Under the new Clinical Trials Regulation 536/2014/EU, it is now a requirement for the sponsor of a clinical trial to report to the regulatory authorities a serious breach of the Regulation or to the clinical trial protocol (Article 52). A serious breach, in this context, is defined as “a breach likely to affect to a significant degree the safety and rights of a subject or the reliability and robustness of the data generated in the clinical trial“. This requirement is currently contained in the legislation of some Member States, such as in the UK (Regulation 29A Medicines for Human Use (Clinical Trials) Regulations 2004/1031), but was not previously included in Directive 2001/20/EC or in ICH GCP (although a sponsor should list all significant protocol non-compliances in the clinical study report). This is, therefore, the first time that there is such a requirement in all EU countries.

The EMA recently published a consultation paper on how this provision should be implemented, and to provide guidance to sponsors on when a breach should be reported. The draft is based on the current MHRA guidance, and many of the provisions will be familiar to companies that conduct trials in the UK.

The draft guidance covers:

  • How to notify a serious breach: A serious breach should be reported within seven (7) days of the sponsor, the investigator, or the sponsor’s contractor/agent becoming aware of the breach. Procedures should be in place to ensure that breaches are promptly reported to the sponsor so they can be notified to the authorities accordingly. Initial reports can be supplemented if more information comes to light after the breach first becomes apparent. Breaches should be notified through the EU portal that will be established under the Regulation.
  • What is a serious breach: The guidance includes a table of examples of breaches and the factors that will be taken into account when considering whether a breach is serious. Any instance of fraud will be a serious breach, along with any instance that results in a serious adverse event to subjects involved in the trial. The guidance notes that deviations from clinical trial protocols and GCP occur commonly in clinical trials, but not all will be considered to be serious breaches and not all will need to be reported. Judgment is required to determine whether a breach is serious, based on, for example, the design of the trial, the type and extent of data affected by the breach, the overall contribution of the data to key analysis parameters, or the impact of excluding the data from the analysis etc.
  • The outcome of a notification: The sponsor should conduct a root-cause analysis when any breach is identified and implement corrective and preventative actions as required. It is also necessary to consider whether any other trials or sites are affected as a result of the breach, or whether any ethical issues arise that may require discussion with the Member States. Most importantly, if patient safety is compromised, the subject should be informed and treated appropriately.

The consultation closes in August 2017, with the intention that guidance will be adopted before the Clinical Trial Regulation becomes applicable, currently expected in March 2019.