Based on my experiences, I am currently working with an EDC building company, responsible for supporting Project Management, Randomization and Trial Supply Management teams, as well as external multiple sites, to navigate and instruct them on how to complete data entries properly into EDC. So, I have completed a few steps in data management in clinical trials according to the workflow; specifically, Database Lock/Security, Database Access Control and Data Entry and Processing. Additionally, I am somewhat familiar with other steps but have not had the chance to directly involve myself, as those are responsibilities of other teams.
Furthermore, if possible, I would like to give ideas to improve Database Lock/Security (Roles and permission access). For instance, regarding providing newly released reports and modules to all existing end users, I have been notified by the Project Management team that newly released reports/modules are configured in the EDC system and are ready to be assigned to all applicable end users. However, the EDC system is not sufficient to assign them in bulk; I would have to provide the new access to each user individually, and there are plenty of end users (200++ accounts). This task is time-consuming and lead to human errors. Currently, this issue is being addressed with internal Software Engineering and Product Innovation teams. Additionally, to reduce human errors when assigning multiple applicable sites to end users, I need developing the EDC system to trigger warning notifications if a wrong site has been assigned to the wrong end users, leading to data entry deviations and potential issues.
For Database Access Control (Authentication), all eligible end users (site staff and subjects) should be verified through multiple steps. This includes not only entering their credentials/authorization password but also being required to verify with multi-factor authentication such as dynamic authentication, face, or finger scan ID, if applicable, to ensure the right person accesses the right role in the EDC system. These steps could be implemented through role-based access control to restrict access to sensitive/blinded database within EDC system, allowing only authorized users with specific roles.
For Data Entry and Processing (with interactive verification), I would like to require that the EDC system sends notification emails both within the EDC system and to general emails when a query is raised from the Data Management Team. This would prompt Study Coordinators (site staff) to review and respond to the issued query in a timely manner, whether it requires editing or withdrawal within the eCRF page.