Remote Auditing Instructions for Auditors

This content describes the process for auditors to access and review source documents uploaded by sites to the Source Document Portal (SDP) for the patient case review component of a remote audit. The SDP does not currently support the other components of an audit (i.e., pharmacy or regulatory review).

Auditors participating in audits sanctioned by CTEP's Clinical Trials Monitoring Branch (CTMB) can take part in remote auditing through the SDP. This includes Lead Protocol Organization (LPO) auditors (i.e., LPO staff auditors, including Clinical Trials Monitoring Service auditors with Theradex) as well as volunteer auditors. Note the following:

• LPO/staff auditors must possess the CTSU Applications role of Auditor on the CTSU roster to participate in a remote audit; this role is granted by CTSU staff. Please ensure that this role has been assigned before attempting to participate in a remote audit; contact the CTSU Help Desk (CTSUContact@westat.com) with questions regarding auditor roles. LPO auditors can view patient case materials on the SDP home page for all audits conducted by the LPO.
• Volunteer auditors do not require a special role but will only be able to access patient case materials for audits to which they are assigned.
• New: All auditors, whether LPO or volunteer, must complete the training course Source Document Portal (SDP) for Auditors in the Compliance, Learning, and SOP Solutions (CLASS) system before they attempt to access the SDP for a remote audit. It can take the involved systems up to six hours to process the training completion; auditors are encouraged to complete the training well in advance of the start date of an applicable audit. Please see more in the section Auditor Review of Patient Cases in the SDP.

The SDP can support the upload of patient documents from an Electronic Health Record (EHR) or from a paper-based chart, as long as they are saved and uploaded as PDFs. Documents uploaded to the SDP for remote auditing are assigned a document type based upon the categories within the patient case review component of the audit. The naming convention for audit-specific documents starts with the words Audit Package followed by the name of the applicable category:

• Audit Package – Informed Consent
• Audit Package – Eligibility
• Audit Package – Treatment
• Audit Package – Disease Outcomes/Response
• Audit Package – Adverse Events
• Audit Package – Data Quality

Note: In general, documents uploaded to and stored on the SDP should be free of personally identifying information (PII). However, for the purpose of allowing auditors to confirm that uploaded documents are connected to a particular study subject, sites may leave the subject's date of birth (DOB) and initials (not full names or signatures) unredacted; all other PII must be redacted. The responsibility for redaction of PII falls on the site during the upload process, but auditors should be mindful of any missed redaction and be prepared to either remove the document from the SDP or redact any outstanding PII (as shown in Auditor Review of Patient Cases in the SDP).

Once an audit has been scheduled in the CTMB Audit Information System (CTMB-AIS) and the patient cases have been selected, the auditing organization should contact the site to request the upload of documents for the selected patient(s). It is the responsibility of the auditing organization to communicate with the site regarding which items from the patient chart should be uploaded under each document type. The site preparing the documents for upload to the SDP will create the audit packages in PDF and upload them using the appropriate document type.

Timing of Auditor Access

Auditors can access the SDP screens to upload documents from the Site Audit Portal (SAP) on the CTSU website at www.ctsu.org or from the standalone application at https://sdp.ctsu.org.

The SAP grants auditors access to the uploaded source documents four weeks prior to the start of the audit. Auditors can use this time to complete the required training in CLASS and work with site staff to determine if any adjustments to the uploaded documents are required in advance of the actual audit; this will help to ensure the audit itself will run smoothly.

Auditor access to uploaded packages remains until the final audit report (or when required, a Corrective and Preventative Action Plan) is submitted in CTMB-AIS and the audit status changes to COMPLETE. At that point, all documents uploaded for the audit will automatically be deleted from the SDP.

Auditor Access to the Uploaded Packages

As noted previously, auditors would typically start the remote audit process in the SAP on the CTSU website (although direct access is available to the SDP Audit Review screen).

• Log in to the CTSU members website.
• Note: Auditors who have both LPO and site-level roles should select the option for LPO User at the top of the screen (see box near top of Figure 1).
• Click on the Auditing & Monitoring link and choose Site Audit Portal.
• Once in the SAP, use the drop-down to filter for either Scheduled or Ongoing audits to find the correct audit.

Once viewing the correct audit, there are two ways to access uploaded documents in the SDP:

1. Use the icon at the patient level to access individual patient documents in the SDP.
2. Use the button at the audit level to access all the patients and documents uploaded for the audit.

Upon clicking on one of the icons, the SDP will open in a separate tab, and the system will check the auditor’s identity, roles, and training status. If the auditor has not completed the required training in CLASS, they will receive the error message shown in Figure 2. They must complete the training before proceeding.

