FDA Provides Guidance on Remote Data Collection for Clinical Investigations

January 05, 2022 - The Food and Drug Administration (FDA) released draft guidance offering recommendations for stakeholders surrounding the use of digital health technologies (DHTs) for remote data collection in clinical investigations of medical products.

The FDA is requesting feedback and comments on the draft by March 22, 2022. The latest guidance falls in line with a collection of recent drafts and best practices from the FDA concerning medical devices.

Using DHTs for remote data collection enables researchers to reduce access barriers for populations who may have transportation or geographic obstacles. In addition, these technologies allow researchers to record data about daily life, such as sleeping patterns, from a remote location.

“Advances in sensor technology, general-purpose computing platforms, and methods for data 63 transmission and storage have revolutionized the ability to remotely obtain and analyze clinically 64 relevant information from individuals,” the draft stated.

“DHTs used for remote data acquisition are playing a growing role in health care and offer important opportunities in clinical research. Compared to intermittent trial visits, the use of DHTs to remotely collect data from trial participants may allow for continuous or more frequent data collection.”

However, digital health technologies come with natural security and privacy risks that stakeholders must consider along with clinical risks.

The FDA urged sponsors and investigators to evaluate any cybersecurity risks that could potentially impact the functionality of the device or pose a risk to patient privacy. Additionally, after collecting the data, the stakeholder must ensure that the data can be securely stored and transmitted.

“Sponsors should address the risk of potential disclosure of identifiable information via a breach of the DHT, general-purpose computing platform, or durable electronic data repository,” the draft advised.

Sponsors should also work with DHT manufacturers to modify end-user license agreements or terms of service for the purposes of the study, the FDA suggested. Typically, end-user licensing agreements allow the sharing of data with the manufacturer and other parties. However, when it comes to protected health information (PHI), data should only be shared with necessary parties.

The FDA also recommended that sponsors implement adequate security safeguards to secure data and prevent malicious parties from accessing PHI.

In addition to accounting for cybersecurity concerns, researchers also must be transparent about patient privacy and obtain informed consent. The informed consent process should clearly communicate details about data collection and use during and after the clinical investigation to the patient.

“Where applicable, sponsors and investigators should ensure that the informed consent process explains to subjects that their data may be shared by the DHT or general-purpose computing platform manufacturer or third parties outside of the clinical investigation, according to the end-user license agreement or terms of service,” the draft continued.

“End-user license agreements and terms of service typically are lengthy and use complex terminology. Sponsors and investigators proposing use of DHTs for data collection should understand how such agreements or terms of service may affect trial participants and consider this information when developing informed consent documents.”

Developing new technologies, methods, and devices that can collect vast amounts of data may have the ability to revolutionize clinical research and care. However, the FDA’s guide provided yet another reminder that stakeholders should equally weigh the benefits of such technologies and the potential security and privacy risks.