What is it? Why is it important?

Data Coding and Anonymisation is a process by which Sensitive Information (SI) is removed or encrypted in order to comply with privacy protection laws.

 

Coded Data

Participant SI (e.g. name, DOB, address) are replaced with an individualised ID-code. This code is subsequently used in the study (e.g. CRF). A separate access protected log documents the match between ID-Code and participant identifiers (e.g. participant-identification-log)

 

Anonymised Data

Participant SI (e.g. name, DOB, address) are irreversibly removed or altered in such a way, that participants can no longer be identified. Anonymisation can pose many challenges to realise. Anonymisation methods must be explained in detail, traceable and robust in order to prevent the re-identification of participants.

 

Participant SI includes:

  • Evident identifiers such as name, DOB, or personal address
  • Less obvious identifiers, which can lead to the identification of a participant when used in conjunction with other data (e.g. date of visits, rare diseases or conditions, marital status, number of children, religion, race)

What do I need to do?

As a Site-INV:

  • Identify study data that qualifies as SI
  • Identify and only collect SI needed for the interpretation / evaluation of the study
  • Describe planned coding/anonymisation procedures that comply with privacy protection laws, such as how to:
    • Replace SI with individualised participant ID-Codes
    • Encrypt SI. This requires decryption procedures in the event SI must be retreived at some later date
    • Define data potentially leading to participant identification. Ensure this information is removed prior to data transfer (e.g. to other researchers, statistician, laboratories)
    • Submit coding / anonymisation procedures to EC for approval

 

Consult with the data manager on how to best implement coding/anonymisation procedures in the study database.

More

Encrypted data is rendered unreadable to anyone except to a defined group of individuals. The process includes to:

  • Pass the data through a cipher, or a secret disguised way of writing (e.g. an algorithm that encodes data according to a key)
  • Only individuals that possess the key on how to decrypt the data can read its content

 

Example on how to create participant ID-Codes

  • When managing multiple studies, define a prefix to easily identify the study (e.g. TGF)
  • In multicentre studies, define a different code for each study site (e.g. S1, S2, S3, ....)
  • Add participant inlusion number (e.g. 01, 02, 03, …)
  • Separate ID-digits using a symbol (e.g. dash (-) or underscore (_))
  • Example participant ID-Code: Study_Site_Participant = TGF-2-05

 

A coding system can also be predefined in the CDMS of the study.

Where can I get help?

Your local CTU can support you with experienced staff regarding this topic

External Links

Swissethics –see in particular

  • Topics /Other Topics / Coding of trial subjects accepted by swissethics

FADP – Federal Act on Data Protection

GCDMP – see in particular

  • Chapter “Data Privacy”

SCTO Regulatory Affairs – see in particular

  • RAW Issue 1, April 2019,  Essential information on data protection

References

ICH GCP E6(R2) – see in particular guidelines

  • 2.11 Confidentiality of records
  • 4.9 Records and reports
  • 5.5 Trial management, data handling, and record-keeping

Swiss Law

HRA – see in particular articles

  • Art. 3 Definition of coded and anonymised health related data and biological material
  • Art. 56 Transparency and data protection
Abbreviations
  • CDMS – Clinical Data Management System
  • CTU – Clinical Trials Unit
  • DOB – Date of Birth
  • EC – Ethics Committee
  • FADP – Federal Act on Data Protection
  • GCDMP – Good Clinical Data Management Practice Guide
  • HRA – Human Research Act
  • ICH GCP – International Council for Harmonisation - Good Clinical Practice
  • ID – Identifier
  • RAW – Regulatory Affairs Watch
  • SI – Sensitive Information
  • SP-INV – Sponsor Investigator
  • SCTO - Swiss Clinical Trial Organisation
Development ↦ Data Management ↦ Database Development ↦ Data Coding and Anonymisation
Study
Basic

