Suggested SOPs

Modified on Thu, 8 Jan at 12:25 PM

Suggested SOPs

Suggested Data Management Standard Operating Procedures (SOPs) for Electronic Data Capture

This section provides a recommended minimum set of Standard Operating Procedures (SOPs) for organizations using Electronic Data Capture (EDC) systems. It is not intended to be an exhaustive list. You should refer to current regulations and guidelines applicable to your organization and study(ies) to identify all required SOPs. OpenClinica Professional Services can support you in developing new SOPs or reviewing your existing documentation.

ℹ️ Note: If your organization uses electronic systems for clinical trials, you should audit your software vendor(s) to ensure that appropriate development SOPs were established and consistently followed throughout the software development lifecycle.

List of Suggested SOPs

SOP	Description
1. Development and Maintenance of SOPs	Define the SOP template and the processes for SOP development, review, and approval. Include: Roles and responsibilities SOP release and distribution requirements SOP version control and maintenance procedures
2. SOP Deviations	Describe how you report and document deviations from SOPs, including: Planned deviations Unplanned deviations
3. Data Privacy and Protection	Describe the processes you follow to ensure data privacy and protection, including safeguards within: Your organization Your software solution or service (if applicable)
4. Document, File, and Study Binder Management	Describe how you manage all documents related to study conduct. Include: Differences between in-house and CRO-conducted studies Study Binder version control processes
5. Data Management Roles and Responsibilities	Clearly define the roles and responsibilities for all users participating in study data management.
6. Data Management Plan (DMP)	Describe the Data Management Plan template and include: SOPs to be followed Clinical data management system to be used Descriptions of data sources Data handling processes Data transfer formats and process, Quality control measures Define how you develop, approve, update, and version-control the DMP.
7. Data Monitoring Plan	Describe the Data Monitoring Plan template and specify how it ensures: Protection of participant rights and well-being Accuracy, completeness, and verifiability of reported data The trial is conducted in compliance with currently approved protocol and other applicable regulatory requirements If you use partial data monitoring, clearly define what this means for the study (for example, 100% monitoring of critical data values or 100% verification of 20% of participants). Define the process for developing, approving, and maintaining the Data Monitoring Plan. Include details on version control.
8. Statistical Analysis Plan	Describe the Statistical Analysis Plan template and define processes for its development, approval, maintenance, and version control.
9. eCRF Design and Development	Define how you design, develop, and standardize electronic Case Report Forms (eCRFs). Include: Design and approval processes Development procedures Version control requirements
10. Study-Specific Database Design	Describe how you configure study-specific attributes that fall outside standard eCRFs, such as: Annotated CRFs Design documentation
11. Edit Check and Data Validation Programming	Document processes for: Creating edit check specifications Edit check development Review and approval Testing, documentation, and version control
12. Study User Acceptance Testing (UAT)	Define testing requirements and documentation needed to demonstrate successful system validation. Specify who provides final approval for system use. ⚠️ Warning: Testing should not be performed by the individual who built the study database.
13. Data Entry	Define processes for entering and editing data, including: General data entry guidelines Use of UI features Handling of scientific symbols (if applicable) Documentation of study-specific instructions
14. Data Receipt and Handling	Describe all methods by which data may be received, including: EDC ePRO Imports Web services Paper, etc
15. Discrepancy Management	Define how you review and resolve data discrepancies, and specify roles and responsibilities associated with discrepancy management.
16. Coding	Define processes for coding adverse events and medications, including: Review procedures Change control processes Re-coding requirements
17. Serious Adverse Event Reconciliation	Describe how you handle serious adverse events and reconcile them between data management and safety surveillance systems. Include: Review timeframes Sign-off procedures prior to database lock
18. Lab Data Management	Define how you handle laboratory data. If necessary, include: Local vs. central lab differentiation Data import processes Discrepancy resolution procedures
19. Data Extraction and Validation	Describe how you extract data and verify that the extracted data accurately matches what was entered into the system.
20. Data Transfer and Validation	Define how you transfer data to external systems and verify that transferred data matches the original system data.
21. Database Security	Describe the requirements, methods, and tests that ensure your database is secure, including: Username and password requirements Password expiration and means for resetting passwords How system or study access is granted or revoked Roles and role-based access, etc
22. Database Lock, Unlock, and Closure	Define processes for locking, unlocking, and closing a database. Include: Lower-level (e.g., Event-level locking) (if applicable) Investigator signature requirements prior to lock
23. Data Retention and Archival	Define the data retention, archival, and retrieval procedures. For databases managed by external sources (CRO, hosting service provider), define the process for accessing the database throughout your defined retention period, including: Clinical data eCRFs Discrepancies or resolutions
24. CRO and Vendor Management	Describe how you select and manage CROs and vendors, including: Sign-off procedures Meeting frequency Metrics Audit processes and schedules
25. Training	Define how you train data management and site staff on relevant topics, including: SOPs HIPAA GDPR 21 CFR Part 11 System(s) Study-specific issues or practices Internal (e.g. sponsor) External (e.g. site) Describe how you document training, manage re-training requirements, and maintain training records.

References and Additional Resources

21 CFR Part 11, US Department of Health and Human Services, Food and Drug Administration, March 1997
Guidance for Industry Part 11, Electronic Records; Electronic Signatures – Scope and Application, US Department of Health and Human Services, Food and Drug Administration, August 2003
Guidance for Industry E6 Good Clinical Practice: Consolidated Guidance, US Department of Health and Human Services, Food and Drug Administration, April 1996
Guidance for Industry – Computerized Systems Used in Clinical Trials, US Department of Health and Human Services, Food and Drug Administration, May 2007
PIC/S Guidance – Good Practices for Computerized systems in Regulated GXP Environments, PIC/S, September 2007
Susanne Prokscha, Practical Guide to Clinical Data Management, Third Edition, CRC Press, October 26, 2011