Digital signatures have finally hit the mainstream in clinical research at a time when fuel prices resemble roller coasters,
priority mailing costs are skyrocketing, and companies are emphasizing security and sustainability of IP as a top priority.
Talk about good timing!
PhotoGraphy: Getty Images Illustration: Paul A. Belci
Eleven years after the first FDA 21CFR Part 11 Electronic Signature/Record final rule and subsequent guidance, and more than
three decades after the eventual founders of RSA introduced the concept of Public Key Infrastructure (PKI)-based digital signatures,
pharmaceutical and biotech organizations are now reaping the benefits of this technology in the clinical trials space.
- Several of the largest CROs estimate that adoption of digital signatures in clinical operations can reduce or eliminate more
than $500,000 in annual priority mailer costs alone.
- Almost all of the largest pharma companies have or are deploying digital signatures, with some claiming millions of dollars
in operational cost savings. Firms report equally dramatic time/cost savings in regulatory submission and long-term records
retention with digitally signed electronic records.
- SAFE-BioPharma reports that roaming digital ID (digital signatures) are now accepted by the federal entity that provides a
trusted electronic link across and into many of the U.S. government's major agencies, including FDA.
Simple and affordable
With newer approaches and technologies available for digital signature implementations, even small to medium sized biopharmaceutical,
medical device, and clinical organizations can afford to set up, use, and maintain what was once costly and complex.
From an investment perspective, the cost of digital signature products is as much as 90% lower today than similar technologies
were only five years ago. These new solutions are designed to support existing technical infrastructure, policies, and procedures,
resulting in minimal disruption during deployment.
With these advances, it is quite common for digital signature deployments to be put into practice in a matter of days, even
hours. Due to improved product packaging and implementation strategies provided by vendors, digital signatures now require
only minimal validation to further streamline the process.
Across the clinical landscape
Digital signatures have been broadly deployed in thousands of Good Quality Practice (GxP) regulated applications, but Good
Clinical Practice (GCP) operations seem to be at the forefront of adopting digital signatures for clinical documentation management
CROs, in particular, are benefiting from digitally signing site documents such as monitoring trip reports and other documents
where speed is of the essence for submission to study sponsors. Previously, the only solution for paper-based records was
to use priority mail to expedite delivery. Today, self-contained portable and sustainable electronic records are signed and
secured enabling trial sponsors, CROs, investigators, IRBs, and regulators to approve, exchange, and trust records over long
Organizations hosting applications, such as a shared Clinical Trial Management System (CTMS) for diverse clinical ecosystems,
are also quickly adopting digital signatures. One CRO currently hosts a CTMS for 6000 external collaboration partners—investigators,
IRBs, and sponsors—to access and sign regulatory documents for ongoing studies. Other Application Service Providers (ASP)
host a CTMS as a paid service, enabling clients to leverage digital signatures for secure clinical documents exchange.
One of the more important uses of digital signatures by organizations deals with SOPs and controlled documents that may be
called into evidence to support an audit.
Benefits of Digital Signatures
Historically, the creation of electronic source documents had been achieved through the use of electronic document management
(EDM) systems. This approach creates electronic records that become proprietary in nature and exclusively tied to the database
and repository of the EDM system vendor. This means that source documents cannot be extracted from the system and exchanged
and trusted externally, locking organizations into never-ending legacy systems to support. Subsequently, this approach fails
to facilitate another emerging trend: electronic submissions to regulatory authorities.
Electronic records created using digital signatures can be verified for the signer's identity and intent, and provide proof
of data integrity independent of the system that was used to create them.
Because both PDF (ISO standard 19005-1 PDF/A archive) and PKI digital signatures (standards governed by U.S. and EU governments
and independent bodies) are standards based, electronic records can be retained for decades. Organizations can have full confidence
that the documents will be both human readable and verifiable, even if the vendor or organization that created the digitally
signed PDFs is no longer in business.
Since digital signatures can also be used to sign and secure data as well as documents, it is important to note that the Clinical
Data Interchange Standards Consortium (CDISC) has also announced support for digital signatures to support interoperability
and trust of data exchanges between research and health care systems.
Furthermore, with today's workflows and approvals often spanning across organizations (and EDM technologies), the only way
to create signed electronic source documents is with digital signatures.