Ann Neuer, president of Medical deScriptions and a content writer/developer in the clinical trials space, looks at how Intralinks’ information rights management technology helps sites to maintain document control as clinical trials become more collaborative.
Electronic collaboration among stakeholders has emerged as fundamental to the sharing of all sorts of study-related information in the clinical trials sector. Protocols, patient-specific data and informed consent forms are just some of the documents that need to be routinely shared as global clinical trials become increasingly electronic. Exactly how this information can be safely transmitted is a critical issue, especially with the growing reliance on cloud-based methodology for document management. Moreover, there are lingering concerns about the fate of sensitive documents once they have been permissioned.
Intralinks, provider of a highly secure cloud-based collaboration management platform, offers an information rights management (IRM) technology that enables stakeholders to maintain complete control over content at the file level, regardless of where it resides or travels.
Its key feature is that security is embedded within the document and travels with it, no matter the type of device used or where it goes. The creator of the document can grant access to it, and, at any point in time, withdraw access, meaning that a document that is shared can be unshared. Without this capability, the file creator loses control of it once they have distributed it and given someone access. The file could be saved, copied, edited, pasted, printed or shared with unauthorised users.
In addition, documents containing identifiable patient information might intentionally or unintentionally be forwarded to the sponsor, which would negatively impact the integrity of the trial. Traditional firewalls and virtual private networks (VPNs) do not circumvent these problems, so another approach is needed.
How IRM works
IRM protects sensitive information through a combination of encryption and access controls that allow authorised users to open files while unauthorised users or actions are blocked. Each document is assigned a unique encryption key, which is distributed to each user along with a public key.
With this approach, IRM provides a granular level of control over files that cannot be provided by any other single security technology, at least according to The Complete Reference: Information Security Second Edition. As a result, IRM has become the standard for document sharing in regulated industries and organisations where document security is paramount.
To engage collaborators, Intralinks IRM uses an intuitive interface with familiar-looking Windows or Adobe screens (see Figures 1 and 2). The solution is plug-in free, meaning that there is no software to download, overcoming a major adoption hurdle. An audit trail is created, documenting who opened the file and when, factors that aid in regulatory compliance. Multiple file formats − Microsoft Office, PDFs, and CSV files − are supported, and it is possible to upload and share files as large as 20GB. There is also version control.
Risk-based monitoring
The ability of IRM to share and control documents in a secure environment is a pivotal feature that meshes well with the growing industry trend toward risk-based monitoring (RBM). In 2013, the US Food and Drug Administration (FDA) released a guidance document and the European Medicines Agency put forth a reflection paper encouraging greater use of RBM to enhance human subject protection and data quality by refocusing monitoring activities on the key aspects of study conduct. Current thinking is that risk-based approaches to monitoring are more likely to ensure subject protection and study quality than routine visits to all clinical sites and 100% source data verification (SDV).
This trend is evident in a 2013 survey by Metrics Champion Consortium, which found that nearly half of the 45 respondents were using some form of RBM across development programmes or on a pilot basis supported by centralised data analytics. Furthermore, 10-30% of respondents not yet using any form of RBM reported they were planning to begin within 12 months.
With RBM gaining ground, the need for monitors to perform 100% SDV at the investigative site is on the decline. This is leading to reduced frequency of costly on-site visits, which involve monitors spending much of their time reviewing documents. A 2010 study involving a single site found that using remote SDV as part of a complex phase III study cut the cost of the monitor’s travel time from an anticipated $3,000 to $1,000. With the hefty price of travel, it is not surprising that on-site monitoring has represented nearly 25-35% of phase III study budgets.
RBM may have a positive impact on monitoring costs, but stakeholders are justifiably concerned about the security of files as remote sending increases. IRM technology addresses these concerns through permissioning, allowing monitors to safely receive and check files to determine if there are signals triggering the need for an onsite visit.
The value of the technology is that onsite visits become less about the tedious search for transcription errors from paper source documents, and more about addressing substantive issues with sites. Importantly, after remote monitoring takes place, IRM allows the site to withdraw the monitor’s access to those documents, ensuring the site maintains control in keeping with good clinical practice guidelines.
Bringing value
Improving the flow of study documents in a secure fashion is key to enabling RBM, which brings much-needed clinical and economic efficiencies to the clinical trial process. A recent study from the Tufts Center for the Study of Drug Development found that inspections identified protocol non-compliance as the top deficiency, with nearly half of inspections (46%) citing this issue.
This was followed by deficient record keeping, happening 25% of the time, and informed consent non-compliance 10% of the time. By implementing RBM, monitors can turn their attention to issues of protocol non-compliance and other study-related factors, making a meaningful impact on clinical trial operations and inspection results. RBM relies on the remote sending of study documents, and the safety features offered by IRM, namely encryption and access controls, facilitate this effort. Intralinks IRM goes one step further with plug-in free access, ability to share documents on mobile devices, and protection of a document throughout its life cycle, providing an effective solution.
References − ‘The Complete Reference: Information Security Second Edition’ − are available upon request.