audit trail clinical trial committees

By Ethical 21 Feb, 2023

Audit trail of a clinical committee process: the invisible string to compliance

One often hears of metadata or audit trail when discussing electronic records but rarely gets to see these. Until the time of an audit, that is. Why? Because these invisible parts of digital records hold key information that will guide the inspectors’ work. Clinical leaders should therefore make sure they are correctly in place. Although invisible until needed, audit trails are the assurance for compliance needed in every process of a clinical trial, including independent expert committees management. 

An audit trail is the part of metadata allowing to track the key parameters of a digital record: when the record was created, in which environment or system, by whom, who reviewed it and when, who approved it, and so on.

If metadata such as dates of issuance, dates of validity or all other important information allowing to identify digital records must be kept safe for archiving purposes, the audit trail has additional requirements in the regulated world of drug development: it must be automatically generated, non-editable (so it cannot be changed once created), not accessible by regular users but easily accessible and readable (we say “human-readable” as opposed to “machine-readable”) when requested by an auditor. 

Why is Audit Trail so important?

At the time of massive transition from paper to digital records in the latter part of the 20th century, there was extensive debate on whether digital records were trustworthy and electronic signatures as valid as “wet ink” ones. In 1992 the EMA issued “Annex 11” and in 1997, the FDA issued 21CFRpart11, the US legislation that sets the rules for acceptance of electronic records and electronic signatures. Secure, inalterable, and inspectable Audit Trail was a centerpiece in the acceptance of digital records.

How is Audit Trail set and used today?

According to the above regulations, validated systems generating official digital records such as reports, PDF documents and other files are required to automatically generate an audit trail that can be inspected if needed. Computer systems validation systematically checks these features. In case of inspection, the audit trail not only confirms the authenticity of the record but can allow to verify whether all standard operating procedures (SOP) have been followed as required.

Inspection of the audit trail can for example show whether the persons required by an SOP have reviewed and approved a record, and whether they have done this in due time. If all is correct and the audit trail is secure and inalterable, then the inspector will be satisfied and move to the next item.

A useful component of clinical committee software

This obligation soon became a useful component of computer systems used in clinical trials, especially when managing independent committees such as clinical endpoint committees, DSMBs, DMCs or Steering Committees. Such systems typically involve several user-roles (e.g., sponsor, sites, committee members) and are used for recording assessments and recommendations.

The safest and easiest way for a clinical team to document the assessments and decisions of their independent committees as required by regulation is through audit trail: every time an operation is performed in the system, a new audit trail record is generated. For irrefutable evidence that any data point entered by an adjudicator or other contributor has never been modified without a GxP audit trail stating reasons, time and originator of the change, clinical committee software could also be integrated with Blockchain technology. Since all can be automated, there is no need to check along the way if using a validated computer system.

In summary, Audit Trail is metadata hidden deep inside computerized databases that ensure the validity and authenticity of digital records. Operational teams don’t usually check the Audit Trail unless they are the system coordinator, but they must always be sure to have it; because when they do need it, it is their assurance for peace of mind. With its high-level security capability, blockchain technology provides the strongest data integrity assurance.

FDA definitions of Data Integrity, Metadata and Audit Trail

Data integrity
refers to the completeness, consistency, and accuracy of data. Complete, consistent, and accurate data should be attributable, legible, contemporaneously recorded, original or a true copy, and accurate (ALCOA). 

Metadata is the contextual information required to understand data. A data value is by itself meaningless without additional information about the data. Metadata is often described as data about data. Metadata is structured information that describes, explains, or otherwise makes it easier to retrieve, use, or manage data. 

Audit trail means a secure, computer-generated, time-stamped electronic record that allows for reconstruction of the course of events relating to the creation, modification, or deletion of an electronic record. 

Source: Data Integrity and Compliance with Drug CGMP - Questions and Answers, Guidance for Industry (https://www.fda.gov/media/119267/download)

A cost-effective, compliant software with customized support for your DSMBs and DMCs management.

Manage DSMB/DMC efficiently with a software, How to ensure DSMB Data Compliance?



eDSMB Dossier

software solution
service description



Request a Demo of the eDSMB® Solution

We are EU-GDPR compliant: Your Data will never be used improperly

eDSMB Dossier

software solution
service description

Previous Next

Why use a software to manage DSMBs, DMCs and Steering Committees?

Do we need another committee? If we do, how to best manage it? Would a software help or can we go with emails? [...]

Why Use a Software for DSMB ManagementREAD MORE

Why eDSMB® is your best choice for data security

Here’s why eDSMB® protects your team and your company from the data security risk inherent to external reviews [...]


9 must-have elements of a DSMB SOP

Here are some instructions on writing the right SOPs for DSMB operations.

dsmb sopREAD MORE