Data integrity can be implemented using several approaches. One of the most effective ways to implement DI is a risk based approach. The speaker elaborates this.

1. 1
BEST PRACTICES TO
IMPLEMENT A RISK BASED
APPROACH FOR ENSURING
DATA INTEGRITY
Dr. Bhaswat S. Chakraborty
Former Sr.VP, & Chair, R&D Core Committee, Cadila Pharma
Former Director, Biopharmaceutics, Biovail, Canada
Former Senior Reviewer, TPD, Canada
1
Presented at the 2nd Data Integrity and Protection
for Clinical Research Summit, London, UK,
December 7-8, 2017

2. 2
CONTENTS
 Understanding the risk based monitoring
(RBM) for quality & data integrity
 Risk identification, analysis and other
important aspects of RBM
 Developing protocols & procedures to ensure
data integrity through RBM
 Computer & Statistical Systems
 DSMB & Trainning of sponsor/CRO
 Concluding remarks 2

3. 3
Investigational
Sites
Product
Management
Project
Management
Drug & Clinical Trial Development
Extended Picture
IRB Regulatory
Documents
Relationship
Building
eMails
Partners &
Affiliates
Meetings
CROs
Contracts
Knowledge
Information
Safety
Communication
Resource
Management
Data Capture
Data Management
Multidirectional Flow of Data and Decisions
3

4. 4
IMPORTANCE OF DATA INTEGRITY
 Quality of clinical trial data can make or
break an NDA or BLA – all phases
 Clinical development is very complex and
highly expensive
 Quality monitoring of CT data may cost up to
30% of total trial cost
 Quality of trial data, whether of patient safety
or of effucacy & scientific conduct of the entire
trial is determined by accuracy, completeness
and proper documentation of all data

5. 5
CLINICAL TRIAL DATA AND DOCUMENTS
 Study and site feasibility documents
 Protocol
 Inclusion/Exclusion criteria
 Informed Consent
 Investigators brochure
 Training documents and data
 Data
 Randomisation, Blinding
 CRF/ECRF (Demographics and site visit data)
 Primary and secondary outcome variables (end points)
 Clinical procedures and study conduct data
 Investigational products: Supply, Inventory, Handling & Usage, Retention
 Safety monitoring and signal detection
 Subject withdrawal and retention data
 Data and safety monitoring committee (activities, data, reports)
 Data management and data monitoring including SDV by Sponsor/CRO
 Data recording and reporting
 Statistical analysis
 Study reporting
 ..
5

6. 6
WHY DO WE NEED A DATA MANAGEMENT &
DATA INTEGRITY SYSTEM?
 Enormous volumes of data
 Example, a Phase-III trial in 10 centres with
100 patients each
 60 pages of CRF for each recruited patient
 20 fields each page
 40 pages of screening form for each candidate
patient
 20 fields each page
 [1000 (60 x 20)] + [1500 (40 x 20)]
= 12, 00000 + 12, 00000
= 24,00000 specific data points 6

7. 7
CLINICAL TRIAL DATA
 Useful only if it is clean & accurate
 Data processing must be
 real-time
 subject randomization
 management of clinical trials materials
 laboratory uploads
 patient diary data
 Integrated
 Consistent
 Accurate
 Data structures must be
 Standard
 Validated
 Data transfer method must be
 Standard
 Validated
7

8. 8
DATA INTEGRITY IN CLINICAL RESEARCH
 “Data integrity is the degree to whicha collection of
data is complete, consistent and accurate through the
data lifecycle.” – WHO
 Research integrity depends on data integrity
 Includes all aspects of collection, use, storage and sharing of
data.
 Data integrity is a shared responsibility
 Although the main responsibility belongs to the PI asnd the
sponsor, there is a broader role and responsibility for the
institute and scientific community.
 Transparency of the research data is its CREDIBILTY
8
Free and accurate information exchange is
fundamental to scientific progress
Van Eyk J., JHU NHLBI Innovative Proteomics Center on Heart Failure

9. 9
SOURCES OF DATA INTEGRITY & ITS LACK
 Data integrity is based on accurate and traceable:
 Collection
 Recording
 Storage
 Reporting.
 Data integrity can be compromised numerous ways:
 Malicious proprietors
 Human mistakes and naivety
 Technical error
9
Van Eyk J., JHU NHLBI Innovative Proteomics Center on Heart Failure
Fraud & cooked data are the highest risk of intefrity
but errors can also give misleading results

10. 10
TRADITIONAL MONITORING OF CT DATA
 Often aimed at 100% source data verification (not required by
ICH or FDA)
 Resource intensive – expensive, requires on-site visits
 Can identify certain and trends
 data entry errors, missing data in source records or CRFs
 provide assurance that study documentation exists
 assess compliance with the protocol and investigational
product
 quality of the overall conduct of the trial at that site
 particularly helpful early in a study, especially if protocol is
complex and includes novel procedures
 lead to meaningful training efforts
Evidence exists that fraud, fabrication of data and suspicious
non-random data distribution are not picked up by traditional
monitoring

