本周二，美国食物药品管理局（FDA）宣布了一个问答底稿指南，剖析了其对临床试验中电子系统使用的期望，包括电子纪录、云盘算和移下手艺。

详细而言，该指南提供了28条问答，详细说明晰药品制造商、临床试验者、临床研究机构（CRO）和机构审查委员会（IRB）应该怎样包管电子系统切合政府的要求，且与纸质版等同。

该指南还更新了以往的指南，详细说明晰这些机构应该怎样接纳基于危害的要领来确认这些系统，并实验对电子纪录的审计跟踪。

在FDA早期的指南（2003年）中，第11章，电子纪录；电子签字-规模和应用，政府提供了一个“对第11章要求的狭义途径息争释”。政府诠释到，关于确认、审计跟踪、纪录保存和纪录拷贝等某些要求，政府将行使强制自由裁量权。

虽然FDA体现仍妄想对这些划定行使强制自由裁量权，政府体现该指南将剖析第11章中“在现在的手艺情形中，赞助方和其他被羁系机构必需酌情实验的控制”，由于它们涉及到：

• 电子系统，包括现成商业电子系统（COTS）和定制商业电子系统，由赞助方和其他被羁系机构拥有或管理的；

• 电子服务，由赞助方和其他受羁系的机构外包的；

• 主要用于提供医疗服务的电子系统；

• 移下手艺；和

• 通讯系统。

FDA体现，“若是这些系统对主要纪录举行了处置惩罚…递交给FDA”，企业通常需要对电子系统举行确认，可是确认的水平取决于系统及其用途。

FDA还指出，由于在线、基于web系统的使用，关闭系统和开放系统的规则险些不相关。FDA批注，赞助方应该对这些系统实验特另外清静步伐，如文件加密，以抵消在线系统中可能的物理清静丧失。

FDA体现，除了接纳步伐确保电子系统仅限于授权用户，还应有其他清静步伐，如防火墙、防病毒和反特工软件。

关于外包服务，如数据管理和云盘算服务，FDA体现，关于处置惩罚和贮存的纪录，企业应有责任确保这些服务“有充分的控制以包管其可靠性和保密性”。

移下手艺

该指南也提到了移下手艺在临床视察中的使用，包括智能手机、平板电脑、移动应用程序和可衣着式传感器，不管该手艺是由赞助方提供，照旧由研究加入者提供。

凭证FDA，赞助方应该确保有适当的控制，以确保使用移下手艺的职员是研究加入者，如指纹传感器或用户名和密码登录。

FDA体现，当从移下手艺中捕获数据时，赞助方也应确保，把在研究的每个数据元素绑定到一个特定的数据源，如特定的人、装备或仪器。

FDA还体现，由于小我私家移动装备爆发的数据最终会被传送到赞助方的电子系统，本指南中详述的会见控制、审计跟踪和确认有助于包管数据的可靠性，因此政府并不妄想检查临床试验中使用的小我私家移动装备

奥咨达服务

 

FDA 510K 申报服务和周期（含工厂注册和条约规模内产品列名）
FDA De Novo
FDA MD 预提交（Pre-submission）申报服务和周期
FDA PMA申报服务和周期
FDA产品列名 申报服务和周期
FDA宽免510K-服务

 

英语原文  

FDA Issues Draft Q&A on Electronic Systems in Clinical Investigations

Posted 20 June 2017 By Michael Mezher

The US Food and Drug Administration (FDA)on Tuesday issued a draft questions and answers guidance to clarifyexpectations for using electronic systems, including electronic records, cloudcomputing and mobile technology, in clinical investigations.

Specifically, the guidance provides 28questions and answers detailing how drugmakers, clinical investigators,clinical research organizations (CROs) and institutional review boards (IRBs)can ensure such electronic systems meet the agency's requirements and areequivalent to paper ones.

The guidance also updates past guidancedetailing how those parties can take a risk-based approach to validating suchsystems and implement audit trails for electronic records.

In FDA's earlier guidance from 2003, Part11, Electronic Records; Electronic Signatures – Scope and Application, theagency provided a "narrow approach and interpretation of part 11requirements" and explained it would exercise enforcement discretion forcertain requirements for validation, audit trails, record retention and recordcopying.

While FDA says it still intends to exerciseenforcement discretion for those provisions, the agency says this guidance willclarify the part 11 "controls that sponsors and other regulated entitiesmust implement as appropriate, in the current technological environment"as they relate to:

Electronic systems, including commercialoff-the-shelf (COTS) and customized electronic systems owned or managed by sponsorsand other regulated entities;

Electronic services, outsourced by thesponsor or other regulated entities;

Electronic systems primarily used in theprovision of medical care;

Mobile technology; and

Telecommunication systems

In general, FDA says companies will need tovalidate electronic systems "if those systems process critical records …that are submitted to FDA," though the extent of the validation willdepend on the system and its intended use.

FDA also notes that the distinction in theregulations between closed and open systems is "seldom relevant" dueto the use of online, web-based systems, and says that sponsors shouldimplement additional security measures for those systems, such as documentencryption, to offset the physical security that may be lost with onlinesystems.

In addition to taking measures to ensureaccess to electronic systems is limited to authorized users, FDA says thereshould be other security measures in place such as firewalls, and antivirus andanti-spyware software.

For outsourced services, such as datamanagement and cloud computer services, FDA says companies are responsible forensuring those services "have adequate controls in place to ensure thereliability and confidentiality" of the records they process or store.

 

Mobile Technology

The guidance also addresses the use ofmobile technology in clinical investigations, whether the technology isprovided by the sponsor or brought by the study participant, including smartphones and tablets, mobile apps and wearable sensors.

According to FDA, sponsors should ensurethere are controls in place, such as thumbprint sensors or username andpassword logins, to ensure the mobile technology is being used by the studyparticipant.

When capturing data from mobiletechnologies, FDA says sponsors should also make sure that each data element ina study is tied to a specific data originator, such as a particular person,device or instrument.

FDA also says it does not intend to inspectindividual mobile devices used in a clinical trial, as the data generated bythose devices will ultimately be transmitted to a sponsor's electronic systemsand because the access controls, audit trails and validation detailed in theguidance "help ensure the reliability of the data."