“Sponsor companies are still responsible for having documentation on the chain of custody, which can be challenging with the DTP model,” said Mark Shepanski, executive director of operations and site lead in San Diego, PCI Pharma Services.
Additionally, while all distribution models require strict temperature control, the DTP model presents new challenges, explained Robert Misher, PCI’s senior vice president of global clinical services.
As Misher explained, “Upon drug receipt, confirmation that the drug shipment encountered no temperature excursion is required but the patient nor the study nurse are typically not familiar with executing this process.”
Shepanski said temperature control can be problematic “as the typical patient does not have the necessary equipment to adequately control and monitor the drug temperature.”
Protecting patient privacy: HIPAA and GDPR
Compliance and specialty courier driver training are two of the top supply challenges for the DTP clinical trial model, said Brian Keesee, vice president and general manager, global clinical operations and supply, PCI Pharma Services.
According to Shepanski, not all couriers have the database technology needed to keep patient data truly blinded, which is required in the US under HIPAA (Health Insurance Portability and Accountability Act of 1996) legislation.
“A system needs to be in place to ensure that patient information isn't captured in a way that would violate HIPAA legislation,” said Keesee. As part of this, driver training also is critical.
The driver should not enter the home, listen to patient feedback or information, or comment on conditions, he explained. “This can be tricky if there isn't an at-home nurse or caregiver present to receive the shipment,” Keesee said, which is why PCI partners with qualified specialty couriers.
In the European Union (EU) it is imperative that systems managing all personal data capture comply with the EU General Data Protection Regulation (GDPR). “Regarding the chain of custody, it must ensure patient safety and integrity of the clinical drug supply,” added Misher.
Adding to the complexity, GDPR not only applies to EU organizations, but also those located outside of the EU if they offer goods or services to EU citizens.
GDPR came into full effect May 25, 2018. If found not in compliance with the new regulation, organizations can be fined up to 4% of annual global turnover.