11. 11
MONITORING REQUIRED IN DIFFERENT
PHASES OF CLINICAL TRIAL
 Phase I trial involves relatively high risk to a small N
 Usually the study investigator performs continuous monitoring of
safety
 Phase II trial follows phase I with more N
 Toxicity and outcomes are confounded by disease process
 Monitoring similar to that of a phase I trial or additional monitoring by
experts or DSMB
 Phase III trials frequently compares a new treatment to
a standard treatment or to no treatment
 Large N
 Short-term risk is low, but long term effects of IP to achieve significant
safety or efficacy difference from the control
 May require a DSMB to perform monitoring functions 11

12. 12
RISK BASED MONITORING (RBM) –
USFDA, EMA & ICHGCP E6R2
 A centralized, risk-based
monitoring (RBM) is the new
directive/amendment in quality
monitoring of CTs
 ICH GCP E6R2 directs to use
some of the best practices of RBM:
 5.0.1 Identify critical trial
processes and data
 5.0,2 Identify risks to critical
trial processes and data
 5.0.3 Evaluate risks
 5.0.4 Control risks
 5.0.5 Communicate risks
 5.0.6 Review risks
 5.0.7 Report risks
Essentially
same
principles
of RBM

13. 13
APPROACHES TO BUILD AND MAINTAIN
DATA INTEGRITY
 Monitoring, meaning RBM
 Centralized monitoring with supervised & unsupervised ML
 CTDM & RDC Systems
 On site monitoring
 Clinical trial quality assurance units (QAUs)
 Sponsors often use internal or external QAUs
 QbD and Risk based monitoring
 Building QbD
 Risk identification & assessment
 Critical attributes and riskcategorization thereof
 Plans and processes
 Targeted monitoring
13

14. 14
Clinical Data Management System
(CDMS)
Data Capture Strategy
Remote Data Capture
Portal Data Capture
Processes
Adverse Event Monitoring System
Compliance (GCP/GLP) Monitoring
Workflow Monitoring
Analytical Data Processing
Statistical Data Processing
Systems
Data Extraction
GLIB
TMS/Dictionaries
Reports
Validation
14

15. 15
CENTRALIZED MONITORING
 A remote evaluation carried out by sponsor personnel or CRO
 By clinical monitors, data management personnel, or
statisticians
 At a location other than the sites
 Can provide many of the capabilities of on-site monitoring as
well as value additions
 Success of centralized monitoring depend on various factors
 Use of electronic systems; access to subjects’ electronic records
 Timeliness of data entry from paper CRFs
 Ensure that record keeping, data entry & supporting source
data are well-defined & accessible
 Identify in monitoring plan when one or more on-site
monitoring visits are required
15Centralized monitoring plus RDC are key for Risk-
based Monitoring
USFDA Guidance (2013) on Oversight of Clinical Investigations-RBM

16. 16
ALTERNATE MONITORING
 Monitor or review data quality
 missing data, inconsistent data, outliers, and protocol deviations
 Conduct statistical analyses to identify data trends, e.g.,
 checks of range, consistency, completeness, unusual data distribution
 Analyze site characteristics, performance metrics
 high screen failures, withdrawal rates, high eligibility violations,
delays
 Verify critical source data remotely
 where accessible; CRF data are according to the protocol?
 Complete administrative and regulatory tasks
 IRB approvals, IP accountability, randomization and CRF data
 Communication with Study Site Staff – Tele- or
videoconferencing, email
 Review site’s processes, procedures, and records technique
16
Many of the above elements can be used for Risk-
based Monitoring

17. 17
RISK-BASED MONITORING (1)
 Basis: Monitoring activities prevent or mitigate
important and likely sources of malpractices or
errors in conduct, collection, and reporting of critical
data and processes necessary for human subject
protection and trial integrity
 Importance of Critical Quality Factors:
 Procedures critical to collecting reliable data for study
endpoints
 Consistency across sites or in a highly specific manner in
some sites
 Procedures that won’t significantly impact data analysis or
subject safety
17
Other than deliberate malpractices, some types of errors
in CT is more important than others
(error in age v/s error in endpoint)
USFDA Guidance (2013) on Oversight of Clinical Investigations-RBM

18. 18
RISK-BASED MONITORING (2)
 RBM relies on a systematic process of identification,
asses, control, share and review the risks (CT data,
event & procedures during CT’s entire lifecycle)
 Determination of when should a site(s) get extensive
intervention or review?
 Include supervised and unsupervised central approaches
Supervised RBM is data- and trial specific based on established
risk-indicators and thresholds
Unsupervised statistical monitoring is holistic & free from
fixed hypotheses; uses statistical tests to ensure data quality &
integrity
18
RBM for Data integrity includes Centralized & On-site
monitoring plus some machine learning
USFDA Guidance (2013) on Oversight of Clinical Investigations-RBM

