then amend it substantially not long afterwards.”

Those records managers with an interest in GCP records need to look out for the subsequent review

Posted in Regulations, TMF | Leave a comment

eTMF Vendors – Who Has the Largest Market Share?

This is a question just sent through to us….. which vendor has the largest market share of the eTMF solution vendors? I guess the answer will depend on whether we’re talking about most client licenses/seats or highest volume of sales and whether we’re also including the likes of EMC and others who build bespoke eTMF solutions.

If any readers would like to comment on this question, please submit a comment below.

Posted in e-records, TMF | 2 Comments

Fire at Iron Mountain Facility in Aprilia, Italy

A large fire struck Iron Mountain’s document storage warehouse and headquarters in Aprilia, Italy late on Friday 4th November 2011. According to news reports, the entire building was enveloped in flames causing substantial damage to the building and, presumably, to the documents and digital content stored there. Approximately 40 employees worked in the facility but nobody has been injured.

It is reported that the company had a sophisticated fire protection system in place and that the probable cause of the fire was an electrical fault. A spokesperson said “We are trying to take stock of the situation as soon as possible in order to respond to questions and concerns of our customers about the status of their documents stored at Aprilia”.

Posted in Document Storage | 2 Comments

Documentation Risk Adaptations in Clinical Trials

A paper has recently been published under the joint auspices of the UK Department of Health (DH), the Medicines and Healthcare products Regulatory Agency (MHRA) and Medical Research Council (MRC) describing risk-adapted approaches to the management of clinical trials of investigational medicinal products (see MHRA website to download the paper). Interestingly, the paper includes a section on documentation, including the content of the trial master file (TMF) and retention periods for documentation.

Given that the objective of the paper is to provide guidance in the adoption of risk adaptations to the management of trials, the guidance with regards to documentation is sadly lacking. In the area of retention periods, there is actually no guidance to risk adaptations at all. Furthermore, the paper does not even acknowledge the requirement contained in Directive 2003/63/EC for the sponsor to retain “all other documentation pertaining to the trial as long as the product is authorised“. I would have expected this document to outline the circumstances under which all documentation really needs to be retained for this extensive period and to provide guidance in the circumstances under which it might be considered acceptable to retain documentation for a shorter period of time, for example in relation to trials on established products. The option to destroy certain trial documents only 2 years following marketing approval would have been a significant step forward. Instead, the requirement still stands to retain all documents for the lifetime of the product, a period which bears little relation to patient safety and the statute of limitations.

In relation to TMF content, the paper goes a little further, identifying specific documents which might not necessarily be expected in the TMF for certain types of trials. Unfortunately, the documents cited usually form a very small percentage of the content/volume of a typical TMF so the impact is likely to be minimal. In addition, I would anticipate many sponsors preferring to have a single, consistent policy for TMF content to avoid inadvertently missing content. The paper would have had more impact if it permitted a risk adaptation for ancilliary correspondence, for project management documentation and for QC records such as the evidence of document review and approval. For some trials, these records have minimal impact in relation to verifying trial conduct and patient safety yet would have a major impact on the administrative burden of trial management.

From a records management perspective, this paper is welcomed as it acknowledges the important place that documentation has in clinical trial management. However, the content only begins to scratch the surface. I look with eagerness for an early revision of this document!

Posted in Compliance, Records management practice, Regulations, TMF | Leave a comment

Why Good Records Management Is Key

Authors: Eldin Rammell & Karen Redding (Phlexglobal Ltd)

The past year has seen significant consolidation of mid-size CROs, with many of them being bought or put up for sale. In particular, the top six or seven CROs seem to be signing
more preferred partner deals, such as Pfizer teaming with Parexel and ICON, and
Takeda’s deals with Covance and Quintiles, which is driving mid-size CROs
growth through major acquisitions. There has also been a big shift in
outsourcing services to preferred partnerships, with large CROs outsourcing
niche services to small CROs on a functional basis. Sponsors are also assessing
their current tasks and outsourcing those that require non-core expertise. One
niche area that companies do not always consider outsourcing is document control.
Document management is essential in the pharma industry but can be difficult to
optimise, so working with an outsourcing partner can be valuable.

Good records management

Good records management is crucial in the pharma industry. One of the most common
problems we see is individuals and teams retaining their own copy of documents
rather than utilising a single central source, preferably made available via an
electronic document management system (EDMS). In our highly regulated
environment, demonstrating the reliability and authenticity of documentation is
critical, so individuals making use of a central definitive source for their
records is particularly important. In addition, much time and money is wasted
through duplication and mismanagement of documents when carried out in an
uncontrolled manner.

In some industry sectors, management have introduced strict controls over where and how
documents may be saved. Some organisations, for example, prevent documents from
being saved anywhere except in an authorised EDMS. Perhaps this is one step too
far, but good document control is necessary to achieve regulatory compliance.

Another problem we often see is poor version control, particularly for draft documents. As there may be a need to demonstrate appropriate review of draft documents, it is essential that any review signatures and comments be unambiguously linked to the associated document. This requires a formal system of version control within the organisation.

