A white paper came out recently titled, "Signature Requirements for the eTMF" written by Kathie Clark of Wingspan Technology, regarding signature requirements for the eTMF. Few would argue with Clark’s points regarding the need to discuss and challenge the approach and application of electronic signatures. Several of my colleagues and I were more drawn to some of the other opportunities for optimization that perhaps weren't the main focus of the white paper but are certainly worth deeper exploration. We came up with five additional considerations worthy of raising a glass or at least viewing your eTMF glass as half full.
1. Challenge the need for a signature
It sounds simple doesn't it? Before you sign a document in your TMF, determine if there is actually a requirement for it. In the white paper mentioned above, the author does a good job of scoping the issue from the perspective of past behaviors, e.g. the phenomena whereby you sign a record because it has always been signed w/o ever thinking to question the requirement. Additionally, the author's research into predicate rules and the TMF Reference Model 2.0 yields an informative table of eTMF artifact and a means for implementing a signature. Instead of a means for implementation though, we'd like to see a challenge to the signature itself. Clark admits that "A very conservative position was used; that is, any reference to approvals, initials, authorizations, etc. was interpreted as a potential signature requirement. " This table can be an excellent starting point for the life science industry to begin challenging the signature requirement at the root.
2.Signatures from an External Source are a disadvantage
In describing the implementation pathways for signatures in an eTMF, Clark describes a scenario whereby records are submitted from a source system at a CRO or some other partner and imported into the life science company's eTMF system. In this scenario, the artifact is signed in the source system and all authentication of the signature takes place in conjunction with that system. Once the document enters into the target eTMF, the ability to verify or attest to the authenticity of the signature generated in another system is problematic, if not impossible. In contrast, a scanned wet ink signature needs only to be verified against a signature log. While manually intensive, it is something that can be done by process quite readily throughout the life of the artifact.
3. Scanning wet signature pages is a generally acceptable practice
It is important to note that “scan then destroy” signatures are now an acceptable practice for check processing, and that wet ink signatures are not required in mortgages, eSubmissions, and Electronic Document Capture. The TMF world is stuck on the idea that scanning requires maintaining the paper for records retention practices. In most cases neither the signature verification process nor the scanning process dictates retention of paper copies. A company's records management policies and processes are the real test then for whether a paper original, once scanned, needs to be retained. If the paper is not used as the original, e.g. it is not used to make business decisions and contribute in business as usual processes, then the scanned image may be declared the original by standard operating or business process and the paper be destroyed in compliance with records management practices. If there is no documented policy or procedure around scanning and record declaration, then managing both the paper and the electronic versions is likely required.
4. Verify Signatures when they are challenged
There is an expectation that signatures are valid whether they are wet ink, electronic or digital. There needs to be a process for verifying signatures when there is a basis to believe that one is not credible. Challenging credibility is not typically something that is done on a record by record basis. It is for this reason that we would not recommend adding signature verification to every signature coming from an external source system or a scan of wet ink. Rather, the process should be validated. The process may be verified against a paper signature log, but the number of times this will be needed does not warrant a signature verification step in the scanning process.
5. Conduct a risk based analysis
It is difficult to suggest that an organization or the industry at large go 'all in". There are still very real obstacles to going all electronic, whether you are contemplating electronic, digital or scanned signatures. These obstacles are largely regional. For instance, Japan uses raised seals on some documents that would be difficult to reproduce in a scanned image and authenticate. Secondly the MHRA says in their 2012 Good Clinical Practice Guide “…experience of eTMFs to date has not yet provided sufficient evidence that inspections would not need to request some original paper records for inspection…”. Lastly, in many of our client organizations, the scan -declare-destroy processes are still maturing. For just these three reasons, there is a basis for recommending that companies conduct their own risk-based assessment for challenging signatures and when they are deemed necessary, choosing the best implementation method and level of verification necessary in each case.
You can take incremental steps and implement eSignature and corresponding verification processes and your company will no doubt realize true cost savings and benefits. Another approach would be to turn your glass over and dump out your libation and with it all of those hard copy records that were scanned and stored in your eTMF. The route of rigorous reduction of content requiring signature, combined with robust risk-based scan-verify-destroy processes stands to save your organization annual records storage costs, transfer costs, search and retrieval time during audits, indexing time and other benefits. It is an aggressive approach but one that is easily tempered with risk based assessments and rigorous records management policies and practices. Once your company has these new processes underway, your glass will easily be half full and your benefits overflowing.
Clark, Kathie. (2012, November). Signature Requirements for the eTMF by Kathie Clark. Retrieved from http://mywingspan.com/wp-content/themes/wingspanetmf/assets/documents/GCP-Signatures-White-Paper.pdf