Home » Register » Ethics/Data Safety

Ethics/Data Safety

Ethics

According to the Guideline for Good Clinical Practice (GCP) an ethics approval will be obtained for the Register/Biobank, the observational study and the interventional studies prior their respective start.

The lead ethics committee of these studies, the ethics committee of the medical faculty of the University of Munich has approved the register and biobank observational study. The ethics vote can be found here.

Each country and participating unassisted center will submit all necessary documents so the Independent Ethics Committees can review the studies and approve.

Only with an approval of the respective Ethics Committee the research projects will be conducted and subjects may be enrolled in the trials.

If you want to participate in the chILD-EU project and obtain an ethics approval, please contact child-eu-office@med.uni-muenchen.de.

 

Data Safety

Multicenter studies require a solution for electronic data capture (EDC system) that covers pseudonymization and secure access.

In the child-EU network all medical data are pseudonymized. In no way identifying patient data (IDAT) are stored with medical data (MDAT) in the same database. IDAT and MDAT are strictly separated in two different databases at separate locations and with separate administration.

The central patient list is hosted at the IMBEI, University Medical Center of the Johannes Gutenberg University Mainz. The Mainzelliste, an open-source pseudonymization software developed by Martin Lablans, Andreas Borg and Frank Ückert at the department of Medical Informatics (www.mainzelliste.de), assigns non-speaking pseudonyms to patient data, i.e. the entered personal data cannot be reconstructed from the pseudonym. The application is designed such that identifying data is entered to the IDAT server directly from the users’ web browser without being transmitted over the MDAT server.

 

The medical data are stored in a database, administered by the Central Information Office at the University Marburg (CIO Marburg).

The staff of the CIO Marburg has long lasting experience and expertise in the field of managing and supervising national and international medical research networks and multicenter clinical trials, according to all security requirements and standard operation procedures for data quality and safety.

Its leading central information officer, Gisela Antony, especially takes care for data safety and security. Since 2002 she is member of the German Technology and Methods Platform for Medical Research Networks (TMF e.V.) and since 2010 deputy speaker of the TMF’s Data Safety and Security workgroup.

The server system for medical data of the CIO Marburg is always on the newest technical state (last upgraded in November 2012). The server system is housed in a cage-in-cage-room in a High Security Data Center, which is ISO 20000-1, ISO-9001 and ITIL certified. Server administration is done exclusively by high qualified and experienced personal.

The whole network traffic between the internet and the firewall systems, between the firewall systems and the application servers and between the application and the ORACLE database servers is controlled by network based intrusion detection systems. All warnings and errors are logged in a separated database and permanently controlled by internal implemented analysis tools.

All medical database servers and all log files of the firewall systems are backuped daily. Exchange of the backup-tapes of the individual generations is weekly with a three-week rotation. Tapes of the last generation are stored in a bank safe-deposit box.

The secuTrial® program, which is used by the CIO Marburg for data entry and storage of the pseudonymized medical data in the ORACLE databases is permanently audited to meet all requirements according to GCP, AMG, EMEA and FDA (21 CFR Part 11). Last audit was in May 2013.

For reason of data protection and security patients and authorized persons are assigned to different research centers (hospitals, medical practices, research groups). Authorized persons only have access to the pseudonymized medical data of patients assigned to the same center. Only In case of consultant requests the consultant can get access to special medical data of a patient from another center. Only monitors and the principal investigator of the chILD-EU network can get the right to view all medical data of all centers. Roles and rights of each authorized person with access to the medical database are logged in detail in audit trail files and backuped daily together with the medical data for permanent control.