Once a pharmaceutical process has been completed—whether
a clinical trial or the production of a batch of drugs—the only thing remaining
to demonstrate regulatory compliance is the documentation audit trail. This is
why adequate quality control is so important. It is not enough just to have a
record of what happened; regulatory authorities have an expectation that you
can demonstrate those records to be accurate, legible, contemporaneous,
original, attributable, complete, consistent, enduring and available when
needed (1). A well-designed quality system will ensure that documentation being
sent off to the archive is “fit for purpose”.

Poor quality control can be recognised when a sponsor is
notified of an impending regulatory inspection. All too often, there is a mad
panic as documentation is retrieved from various filing systems and hours are
spent checking files for completeness. This is wasted effort and diverts key
personnel from their core activities. A robust quality control system should
eliminate the need for these eleventh-hour activities and result in
inspection-ready files. Furthermore, quality control should ideally be embedded
within existing processes rather than being introduced as an additional
process. It is better to prevent poor quality records from being generated
rather than identifying poor quality records and having to expend effort in
fixing them.

The vast majority of regulatory requirements worldwide
actually say very little about records management, which has been a bone of
contention for years. On the one hand, records management professionals prefer
the need for explicit guidance so that there is assurance they are operating
within the permitted boundaries, but on the other hand, the lack of explicit
guidance gives freedom to define company-specific processes and systems.
However, it would be helpful for regulators to provide more specific guidelines
in areas that are troubling industry the most, particularly where they see
commonly occurring inspection deficiencies.

The bottom line is the need to have documented processes
and robust document management systems (either electronic or physical) that
permits the demonstration of the above-mentioned attributes. The most common
regulatory failures are an inability to locate requested documents (because
they have not been generated, have been lost or destroyed, or stuck in a
chaotic filing system) and poor quality records. Inspection findings related to
quality typically cite a lack of appropriate signatures, missing pages, and
missing document attributes, such as no page numbers, dates or document
reference identifiers. As previously stated, the best processes are ones where
quality is checked before a document is signed off or used; poor quality
records never find their way into the files as they are corrected before they
become final.

Meeting regulatory requirements

One of the key points to note is that few regulations
have thoroughly addressed the electronic environment that we are now working
in. As such, it is extremely important that organisations pay attention to the
predicate rules — those regulations and guidance documents that are applicable
to traditional hard-copy data and documents. Moving into the electronic arena,
perhaps the most important requirements are the need to use appropriately
validated systems (2) and to design data and document management systems that
maintain the integrity, authenticity and completeness of the content for the
full term of the retention period.

Regulations mandate that some data be retained for the
marketed life of a product. In these cases, it can be challenging to address
the potential problem of software, operating system and hardware obsolescence
(i.e., the ability to retrieve and read data in ten, twenty and thirty years’
time). One solution is data migration or the use of enduring file formats. Data
migration requires the regular transformation of data from one file format
and/or hardware platform to another across the retention period, ensuring each
data migration is complete, checked and fully validated. An alternative
approach is to choose a file format and storage medium that is likely to remain
accessible over the retention period, such as PDF/A, TIFF, ASCII or XML. This
is often a lower cost option, but can result in loss of metadata and
functionality, such as the inability to re-process data.

The challenge for industry is that whilst some guidance
on long-term electronic archiving exists (3) , guidance from the regulatory
agencies is sparse and often inconsistent. In the absence of guidance, the
recommended strategy is to adopt a risk-based approach in determining
electronic archiving solutions and processes. It is also essential that
decision-making processes are formally documented. This documentation should be
retained as part of the validation package, which may be requested in the event
of regulatory inspections.


1. EMA, “Reflection paper on expectations for electronic
source data and data transcribed to electronic data collection tools in
clinical trials” (June 2010). PIC/S, “Good Practices for Computerised Systems in
Regulated “GXP” Environments” (September 2007).

2. Guidance on the Archiving of Good Clinical Practice
Material (Scientific Archivists Group, September 2007).

First Published:

Posted in Records management practice, Technology, TMF | 1 Comment

Questions a Sponsor Should Ask a CRO

While I was browsing through my website analytics, I came across the above question that was entered into a search engine which in turn directed somebody to the website. It got me thinking what a great question it was! So, from a records management perspective, what ARE the questions that should be asked? Or put another way, what issues do you need a discussion on when contemplating outsourcing business activities? The list below is not comprehensive but might be helpful and should stimulate some discussion!

  • Do you have a written records retention schedule? Is it signed off by senior management? Is it known about across the organisation? Is it followed?
  • How are records managed whilst they are active? How is the reliability, authenticity, usability, integrity and confidentiality of records maintained?
  • How are records managed whilst they are inactive (archived)? How is the reliability, authenticity, usability, integrity and confidentiality of records maintained?
  • What rules, policies and procedures does the CRO have relating to the creation of records, including use of appropriate metadate to facilitate retrieval and retention, and avoiding the creation of records that violate laws such as tax, competition and anti-discimination laws?
  • In what format are electronic records maintained? How is their long-term accessibility guaranteed?
  • Exactly how and when will records be transferred to the sponsor? In what format? On what media? At what time points? What quality control will be undertaken to ensure transferred records are of an acceptable quality?
  • How are records transferred internally within the CRO and between the CRO and other parties? How is the reliability, authenticity, usability, integrity and confidentiality of records maintained?
  • What is the process for destruction of records? What controls ensure that records are not prematurely destroyed? How will records under Legal Hold be secured?

Can you think of any more questions?

Posted in Compliance, Records management practice | Leave a comment