Provides some background knowledge and basic definitions

Basic Protocol
  1. Research and Ethics
    1. Principles
    2. Ethical Dilemma
  2. Study Protocol
    1. Aim
Basic Management
  1. Study Management
    1. Definition
Basic Ethics and Laws
  1. Principles of Ethics Research
    1. Declaration of Helsinki
    2. Declaration of Taipei
  2. Authorities
    1. Ethics Committee
    2. Swissmedic
    3. Federal Office of Public Health
    4. International
  3. Swiss Law
    1. Human Research Act
    2. Transplantation Act
    3. Stem Cell Research Act
    4. Data Protection Act
  4. Clinical Trials Ordinance
    1. Aim
    2. Medicinal Product Studies
    3. Other Clinical Studies
    4. Transplantation
    5. Standardized Transplant Products
    6. Gene Therapy, GMO, Pathogenic
    7. Ionising Radiation
  5. Clinical Trials with Medical Device Ordinance
    1. Aim
    2. Medical Device Studies
    3. In Vitro Diagnostic Medical Device Studies
    4. Ionising Radiation
  6. Medical Device Ordinance
    1. Aim
    2. Notified Bodies
  7. Human Research Ordinance
    1. Aim
    2. Projects with Data and Biological Material
    3. Further-use of Data and Biological Material
    4. Further-use and Informed Consent
    5. Deceased Persons Embryos and Foetuses
  8. Organisation Ordinance
    1. Aim
  9. Human Research Coordination Portal
    1. Federal Office of Public Health
  10. Submission Portal
    1. Ethics Portal BASEC
    2. Swissmedic Portal
  11. Guidelines
    1. Good Clinical Practice
    2. ISO 14155
    3. ISO 20916
Basic Documents
  1. Document Management
    1. Purpose
    2. In Studies
    3. Document Identification
    4. Document Filing
  2. Standard Operating Procedures
    1. Purpose
  3. Working Instructions
    1. Purpose
  4. Logs
    1. Purpose
  5. Essential Documents
    1. Requirement
  6. Certified Copies
    1. Procedures
  7. Staff Documents
    1. Qualifications
    2. Training
Basic Safety
  1. Safety Laws
    1. Aim
  2. Safety Terminology
    1. Overview
  3. Safety Data
    1. Product Development
    2. Pre-Clinical Studies
    3. In Clinical Studies
  4. Safety Information
    1. Investigator Brochure
  5. Safety Vigilance
    1. Pharmacovigilance
    2. Materiovigilance
Basic Data Management
  1. Data Management in Studies
    1. Aim
  2. Study Database
    1. Clinical Data Management System
    2. Study Data
    3. Raw Data
    4. Metadata
  3. Regulatory Requirements
    1. Swiss Law
    2. EU Regulation
Basic Statistic Methodology
  1. Statistics
    1. Definition
    2. Statistician Role
    3. Statistical Software
  2. Research Question
    1. Definition
    2. The Population
    3. Intervention and Control Group
    4. Placebo and Comparator
    5. Study Outcome Endpoint
    6. Outcome Endpoint Description
  3. Study Design
    1. Definition
    2. Sample Size Calculation
    3. Randomization
    4. Study Blinding
    5. Interim Analysis
  4. Data Collection
    1. Planning
    2. Predictor Variable
    3. Confounding Variable
Basic Quality and Risk
  1. Risk Management Definitions
    1. Risk-Based Approach
    2. Risk Identification
    3. Risk Evaluation and Prioritisation
    4. Risk Evaluation Matrix
    5. Risk Control Measures
  2. Quality Management System (QMS)
    1. Risk Based
  3. Risk-Based QMS Responsibilities
    1. Sponsor-Investigator
    2. Site-Investigator
    3. Study Staff
Basic Monitoring
Basic Drug or Device
Basic Biobanking
  1. Definition
    1. Biobank
    2. Biological Material
    3. Specimen / Sample
    4. Pre-Analytical Phase
    5. Data Coding / Anonymisation
    6. Incidental Findings
  2. Donor
    1. In Research
  3. The Swiss Law
    1. Human Research Ordinance
    2. Research with Biological Material
    3. Further Use of Biological Material
    4. Further Use and Informed Consent
  4. Ethics Principles
    1. Declaration of Taipei
  5. Biobanking Standards
    1. ISO Biobanking
  6. Swiss Biobanking Platform
    1. Aim
    2. Services
    3. Quality Labels
Concept

