7 Misconceptions About Managing Clinical Research in the Cloud

In a world with more data and less time, the advantages of cloud-based technologies are hard to ignore. Conveniences like real-time collaboration and increased efficiency are influencing how we live and work more now than ever before.

Clinical research is no exception. Researchers are seeking cloud-based technology platforms, like eRegulatory, to transform ineffective and outdated paper and shared-drive processes that silo information and slow progress.

However, with change often comes fear and misconceptions – a natural phase in any adoption curve. And in clinical research, this illustrates a responsible buyer who cares to ensure the efficacy of data, safety of patients and security of the work being done under his or her purview.

The best way to address fear is by evaluating it’s validity. This post debunks some of the common misconceptions of managing clinical research documents, data and workflows in a cloud-based technology platform.

Explore our Clinical Research and Technology Cloud Computing Glossary to learn how to better communicate with and evaluate solutions and vendors.

Misconception 1:  Digital workflows are not compliant.

When you consider the regulatory oversight of your day-to-day work, it may be hard to imagine a world where regulatory bodies allow you to operate and manage workstreams entirely in the cloud.

However, due to the continual increased usage and demand for digital workstreams, regulatory bodies have shifted their viewpoint.

Many organizations have established specific guidelines and regulations that allow paper processes to be managed digitally. For example, the FDA recently released its Technology Modernization Action Plan (TMAP) that focuses on internal technological advancements the FDA is implementing.

As a buyer, your responsibility is to ensure that your vendors are 100% HIPAA and 21 CFR Part 11 compliant. Due to the nature of regulatory document workflows, your vendors should also guarantee that they have been audited and certified by a third party.

Pro Tip: Once you begin eRegulatory or eISF implementation, you should seek the help of your chosen vendor when creating and modifying existing SOPs to cover how your operations will change with the cloud. Every clinical research software vendor should offer this service and be highly-qualified to help.

Misconception 2:  Patient data is at risk in the cloud.

The golden rule of clinical research is to ensure the privacy and safety of patients. With that said, the idea of releasing patient data into what feels like the unknown corners of the internet is daunting.

Thankfully, data integrity and security is a core functionality of any responsible cloud vendor. As an example, Florence uses Amazon Web Services (AWS) to architect our applications in alignment with HIPAA and HITECH compliance requirements.

What does that mean exactly? It means we intentionally design every feature, functionality and layer of our products with data privacy and security in mind. Permission and role-based access, redaction tools, encryption and additional layers of privacy and security are at the forefront of our product design.

Vendors are responsible for guaranteeing that all patient data security is held to the highest standard. It can be argued that patient data and information is even more vulnerable in a paper or traditional clinical research environment where things like secure access, audit trails and data back-up are not always achievable.

Pro Tip: If you are considering eBinders as your eRegulatory platform of choice, you can assure your IT Department that Florence complies with ICH GCP, HIPAA, HITECH and has been third-party verified compliant with 21 CFR Part 11 requirements.

Misconception 3: Sponsors won’t accept eSignatures

Sponsors have an important responsibility in the operational conduct of clinical research. Monitors review trial conduct and are responsible for verifying data integrity. Authentication relies on signatures of the various stakeholders.

Ultimately, this responsibility is what drives the common fear that Sponsors will not accept an eSignature over wet-ink, handwritten signatures. No matter how stringent the Sponsor is, if your vendor is truly 21 CFR Part 11 compliant, the Sponsor’s concerns are easily mitigated.

As an example, Florence can provide a detailed outline of the use of eSignatures in our platform and how this process complies with 21 CFR Part 11 (Subpart C “Electronic Signatures”, Section 11.100). This is the kind of information a vendor can provide to help illustrate ways to alleviate potential Sponsor pushback.

It may be useful to mention that before the use of eSignatures there was no visibility into who did what when, which is an important detail in terms of efficacy. Backdating is now a thing of the past.