19. 19
RISK-BASED MONITORING (3)
1. Identify Critical Data and Processes to be Monitored:
 IC verification, adherence to protocol eligibility criteria,
accountability and administration of IP, conduct,
documentation & assessments related to study endpoints & red
safety assessments
 Procedures essential to trial integrity, e.g., blinding is
maintained, both at the site level and at the sponsor level
2. Risk Assessment:
 Risk identification based on trial design or investigational
product
 Risks assessed and prioritized by likelihood of errors occurring,
impact of such errors on subject protection and trial integrity
19
Some types of errors in CT is more important than others
(error in age v/s error in endpoint)
USFDA Guidance (2013) on Oversight of Clinical Investigations-RBM

20. 20
Risk-based Monitoring (4)
3. Factors to consider while developing a monitoring plan:
 Complexity of the study design may require increased frequency and
extent of review (adaptive designs, stratified designs, complex dose
titrations..)
4. Monitoring Plan:
 Each monitoring method & how it will be used to address
 Criteria for determining the timing, frequency, and extent of planned
monitoring activities
5. Documentation of monitoring:
 Date of the activity and the individual(s) conducting and participating
in it
 Summary of the data or activities reviewed
 Description of noncompliances, potential noncompliance, data
irregularities..
 A description of any actions taken
20Use the results of risk assessment in developing
monitoring plan and type and intensity of monitoring to
address this risksUSFDA Guidance (2013) on Oversight of Clinical Investigations-RBM

21. 6. Risk control & communication:
 Risk control aims at determination of an acceptable risk level
Reduces excessive risks to an acceptable level
 Risk control includes risk mitigations, adaptations & risk
acceptance actions
 Also includes accountability for risk control
Risk communication ensures that risk assessment and
mitigation activities (including updates) are communicated to all
relevant personnel
7. Risk review and reporting
 In risk prone trials, many new information come from parallel
activities and tests (preclinical, pharmacology, IB, protocol
amendments)
 Thus regular review of previous and new data should be done,
reported & necessary actions taken
21
Risk-based Monitoring (5)
Expert group on CT (2017) on implementation on regulation (EU) No 536/2014

22. 22
Computer Systems and Non-compliance
 ICHGCP R2 5.5.3a & 5.5.3h:
 When using a computerzed system, base the
validation approach on a risk assessment,
maintain SOPs & ensure data integrity
 ICHGCP R2 5.20.1
 Follow up of non-compliance that has or may
signicicantly affect human subject protection or
reliability of trial results, by performing a root
cause analysis & 9mplementing CAPA
ICH GCP R2, Step-4

23. 23
ELEMENTS OF MACHINE LEARNING
Machine
Learning
Unsupervised Supervised
Cluster & interpret
data based only on
input data
Supervised
Develop predictive
models based on
input & outpuy data

24. 24
Supervised Modeling & Unsupervised
Statistics
 Idea of supervised modeling is data specific (both
input & output data)
 Risk indicators & their thresholds
 Important risk indicators are built in RDC
 Risk predictions (above thresholds) are based on expert
models & acted upon for mitigation
 Unsupervised statistical RBM are based on actual
trial data
 Can identify out of trend or non-random values, e.g. sites
recruiting very low or very high; site showing too many
ADRs
 Univariate & multivariate analysis
Chakraborty B (2017) unpublished results; Bengtsson S. (2017), Lund University

25. 25
Bengtsson S. (2017), Bachelor’s Thesis, Lund University

26. 26
Require a DSMB to Oversee Data
Integrity?
 CTs that are complex and are not of low risk
(refer EMA directive on Risks Proportionate
Approaches in CTs) usually need a DSBM to
maintain data & trial integrity
 To ensure that participants are not exposed to undue
risks
 To ensure that the study will yield unbiased & usable
results
 To do Interim Analyses and/or change protocol study
design based on IA
 To deliberate on malpractice & serious errors
26
Low risk studies, e.g. Phase-I, bioavailability, very short
term studies do not require DSMB

27.  Registration of studies on http://www.clinicaltrial.gov/
 Selection and monitoring of clinical investigators
 Selection of monitors
 Monitoring procedures and activities
 Safety/ AE reporting
 All study tabulations
 All investigators tabulations
 Data tabulations on each subject in each CT in an NDA
 eRecords and eSignatures
 Data collection
 System & data handling during site closure
27
Preparing as a Sponsor or a CRO for an
FDA Audit
Pro active preparation for Regulatory audit often is half the
battle won for data integrity demonstration
Various USFDA & EMA guidelines

28. 28
CONCLUDING REMARKS
 A CT is as good as the quality of its data (i.e. Data of integrity)
 In an effort to ensure the integrity of CT data, the FDA, EMA &
ICH have released requirements
 Monitoring of data collection, review and analysis is essential to
ensure data integrity
 Even traditional monitoring requires an in-depth and comprehensive
examination of all collected data, but fails to identify data integrity risks
 The risk-based monitoring (RBM) is fundamentally different as
to how data managers review clinical data
 Does not mandate a specific methodology but requires an ideal strategy
allowing a faster time to market, reduces site monitoring costs and frees up
time and resources for value-added tasks
 For complex Phase III (sometimes Phase II) trials require a
DSMB for ensuring data integrity or to stop the trial
 Training and audit (FDA/Client) readiness for data integrity
assures high success rates
28

29. 29
THANK YOU VERY MUCH