Starts with a study idea

Ends after having assessed and evaluated study feasibility

Concept Protocol
  1. Research Question
    1. Feasibility
Concept Management
  1. Study Idea
    1. Implementation
    2. Design
  2. Resources
    1. Study Staff
    2. Infrastructure
    3. Storage
    4. Partners
    5. Budget
Concept Ethics and Laws
  1. Research Aim
    1. Advancing Science
    2. Marketing Products
  2. Research Integrity
    1. Principles
    2. Conflict of Interest
    3. Participant Protection
  3. Ethics and Regulatory Requirements
    1. Ethics Requirements
    2. Laws and Guidelines
    3. Institution Requirements
    4. Study Compliance
  4. Study Categorisation
    1. Procedures
    2. Risk Categories
  5. Ethics and Regulatory Advice
    1. Ethics Clarification
    2. Swissmedic Scientific Advice
    3. Swissmedic Pre-Submission
Concept Documents
  1. Required Documents
    1. Protocol and Synopsis
    2. Feasibility
    3. Investigator's Brochure
Concept Safety
  1. Safety in Studies
    1. Risk-Benefit Ratio
    2. Participant Risk-Benefit
Concept Data Management
  1. Stakeholders
    1. Sponsor-Investigator
    2. Data Manager
    3. Statistician
    4. Site-Investigator
    5. Monitor
  2. Clinical Data Mgmt. System
    1. Selection
    2. Computer System Validation
  3. Server Management
    1. Data Storage
    2. Back-Up and Recovery
Concept Statistic Methodology
  1. Study Feasibility
    1. Research Question
Concept Quality and Risk
  1. Study Feasibility
    1. Aim
    2. Feasibility Questionnaire
    3. Risk Assessment Form
    4. Study Team
Concept Monitoring
  1. Monitoring
    1. Aim
    2. Study Requirement
    3. Site Qualification
Concept Drug or Device
Concept Biobanking
  1. Biobanking in Studies
    1. Requirement
    2. Quality of Biological Material
  2. Management of a Biobank
    1. Biobank Goverance
    2. Biobank Regulation
    3. Material Transfer Agreement
Development

