Change Management of Computerized Systems and Common Challenges

forChange is the only constant, and clinical research organizations (CROs) have evolving needs and technology, which brings change regularly. As a Phase 1 clinical trial CRO, and a heavily regulated industry, strict protocols, and compliance requirements govern every move. In this blog, we discuss the critical realm of change management, its pivotal role in regulated sectors like clinical research organizations, and the systematic process that guides organizations through these intricate waters.

1. The Essence of Change Management

What is Change Management? At its core, change management is a structured approach to transitioning organizations and their stakeholders from current states to desired future states, ensuring minimal disruptions and optimal outcomes.
What is a Change Request (CR)? The first step in the change management process is the Change request, a formal proposal to modify any Computer system in a regulated organization. It is used to request track and approve changes to a system.
- Some common examples of changes are:
  - Migration from paper-based to computerized system
  - Migration from deprecated computer system to newer, more advanced system
  - Change required under new regulatory guideline
  - Change required due to changing business needs
  - Software update to fix a fault in the software functionality.
- Adapting to Technological Advancements:
  - Technology is constantly evolving and as new software, systems, and tools are regularly introduced, these offer more efficient ways to collect, analyze, and report data for Phase 1 clinical trials.
  - Change management ensures that when these technological advancements are integrated into existing systems, it is done so in a manner that is seamless and minimally disruptive. This includes planning for the implementation, training staff on new systems, and making necessary adjustments to workflows.
  - A structured change management process helps in evaluating the technological changes not just for their immediate benefits but also for their long-term impact on the organization’s research capabilities.
- Compliance with Regulatory Updates:
  - CROs operate in a heavily regulated environment where compliance with standards such as Good Clinical Practice (GCP) is non-negotiable. Regulations often change, requiring CROs to adapt quickly.
  - Effective change management enables CROs to stay abreast of these regulatory changes and incorporate them into their operational procedures and computerized systems promptly and efficiently. This is crucial for Phase 1 clinical trials to avoid any non-compliance, which could lead to legal repercussions or the invalidation of research data.
  - It ensures that all regulatory updates are thoroughly reviewed, understood, and implemented in a way that aligns with both the spirit and the letter of the new requirements.
- Minimizing Disruptions to Ongoing Research:
  - Changes, if not managed properly, can lead to significant disruptions in ongoing research projects. This can manifest in delays, data losses, or even compromised data integrity.
  - Through structured change management, changes are implemented in a controlled and phased manner, minimizing operational disruptions. This ensures that ongoing research can continue with as little interruption as possible.
  - By planning and testing changes before full-scale implementation, CROs can identify potential issues and mitigate them, thus preserving the continuity and integrity of ongoing research.
  Maintaining Data Integrity:
  - In clinical research, the integrity of data is paramount. Any change in the system or process can pose a risk to data accuracy and reliability.
  - A well-planned change management process includes rigorous testing and validation of new systems or updates, ensuring that data integrity is maintained throughout the change process.
  - It also involves detailed documentation of changes, providing an audit trail that is crucial for both internal audits and regulatory inspections. This documentation is essential for demonstrating compliance with regulatory requirements and for ensuring that data can be trusted and is reproducible.

2. Change Management Across Industries:

Change management is not confined to a single industry; it spans various regulated sectors, including Phase 1 CROs, where compliance with stringent regulations is paramount. More specifically, Good Clinical Practice (GCP) is a regulated guideline that applies to any computerized systems, including computer systems which are in use within CROs.

As change management is a critical and multifaceted process, distinct from other regulated sectors like pharmaceutical manufacturing or healthcare and share the need for strict regulatory compliance and thorough documentation, Phase 1 CROs face unique challenges due to their heavy focus on data integrity, the global scope of clinical trials, and rapid technological advancements. Unlike pharmaceutical manufacturing, which deals primarily with physical product changes, or healthcare’s focus on direct patient care and data privacy, Phase 1 CROs like BioPharma Services must navigate a dynamic landscape where managing changes in technology, processes, and regulations is crucial for ensuring the validity and reliability of clinical trial data.

This requires an agile and comprehensive approach to change management, one that accommodates diverse global regulations and a wide range of stakeholders, from scientists to regulatory authorities, while maintaining the highest standards of data integrity and confidentiality.

3. Who Should be involved

Throughout the lifecycle of a change, there are several key roles which the change management team takes on. Here are the main roles:

Change Requester: The initiator, providing requirements and aiding in testing.
Change Manager: The conductor, overseeing the change lifecycle, coordinating activities, and resolving issues.
Change Implementer: The executor, responsible for change activities and technical guidance.
Change Approver: The final decision-maker, reviewing and approving or rejecting changes.
Emergency Change Authority: The swift decision-maker, authorizing critical Emergency Changes.

