Clinical Trials Series: Part 4 – Data Integrity in the EU: What sponsors must know to stay compliant

Published on: Sept 11th, 2025

In the complex and highly regulated environment of European clinical trials, data integrity and compliance with the General Data Protection Regulation (GDPR) are critical for ensuring trial success. Regulatory authorities such as the EMA, FDA, and national data protection bodies expect sponsors to implement systems and procedures that safeguard data accuracy, privacy, and traceability throughout the clinical development lifecycle.

The international consensus to achieve and maintain data integrity all along the lifecycle of clinical trial & safety data management is usually referred as ALCOA++. It is a list of general principles that allows you to ensure your data are and remain exactly as they are meant to be if applied systematically.

In addition to data integrity, handling of personal data in clinical trials needs to be carefully considered, especially in the stringent EU regulatory landscape, with the implementation of the Global Data Protection Regulation (GDPR).

This article, part 4 of our “First Steps into Europe” blog series, outlines how to implement ALCOA++ principles, avoid common data integrity pitfalls, and meet GDPR requirements. If you’re just beginning your EU journey, explore earlier parts of the series:

• Part 1: Key Considerations for Your First EU Clinical Trial
• Part 2: Building a Patient-Centric Protocol
• Part 3: Mitigating Operational and Regulatory Risk

Understanding the ALCOA++ principles

Attributable: Manage your data access securely

Clinical trials & vigilance data are classified as sensitive (defined as personal & health data potentially including identification items, unblinded data…). You have to make sure, at any time, that only the authorized personnel have access to the data they require and strictly no more.

This applies to both access to databases as well as data storage systems (e.g., SharePoint) or other systems processing or storing personal data.

A robust access management process should include:

• What to do when a person joins a team
• What to do when a person leaves a team
• What to do if a person’s role changes
• What to do if there is a change in system
• How the access is managed and documented for each system
• Clear responsibilities for each part of the process (adding, removing, documentation…)
• Regular reviews of user accesses and audit trails

Especially in Europe and particularly in France (GDPR, CNIL), the access of sensible data must be done using multi-factor authentication (MFA) for all users (sponsors, CROs, site staff, patients, providers…).

Legible: Ensure data readable, structured records

Paper clinical trials & vigilance documentation is becoming rare and highly discouraged, even though some files such as patient informed consents are still complex to generate in electronic format.

Our advice here is to limit to the strict minimum the written open fields you need to collect, whenever possible you should consider using tick boxes instead. The more handwriting you will have to manage, the more issues you will have to handle (time for comparing double data entry, clarifications with site of illegible signs, tedious coding of very long verbatim terms…)

Contemporaneous: Capture date in real-time, avoid delays in data flow

In vigilance, taking the example of Individual Case Safety Reports, each ICSR is carefully investigated until return to baseline, resolution or the patient is lost to follow-up. This means that the data contained within an ICSR should always be contemporaneous due to the fact that the source of the data (e.g., investigator) will have been queried up until no further information is available.

Failure to collect contemporaneous data in the context of ICSRs could either be the cause of:

• An investigator failing to provide all information (i.e., not responding to queries)
• A patient being lost to follow-up (e.g., early termination from a study and no longer able to be reached, or no longer able to be reached once ending a study)

Or, the entry of the data could have been performed in an incomplete manner, missing key aspects which would have been required to ensure the data was contemporaneous.

Taking another example, contractual agreements (including designation of responsibilities per party within the contract), failure to maintain such documents up to date could lead to:

• Incomprehension of real responsibilities
• Agreements not being upheld as intended (including financial)
• Interruption of services without notice causing breaches in regulatory compliance and ethical concerns

To combat some of these issues, regular reviews of audit trails can prove to be useful, especially to identify absence of connection to the tool for a site (lack of oversight, delays in data entry and answers to queries…). It is an ICH requirement to perform regular reviews of audit trails, so ensure this process is included in your Quality Management System. It is also important to remember this when contracting service providers for tools (e.g., databases) to check the legibility and useability of the audit trail provided with the tool prior to signing.

Original: Ensure your source documents meet the criteria

In clinical trials, there is a wide variety of source document formats:

• Scanned paper forms sent by email
• Data contained in an email
• Hospital reports, lab test results, other test results (e.g. MRIs)
• Images either sent by email or uploaded to EDC
• Data entered directly into the EDC
• Third party data transfers (e.g. central lab, PK)

In vigilance, to ensure the original form of the source data is kept as received, documents received by email should be saved in a secure manner (preferentially – within the safety database, attached to the ICSR to which the source data is pertaining). Data entered directly into the EDC should be kept in dynamic form, however, the point in time at which the data was extracted for re-entry into the safety database should be captured in order to accurately reconstruct the history of the ICSR.

During a clinical trial, a clear and strong source data verification process must be in place to ensure the copied data is strictly equivalent to the original one.

Accurate: Build the evidence of your trial outcome

If the data is not accurate, analyses performed throughout a clinical trial would be erroneous and could entirely change the outcome of a trial.