Note: As noted previously, it can take the involved systems up to six hours to process completion of the CLASS training.

Audit Review Page

Once an auditor connects to the Audit Review page of the SDP (see Figure 3), a list of documents (or audit packages) uploaded for the audit will populate. If the auditor has been requested to upload patient documents on the sites behalf they can do so on this page by clicking the document button on the top right of the page. In the document details popup window, verify the filter has the correct information for protocol, site, patient, and document type before uploading the package.

Whether the table on the Audit Review page will display all patients for the audit or a single patient depends upon which icon the auditor used in the SAP to access the SDP. Regardless, each row of the table represents a single uploaded document and includes information on the applicable LPO, protocol, site, patient, document type, status, and who last updated the upload and when.

Figure 3. Audit Review page of the SDP showing documents based on the audit selected in the filter.

Documents that have a document type that begins with the words Audit Package (and therefore an activity tag of AUDIT) will be available for viewing. Of note, sites have been instructed to use only the Audit Package document type when uploading materials for a remote audit. To access/open one of the packages, double-click on the hyperlinked document name.

If a site states that they inadvertently used a different document type for some of the audit documents, go to the SDP Browser → Document Repository page and search for the documents by protocol and patient; this will expose all uploads for the patient, even those that aren't linked with the AUDIT activity.

The following tools and icons are available on the Audit Documents screen:

• Audit Selection drop-down.
• Filters for use with any or all columns in the table.
• I buttons provide information on each entity, i.e., protocol, site, or person.
• Document History icon shows all actions related to the document, including who performed them and the dates and times.
• PDF icon and hyperlinked document type opens the document viewer.
• Export icon allows export of the table to Excel or PDF.

Viewing an Uploaded Document

When an auditor double-clicks on a hyperlinked document type within the table, the package will open in a separate Document Details window (see Figure 4). It is likely that each package will consist of multiple pages. Scroll through the entirety of each package (using the scroll bar on the right) to ensure that it contains what is expected based on the site, study, and patient and that the site properly redacted all necessary PII; as noted previously, the only PII that can be left unredacted is the subject's DOB and initials. Note that the site staff who uploaded the package may have updated or added an annotation to indicate the contents of the package (e.g., if they uploaded multiple packages of the same document type by cycle and want to specify which cycle a given package contains).

The features and tools available within the Document Details screen are shown in Figure 5.

Edit, Accept, or Reject Documents

• Edit: If the document includes the correct pages but the document type was set incorrectly, it is possible to modify the document type. For example, if the package was uploaded to satisfy patient eligibility but instead was labeled as document type of Audit Package – Data Quality, click on the Editicon, select the document type drop-down, and choose the correct value. Check the check box and then click Save at the bottom of the pane to complete the update.
  
  If the site failed to redact some required elements of PII, an auditor can choose to do the redaction on their behalf or reject the document. If performing the redaction, click on the Edit icon, access the redaction tool and obstruct the PII as necessary (go here to receive instruction on how to redact content in the SDP). Check the check box and then click Save at the bottom of the pane to complete the update.
• Accept: If the audit package has been properly redacted and uploaded, click the Accept icon. This will mark the package as TRIAGED. (It is not mandatory that auditors accept/triage documents uploaded for audits, but it can be helpful.)
• Reject: In the case of a package that needs to be rejected (e.g., it is entirely the wrong document, or does not appear to have undergone any redaction of PII and the site needs to do the redaction and upload again) click on the Reject icon and enter a reason for the rejection. Rejecting the document will completely remove it from the SDP and will generate an automated email to the site informing them of the rejection and the need to upload the package again.

Searching Within Documents

Documents uploaded to the SDP can be searched for a word or phrase using the functionality within the PDF viewer. This can be useful for documents with many pages or when searching for PII or other terms of interest.

To access the search pane, click the search icon at the top right of the uploaded document (as shown in Figure 4). The search pane can also be viewed by clicking the mouse pointer anywhere within the document and entering the hotkey "CTRL-F."

Note: Not all documents are searchable. Documents that are scanned prior to upload will be images of the document with the text layer removed. These images, even though saved as *.pdf, cannot be searched within the PDF viewer in the SDP.

To search the document, enter a word or phrase within the search field and click the search icon. If the document is searchable and at least one match is found for the word or phrase, the results will show in the search pane with page numbers and hyperlinks to the term within the document.

Access patients in Rave as normal and conduct the review by going between Rave and the audit packages in the SDP.

It is a matter of personal preference whether to conduct the full case review during the initial review of each package (as described above) or after that initial review. Furthermore, while it is not mandatory that each package is accepted, doing so will allow for better status tracking (i.e., accepted packages show as TRIAGED in the SDP), which may be beneficial to both auditors and site staff.