4. Types of Changes

Changes in computer systems can range from simple to complex, and it is efficient to follow different procedures based on the type of change. Most organizations with computerized systems usually categorize the changes within types like these:

Novel Change: Novel Changes are new implementations which involve evolving scopes and require meticulous evaluation to ensure seamless transitions.
Standard Change: Standard Changes follow well-defined patterns, with clear scopes, comprehensive testing, and structured documentation. These can be further categorized into:
Standard Pre-Authorized: Changes with minimal risk, primarily involving implementation activities. These changes do not require authorization before implementation.
Standard With Authorization: Changes with low or medium risk that may include build and test phases.
Emergency Change: These are rapid-response changes, triggered by major incidents or critical threats. They are executed swiftly with retrospective documentation and approvals.

Change Management Activities

One of the most important parts in a change management process is the workflow or stages through which a change request goes through.

New Change: This activity includes the process of creating a Request for Change (RFC) with essential details.

Assess Change: One of the most important activities in a change management process is a rigorous evaluation of the change’s impact, risk assessment, and authorization recommendations. The key focus here is high-quality collaboration among stakeholders, which leads to informed decisions. It is to provide a comprehensive account of which processes, configuration elements, document, and Standard Operating Procedures (SOPs) will be influenced and how they will be impacted. At this stage, it’s prudent to consider the testing phase as well. Early planning for testing, tailored to the change’s nature and importance, assists in devising a solution that can be effectively tested. This includes assessing the extent of regression testing required for system components that may not appear directly affected by the change but could be at risk due to configuration adjustments.

Authorize Change: A system-owner and quality unit provide decision advice and authorize the change. In case of a rejection, the reasoning is documented for clarity.

Implement Change: Executing change activities, defining solutions, and implementing back-out plans when necessary. After receiving the approvals light, the development phase kicks into gear, marking the moment when the affected hardware, software, documents, and other essential elements are either updated, procured, or meticulously crafted to align with the newly envisioned state. Don’t overlook the importance of creating training materials if they are deemed necessary.

In essence, this stage represents the actual execution of the change plan. A well-structured plan can significantly streamline the development process.

It’s of utmost importance to ensure that each step is conscientiously executed before moving on to the next phase, as the sequence of activities can have implications for the system’s validated status. In the context of computerized systems, it’s wise to consider the utilization of specialized development or validation environments, serving as controlled spaces for development and testing activities.

Review and Close: Confirming successful change implementation, conducting post-implementation reviews, and raising incidents when required.

Common Challenges in Change Management

While change management seems straightforward, it has its own challenges.

1. Lack of clarity on which changes need to go through change management: There are some changes in computer systems which can be done without a change request, such as patch or vulnerability update. As these changes need to be made on a frequent basis, these changes are tried and tested and do not require authorization. A common mistake that teams make is not having detailed clarification of which processes need change management and which ones do not. The important thing here is to have clear guidance in the SOPs.
2. Unclear roles and responsibilities: It is common to see friction between quality unit and business unit around who should initiate a change request. Change requests should in all cases be raised by the Subject-Matter Expert (SME) from the user group, as they are the only ones who can clearly describe what change is required, and they understand the impact and side effects of the changes. Some business units wrongly assume that because the quality unit is involved, raising the change request is their responsibility. The important thing here to understand is that the quality unit’s responsibility is to check whether the processes are being followed. Our Phase 1 quality team reviews the change request from a regulatory perspective.
3. Underestimating the power of centralized Change Management system: Often organizations which are doing paper-based change management struggle in doing change management properly and efficiently. Change management process in these organizations are often plagued with delays and the activities are seen as burdens and slip through the cracks. That is where computerized systems come to lend a hand. A compliant change management system gives everyone involved a streamlined experience where they can easily see pending actions and makes tracking change request progress easy. It also helps tremendously in searching for historical CRs during audits.

The role of change management in Phase 1 Clinical Research Organizations (CROs) is not only pivotal but also uniquely challenging, distinguishing itself significantly from other regulated sectors such as pharmaceutical manufacturing and healthcare. As guardians of clinical research integrity, CROs operate in a realm where precision, compliance, and adaptability are not just operational requirements but are essential to the very core of their mission.

BioPharma Services successes in managing change effectively is measured not only in its ability to seamlessly integrate technological innovations and adhere to global regulatory standards, but also in its capability to uphold the sanctity of clinical data. This is a responsibility of immense magnitude, considering the global impact of their work on drug development and public health. The adept handling of change management is thus a testament to a BioPharma Services commitment to excellence and its dedication to advancing medical research while ensuring the utmost safety and efficacy of new therapeutic interventions. As the landscape of clinical research continues to evolve rapidly, the proficiency in change management will remain a crucial differentiator for CROs, underpinning their role as key enablers in the journey of medical innovation and patient care.

Written by: Seema Sherwal, Senior Validation Specialist.

BioPharma Services, Inc., a Think Research Corporation and clinical trial services company, is a full-service Contract Clinical Research Organization (CRO) based in Toronto, Canada, specializing in Phase 1 clinical trials 1/2a and Bioequivalence clinical trials for international pharmaceutical companies worldwide. BioPharma conducts clinical research operations from its Canadian facility, with access to healthy volunteers and special populations.

Schedule a Discovery Call

Cookie	Duration	Description
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.