To keep accurate records:

• Risk based monitoring can be set up to focus the review on the most impactful data points
• Queries are sent to sites to obtain the most accurate and complete information (as long as they are sent and addressed in a timely manner)
• Vigilance cases are updated until return to baseline, resolution, or the subject is lost to follow-up

The accuracy of the records could be compromised by:

• Source documents not correctly saved/available
• Data not correctly entered (and QC insufficient)
• Queries not answered by site

Thus, a robust process to ensure the accuracy of data, covering all the above aspects, should be implemented.

Complete: Hold the full clinical picture

In vigilance, complete data is required to understand the full picture of the event being described. If the records are incomplete, a detail which could have differentiated the event from others could be missed, and this could lead to a potential safety issue with a product not being detected in time.

To ensure completeness, safety cases are followed up until return to baseline, resolution or subjects lost to follow-up. Indeed, there is a risk of not being able to collect complete data when subjects are lost to follow-up as they may stop the study and not be reachable. The investigator may also forget to respond to queries on vigilance cases, this is a point that the CRA checks when doing monitoring visits.

During the clinical trial, and more importantly before reaching the database lock, regular review of missing data must be performed. This implies due diligence for any missing data point, in particular overdue or incomplete visits and primary and secondary endpoints, including reconciliations. This could prove particularly challenging when multiple partners are involved in the generation of these data (site sample collection, storage, shipment, analysis, data transfer).

Consistent: Avoid potential fraud and ensure patient safety

Vigilance data needs to be consistent for data to be correctly analysed (for signal detection, aggregate reporting or at the time of an interim analysis/ CSR writing of a study).

A QC step is always necessary in vigilance, especially now with the increased use of AI, it is important we continue to include a human QC step to ensure data remains consistent.

Data consistency is also ensured through checking steps like the duplicate check – ensuring no duplicate data is in the safety database (which would falsify any analysis of safety data).

Clinical data review and programs will help assuring data are consistent throughout the study, not only at patient level, but also at datapoint level to make sure no data are invented or counterfeit (e.g. data too perfect to be true, lack of deviations, odd similarities across patients and visits…).

Enduring & Available: Ensure long-term data storage, accessibility and security

A compliant and secure database is key. All systems (except excel spreadsheets) are guaranteed by GAMP5. Ongoing validation and testing of the databases and analysis tools is also required – this should be performed internally or separately to the provider.

One must think about how long the files will be stored for archival purposes, and as such which support will be the most appropriate (paper, CD, sharepoint, USB key, cloud…) and this should be clearly described in your SOPs.

At all times the filing documents must be maintained in a secure manner and available for audit and inspection.

GDPR compliance in Clinical Trials: Will your personal data handling processes meet EU requirements?

Personal data is any information that relates to an identified or identifiable living individual. Different pieces of information, which, collected together, can lead to the identification of a particular person, also constitute personal data.

Personal data that has been de-identified, encrypted or pseudonymized, but can be used to re-identify a person remains personal data and falls within the scope of the GDPR.

Examples of Personal data:

• a name and surname
• a home address
• an email address such as name.surname@company.com
• an identification card number
• location data (for example the location data function on a mobile phone)
• an Internet Protocol (IP) address
• a cookie ID
• the advertising identifier of your phone
• data held by a hospital or doctor, which could be a symbol that uniquely identifies a person

Collection of personal data is required to enable the conduct of a clinical trial. The sponsor is the ultimate responsible party for the collection of personal data and is therefore responsible for obtaining the documented consent from the patient for the use of this data.

Designing protocols with patient needs in mind can simplify consent and ensure transparency. Here is more information about building a patient-centric protocol.

Personal data in vigilance activities can be found, for example, in source documents (e.g.: Phone call documentation, emails, patient postal mail, Adverse Event forms…) or final documents (e.g.: CIOMS I, line listings, reconciliation reports, Case Report Form…).

As soon as the use of the data no longer requires that they can be read, or before being exchanged with other stakeholders who do not need to access these data for the purposes of their activities, all personal data should be pseudonymized/anonymized.

Personal data should be exchanged, stored, and archived in a secure manner, and the secure destruction of such documents should be planned in alignment with archiving requirements in the EU.

Conclusion

As demonstrated throughout this article, establishing robust processes for maintaining data integrity and GDPR compliance is non-negotiable. It not only ensures trial validity and audit readiness but also reduces the risk of regulatory rejection or trial duplication.

Navigating data integrity and data protection is complex. Each step must be followed systematically to be able to guarantee the integrity of your clinical trial & safety data, in turn guaranteeing to regulators that your trial conclusions and evidence generated are trustworthy. In the long run, implementing these elements early on in your clinical development program will save you time to market, potentially avoiding needing additional clinical trials to submit a marketing authorisation application because of data issues.

Sponsors planning their first European clinical trial should embed ALCOA++ and GDPR principles within their Quality Management Systems from day one. To learn more about protocol design, risk mitigation, and regulatory strategy, be sure to explore other articles in our series.

• Part 1: Key Considerations for Your First EU Clinical Trial
• Part 2: Building a Patient-Centric Protocol
• Part 3: Mitigating Operational and Regulatory Risk