The Importance of Audit Trail Modules in Electronic CRFs

La importancia de los módulos de auditoría de datos en los CRD electrónicos

If you need an electronic CRF with an audit trail module which meets the international regulatory requirements, you can contact us at

The integrity of the data that is produced in a clinical trial —and its complete traceability— is a fundamental requirement in the clinical research sector.

The mechanism used to ensure the integrity and traceability of data from patients participating in a clinical trial consists of an audit trail module that can record the information entered into a clinical database, as well as any changes made subsequently.

More specifically, the software used to collect data in a clinical trial is known as an electronic CRF, which is the tool that integrates the audit trail module.

It is very important to understand the utmost importance of an audit trail module in the context of a clinical trial electronic CRF, as it is a key element to certify the information traceability.

To begin with, although more detailed guidelines will be given in this article, it is fundamental to know that the use of an audit trail module in an electronic CRF is mandatory according to the most important regulatory authorities in the world, such as the Food and Drug Administration (FDA) in the United States and the European Medicines Agency (EMA).

So why is it so important to have a reliable audit trail module in an electronic CRF? What is the purpose of this mechanism?

Let’s start by explaining what an electronic CRF is, and, after that, we can move to mentioning the essential aspects of a good audit trail system.

What is an electronic CRF?

An Electronic Case Report Form (eCRF) can be defined as a web-based software application used to collect, store, clean, and transmit data in a clinical trial.

Electronic CRFs are widely used systems in clinical trials and observational studies, and in recent years they have grown in popularity, and have been progressively replacing paper-based CRFs.

Given the great importance of patients’ clinical data, from which the conclusions of a study are drawn —which may or may not lead to the approval of a new drug— electronic CRFs must fully guarantee the integrity and traceability of the information.

Why is data integrity and traceability so important in an electronic CRF?

The data generated in a clinical trial are used to perform statistical analyses, and draw conclusions about the safety and efficacy of a new drug.

Therefore, it is crucial to have real and consistent data that makes the results of the clinical trial reliable and robust. Logically, it would be unacceptable to commercialize a new drug using fraudulent or inaccurate data.

This is why the integrity and traceability of the data that is processed in an electronic CRF is so important. An eCRF must guarantee the integrity of the information —preventing loss or manipulation— as well as its complete traceability (which means that the system records data insertions and modifications, so that evidence of every edit/insertion can be produced).

Audit trail modules are used to ensure that the information entered in an eCRF is complete and traceable.

What exactly is an audit trail module and what is its main purpose?

In the context of an electronic CRF, an audit trail module can be defined as a mechanism programmed to generate a history of data insertions and modifications that take place in the eCRF, thus ensuring the integrity and traceability of the information that is processed in the system.

The audit trail module ensures the integrity and traceability of clinical data because it reflects what information has been inserted into the eCRF, by whom and when it was entered, and what changes have been made (and for what reasons).

What information does an audit trail module record?

The following list details the information that is normally recorded in an audit trail system:

  • Identifier and name of the user who entered or modified information in a field of the eCRF.
  • Day and time at which the data insertion or modification was made.
  • Specific form and field in which the data was entered or changed.
  • The values inserted or modified.
  • The reason why the information was changed (if any modification was made).

What regulatory standards require the use of an audit trail module?

The use of an audit trail module in an eCRF is in fact one of the requirements of the regulatory authorities that evaluate the data that is generated in clinical trials.

On the one hand, the US FDA regulates the integrity and traceability of data in clinical trials through 21 CFR Part 11 regulation.

This regulation —in 11.10(e)— states that people using closed systems to create, modify, maintain, or transmit electronic records shall employ procedures and controls designed to ensure the authenticity, integrity, and, where appropriate, the confidentiality of electronic records, and to ensure that the signer cannot readily repudiate the signed record as non-genuine.

Such procedures and controls shall include the following:

“Use of secure, computer-generated, time-stamped audit trails to independently record the date and time of operator entries and actions that create, modify, or delete electronic records. Record changes shall not obscure previously recorded information. Such audit trail documentation shall be retained for a period at least as long as that required for the subject electronic records and shall be available for agency review and copying” [1]

In addition, the European Commission, in Annex 11 related to computerized systems (Volume 4 of good manufacturing practice for medicinal products for human and veterinary use) indicates:

“Consideration should be given, based on a risk assessment, to building into the system the creation of a record of all GMP-relevant changes and deletions (a system generated “audit trail”). For change or deletion of GMP-relevant data the reason should be documented. Audit trails need to be available and convertible to a generally intelligible form and regularly reviewed.” [2]


As it has been explained in this article, audit trail modules are fundamental elements of an electronic CRF. International regulations governing clinical research require the use of accurate and reliable audit trail mechanisms to ensure the integrity and traceability of clinical trial data. Trial sponsors must therefore ensure that the eCRF they use complies with the above-mentioned requirements.

If you need an electronic CRF with an audit trail module which meets the international regulatory requirements, you can contact us at

Share This Post

More To Explore