Starts with confidence that the study is feasible

Ends after having received ethics and regulatory approval

Development Protocol
  1. Formal Structure
    1. Requirements
    2. Protocol Template
  2. Writing the Protocol
    1. Content
    2. Responsibilities
  3. Study Participants
    1. Participant Risks and Benefits
    2. Participant Right
Development Management
  1. Responsibilities
    1. Sponsor-Investigator
    2. Site-Investigator
    3. Staff Qualification and Training
    4. Good Clinical Practice Training
  2. Study Quality
    1. Implementation
  3. Study Safety
    1. Requirement
  4. Study Management
    1. Oversight
    2. Tracking
    3. Infratructure and Maintenance
    4. Multicentre Studies
    5. Insurance
    6. Outsourced Services
    7. Contract
    8. Budget
  5. Study Documents
    1. Protocol
    2. Participant Information Sheet
    3. Informed Consent Form
    4. General Consent
    5. Essential Documents
    6. Source Data
  6. Informed Consent Process
    1. Procedures
    2. Exemption from written Consent
  7. Study Approval
    1. Ethics Committee
    2. Swissmedic
    3. Fed. Off. Public Health
  8. Biobanking
    1. Management
Development Ethics and Laws
  1. Ethics Application
    1. Submission
    2. Application Dossier
    3. Approval
  2. Swissmedic Application
    1. Submission
    2. Application Dossier
    3. Early Clarification Meeting
    4. Late Clarification Meeting
    5. Approval Medicinal Products
    6. Approval Medical Device
  3. Federal Office of Public Health
    1. Submission
    2. Approval
  4. Liability
    1. Insurance
    2. Good Clinical Practice
Development Documents
  1. Required Documents
    1. Study Protocol
    2. Participant Information
    3. Insurance and Contract
    4. Study Documents
    5. Document Submission
Development Safety
  1. Safety Documentation
    1. The Protocol
    2. Study Documents
    3. Data Protection
Development Data Management
  1. Database Development
    1. Variables
    2. Specification
    3. Case Report Form
    4. Calculated Fields
    5. Data Coding and Anonymisation
    6. Data Confidentiality
  2. Data Quality
    1. Requirement
    2. Quality Assurance
    3. Data Mgmt. Plan
    4. Data Monitoring
    5. Data Transfer Agreement
  3. Database Lock
    1. Procedures
Development Statistic Methodology
  1. Statistics in the Protocol
    1. The Hypothesis
    2. Data-Analysis-Set
    3. Primary and Secondary Analysis
    4. Analysis Method
    5. Missing Data
    6. Study Termination Criteria
  2. Analysis Plan
    1. Procedures
  3. Sample Size
    1. Justification and Description
Development Quality and Risk
  1. Study Risk Management
    1. Risk Identification
    2. Risk Evaluation and Prioritisation
    3. Risk Control Measures
    4. Process Verification and Training
  2. Quality Assurance
    1. Aim
    2. Verification
    3. Audit
  3. Quality Control
    1. Aim
    2. Monitoring
    3. Non-Compliance
  4. Risk Communication
    1. Strategy
Development Monitoring
  1. Montoring Strategy
    1. Aim
    2. Risk-Based Monitoring
    3. On-Site Monitoring
    4. Central Data Monitoring
    5. Off-Site Monitoring
    6. Monitoring Plan
Development Drug or Device
Development Biobanking
  1. Biobank Set-Up
    1. Biobank Database
    2. Facilities and Materials
    3. Collection / Storage Containers
    4. Storage Equipment
    5. Equipment Maintenance
    6. Freezer Emergency Plan
  2. Donor Consent
    1. In Clinical Studies
    2. In Research Projects
    3. For Further Use
    4. Communication
  3. Handling of Biological Material
    1. Sample Workflow
    2. Sample Collection
    3. Sample Transport
    4. Sample Reception
    5. Sample Processing
    6. Sample Storage
    7. Sample Distribution
    8. Sample Analysis
  4. Documentation
    1. Forms and Logs
    2. Non-Conformities
  5. Safety
    1. Risk-Based Approach
    2. Donors
    3. Biobanking Staff
  6. Quality Control
    1. Quality Control Indicators
    2. Data Monitoring
    3. Method Validation
Set-Up

Starts with ethics and regulatory approval

Ends after successful study initiation

Set-Up Protocol
  1. Protocol Training
    1. Requirements
Set-Up Management
  1. Registration
    1. Research Transparency
  2. Study Training
    1. Staff Delegation
  3. Document Management
    1. Requirements
  4. Investigational Product
    1. Definition and Handling
  5. Laboratory
    1. Purpose and Requirement
  6. Study Ready for Conduct
    1. Requirements
    2. Site Initiation Visit
Set-Up Ethics and Laws
  1. Study Set-Up
    1. Requirements
Set-Up Documents
  1. Required Documents
    1. Study Initiation
    2. Master and Site File
Set-Up Safety
  1. Safety Management
    1. Safety Management Plan
    2. Emergency Unblinding
  2. Data Safety Monitoring Board
    1. Aim
Set-Up Data Management
  1. Database Release
    1. Requirement
    2. Access Rights
    3. Training
Set-Up Statistic Methodology
Set-Up Quality and Risk
Set-Up Monitoring
  1. Site Initation Visit
    1. Aim
    2. Prerequisite
    3. Preparation
    4. Conduct
    5. Report
Set-Up Drug or Device
Set-Up Biobanking
  1. Regulatory Affairs
    1. Requirement
  2. Staff Management
    1. Requirement
  3. Sample Management
    1. Sample Traceability
    2. Packaging and Shipment
  4. Biobanking in Studies
    1. Procedures
  5. Data Integrity
    1. Data Accuracy
Conduct