Pro Tip: eSignatures offer advantages when it comes to efficiency. However, a clinical research site should closely examine all essential document workflows and determine if there are some things that make better sense to maintain using a wet-ink handwritten signature process.

Misconception 4: We will have to invest in new hardware for the cloud to work.

Any internet-enabled device such as a tablet, smart phone or desktop computer, can access most cloud-based technology. Therefore, no new hardware is needed, and you can most likely utilize existing equipment.

As an example, Florence eBinders users, like PIs, can sign and view documents from anywhere, at any time, with any internet-enabled device.

Instead of causing additional burden, a cloud-based eRegulatory platform like eBinders enables more flexibility in terms of how you operate across your study. No more sitting and waiting between meetings and clinic visits to get that one document signed – simply send a signature request and the PI can sign on the fly!

Pro Tip: Florence eBinders, like many clinical research technologies, is a web application. Steady internet connection is required. Work with your IT department to enable security protocols and whitelist relevant URLs, like web addresses and emails. As a vendor, we provide our customers documentation of these requirements.

Misconception 5: Anyone can access information stored in the cloud.

While it’s true that cloud technologies enable remote capabilities for multiple users, a qualified software vendor will help you set up appropriate permissions to restrict specific data.

At Florence, there is no compromise when it comes to the security of your platform, your data and your documents. As a buyer, it is your responsibility to make certain that your vendors have detailed security and access controls in place.

For example, Monitors can remotely access Florence eBinders with distinct restrictions on what they can see and for how long. Access control gives the Site assurance that no confidential information is exposed.

Pro Tip: As previously mentioned, audit trails are another significant aspect of the technologies you choose to implement at your organization. Without this feature, you won’t have visibility into who is doing what and worse, the work will not meet compliance standards.

Misconception 6: Legacy studies must be on paper.

One common fear we often hear while implementing customers is that legacy studies will be stuck in paper storage while current and new studies shift to an electronic workflow. This could cause confusion and diminish the impact of taking this digital leap forward in the first place.

The solution? A cloud-based platform that has a system in place for certified copies and guidance as to how to ensure that the certified copies are legally equivalent to the paper copies. 

Work with your vendors to understand what their solution entails for legacy studies and be sure it is something you are both comfortable with, and that will allow you to continue maximizing your operations.

Pro Tip: Many customers of Florence have chosen to implement our eRegulatory software for new studies and tackle legacy studies at a later date. Others do it all at once, and some keep legacy studies on paper. Do what works for you with the assurance that the option of electronic storage exists, should you decide to shift legacy studies to your cloud-based platform. Florence SOP consultations can help you determine the best course of action for you at this time.

Misconception 7: Our work is at risk for being lost.

Any cloud-based technology raises the fear of data loss. To minimize this fear, it is important to have a healthy understanding of what procedures your vendor has in place to make certain nothing is lost.

For example, you should be aware of how often your vendor backs-up your data, where back-ups are stored and what the disaster recovery plan is.

If your organization has a dedicated IT Department, they will be prepared to dig into these facts and vet your vendor on your behalf. And as an informed buyer, gaining a basic knowledge in this area is a great way to build confidence in the vendors you choose to work with.

Pro Tip: While this fear is valid, remind yourself what would happen if your binder or essential document is lost, misplaced, or destroyed. Just ask our Director of Compliance about that time in her past role as a CRC when a pipe burst over her regulatory binders. There is no recovery plan for that!

Knowledge is power. Creating a firm understanding of the eClinical cloud computing terms you will face while evaluating solutions will make a big impact on selecting the appropriate software platform for your organization.

Explore our Clinical Research and Technology Cloud Computing Glossary to learn how to better communicate with and evaluate solutions and vendors.

This guide was created with the top 37 terms we, as a software vendor, are continually asked to define for prospects considering our eClinical platform suites. The glossary was evaluated by our Chief Architect on the Florence Development team to ensure all terms are clearly defined and useful for research organizations.