Coalition Urges FDA to Improve Draft Guidance for Using Electronic Health Records in Clinical Studies

July 18, 2016

Food and Drug Administration

Division of Dockets Management (HFA-305)

5630 Fishers Lane, Rm. 1061

Rockville, MD 20852


Comments of members of the Patient, Consumer, and Public Health Coalition

on the draft guidance

Use of Electronic Health Record Data in Clinical Investigations

[Docket No. FDA-2016-D-1224]


A major goal of the draft guidance is to “facilitate the use of EHR data in clinical investigations.”1  Although EHRs are not under the direct control of the FDA (the systems belong to healthcare organizations and institutions that use them), the Agency does need to develop a clear process for accepting EHR data for use in clinical investigations.  The draft guidance is a step in the right direction but needs to better address key issues.

The draft guidance addresses how the FDA will ensure the EHR data’s validity, reliability, and integrity, and how the agency will verify the integrity of the EHR data during on-site inspections and audits of the organizations that control the data.

On-site inspections

We agree with the draft guidance that clinical investigators must retain all paper and electronic source documents for as long as required by regulations, and EHR data must meet FDA’s inspection, record keeping and record retention requirements.  And, importantly, study monitors must have “suitable access to all relevant subject information pertaining to a clinical investigation.” 2

However, we are concerned that the draft guidance does not mention how often FDA will do on-site inspections.  If FDA does not establish a schedule of on-site inspections, they may never be done and this could lead to poor quality data.

Quality and integrity

The draft guidance states that “when EHRs are used as a source of data in clinical investigations, sponsors should ensure that the data are ‘attributable, legible, contemporaneous, original and accurate (ALCOA).’”  If the data does not meet all five of these attributes, will the data be rejected by the FDA?

An inherent problem with using EHRs for clinical investigations is that EHRs are currently designed to assist in delivering health care — not to generate medical evidence.  A July 2016 Article in JAMA Internal Medicine notes that “practices like blinding, randomization, or standardized-event recording are more difficult to implement in systems that are oriented toward care.  Health care systems represent inefficient environments to which to learn about differential effects of novel drugs.”3 The draft guidance notes that the use of EHRs for clinical investigations may require additional “considerations, planning, and management” but it does not go into detail on how to accomplish this.

The draft guidance recommends, but does not require, the use of certified EHR technology.  The U.S. Department of Health and Human Services’ Office of the National Coordinator for Health Information Technology (ONC) has a voluntary certification program for health IT.  EHR technology certified by ONC’S Program meets privacy and security protection requirements.

The draft guidance allows EHRs not certified by ONC to be used for clinical investigations as long as they include adequate controls such as limiting access to the electronic systems, identifying the authors of records, providing audit trails, ensuring records are retained for FDA inspections, and assuring patient privacy rights.  Although the adequate controls address key issues, there would be more consistency in investigations, if all EHRs for clinical investigations were required to use certified EHR technology.

In using EHRs for clinical investigations, the draft guidance recommends that extracted data is checked for consistency and completeness.  It also recommends that corrections be made when errors are found “to properly align the source data with the extracted data.”  We are concerned that unless FDA spot checks the data, errors will not be corrected.

The draft guidance notes that software updates could “affect the reliability and integrity of EHR data entering the sponsor’s electronic system.”  This is a major concern.  A recent review of FDA data by the National Center for Health Research found that over the last 5 years, more than 600 different software devices totaling over 1.4 million units were recalled for moderate or high risk patient safety issues.  For example, oncology electronic medical record systems were recalled because they erroneously switched patient data and failed to warn physicians about dangerous drug reactions.

Interoperability & audit trails

The draft guidance encourages the use of interoperable systems in order to “reduce errors in data transcription and provide data that is more accurate.”  We agree that interoperability will reduce transcription errors but if the data was incorrect to begin with, it will not provide more accurate data.

The draft guidance states that adequate methods of audit trails are needed to monitor, track and document all changes made to information in the EHR regarding the clinical investigation. However, the draft guidance fails to define the phrase “adequate methods.”

One of the major risks associated with EHRs are data breaches.  Data breaches could negatively affect a subject’s employment or ability to get insurance.  The draft guidance states, “Sponsors should consider whether there are any reasonably foreseeable risks with the use of EHRs…that must be described to the subject in the informed consent.”  We recommend that the risk of data breaches be communicated to subjects at least twice—once in writing and once again verbally.


EHRs can provide investigators “access to real-time and longitudinal health care data”1and can provide post-trial follow-up information on safety and efficacy of medical products.  However, we think this draft guidance still needs work.  It does not address how inaccuracies in the data will be corrected, how often FDA will do on-site inspections, and ways to mitigate the risks of data breaches.

American Medical Women’s Association

MRSA Survivors Network

National Center for Health Research

Our Bodies Ourselves

Quinolone Vigilance Foundation

Washington Advocates for Patient Safety


The Patient, Consumer, and Public Health Coalition can be reached through Paul Brown at (202) 223-4000 or

  1. Food and Drug Administration (May 2016). Use of Electronic Health Record Data in Clinical Investigations (Draft Guidance). href=””>  
  2. Food and Drug Administration (May 2016). Use of Electronic Health Record Data in Clinical Investigations (Draft Guidance). href=””>  
  3. London AJ, Kimmelman J (July 2016). Accelerated Drug Approval and Health Inequality. JAMA Internal Medicine, Volume 176, Number 7. href=”″>