Starts with participant recruitment

Ends after the last participant has completed the last study visit

Conduct Protocol
  1. Protocol Amendment
    1. Procedures
Conduct Management
  1. Participant Recruitment
    1. Pre-Screening
    2. Screening and Consent
    3. Documentation
  2. Amendment
    1. Protocol
    2. Patient Information
  3. Responsibility and Oversight
    1. Sponsor and Site-Investigator
    2. Drug and Device Accountability
    3. Compliance
    4. Newsletter
Conduct Ethics and Laws
  1. Study Conduct
    1. Ongoing Tasks
    2. Data Protection
  2. Participant Protection
    1. Requirements
    2. Consent of Vulnerable Participants
  3. Amendment
    1. Type
    2. Submission
    3. Approval
  4. Safety
    1. Requirements
  5. Inspections and Audits
    1. Inspection Conduct
    2. Audit Conduct
    3. Audit Certificate
  6. Premature Study Termination
    1. Rationale
    2. ReportingTimelines
Conduct Documents
  1. Required Documents
    1. Study Documentation
    2. Patient File
    3. Source Data
    4. Amendment
Conduct Safety
  1. Safety Risk Review
    1. Aim
  2. Safety Assessment
    1. Medicinal Product
    2. Medical Device
    3. Other Clinical Trials
    4. Research Projects
  3. Safety Reporting
    1. Procedures
    2. Responsibilities
  4. Medicinal Product Safety Reporting
    1. Adverse Event
    2. Serious Adverse Event
    3. (Serious) Adverse Drug Reaction
    4. Suspected Unexpected Serious Adverse Reaction
    5. Advanced Therapies
  5. Medical Device Safety Reporting
    1. Adverse Event / Adverse Device Effect
    2. Serious Adverse Event and Device Effect
    3. Device Deficiency
  6. Research Project Safety Reporting
    1. Serious Events
  7. Safety and Protective Measures
    1. Procedures
  8. Annual Safety Report
    1. Procedures
Conduct Data Management
  1. Data Entry
    1. Requirement
    2. Collection
  2. Data Quality
    1. Responsibility
  3. Amendment
    1. Requirement
    2. Adding Stakeholders
  4. Data Processing
    1. Data Import
    2. Interim Lock
    3. Data Translation
Conduct Statistic Methodology
  1. Interim Analysis
    1. Procedures
Conduct Quality and Risk
  1. Risk Review
    1. Re-Evaluation
    2. Risk Documentation
  2. Deviation Documentation
    1. Note to File
  3. Regulatory Inspections
    1. Conduct
    2. Findings
    3. Corrective and Preventive Actions
Conduct Monitoring
  1. Routine Monitoring Visit
    1. Preparation
    2. Conduct
    3. Findings
    4. Report
    5. Follow-Up Letter
Conduct Drug or Device
Conduct Biobanking
  1. Biobanking Operation
    1. Processes
Completion

Starts with last study visit completed

Ends after study publication and archiving

Completion Protocol
  1. Administrative Tasks
    1. Procedures
Completion Management
  1. Study Closure
    1. Close-Out Visit
    2. Database Lock
    3. Notification of Closure
    4. Lessons Learned
  2. Clinical Study Report
    1. Requirement
  3. Publishing
    1. Study Registries
    2. Scientific Publications
  4. Archiving
    1. Storage
Completion Ethics and Laws
  1. End of Study Notification
    1. Reporting and Liability
    2. Registry Update
  2. Clinical Study Report
    1. Requirement
  3. Publications
    1. Responsibilities
  4. Inspections and Audits
    1. Procedures
  5. Archiving
    1. Requirements
    2. Duration
Completion Documents
  1. Required Documents
    1. Study Closure
    2. Doument Archiving
    3. Document Destruction
Completion Safety
  1. Clinical Study Report
    1. Procedures
Completion Data Management
  1. Final Database Lock
    1. Procedures
  2. Data Export
    1. Data Formatting
    2. Data Sharing
  3. Clinical Study Report
    1. Requirement
  4. Archiving
    1. Requirement
Completion Statistic Methodology
Completion Quality and Risk
  1. Clinical Study Report
    1. Risk Reporting
    2. Lessons Learned
  2. Archiving
    1. Study Records
Completion Monitoring
  1. Close-Out Visit
    1. Preparation
    2. Conduct
    3. Report
    4. Follow-Up Letter
    5. Archiving
Completion Drug or Device
Completion Biobanking
  1. Leftover Biological Material
    1. For Further-Use
    2. Destruction
  2. Publication
    1. Analytical Results
Current Path (click to copy): Development ↦ Data Management ↦ Database Development ↦ Data Coding and Anonymisation

Please note: the Easy-GCS tool is currently under construction.