Meet CRO – Investigation Site Tech Challenges with CAS
CROs uses different systems to collect data as part of Clinical Trial process. In this article, I will try to highlight the tech challenges that the various CRO sites face and come up with CAS SSO based solutions to manage authentication and authorization functionality.
Sources of Clinical Trial Data:
The different systems/sources of Clinical Trial Data from Investigation sites are:
- EDC- Electronic Data Capture
- eCRF – Electronic Case Report Form
- IVRS /IWRS
- ePRO – Electronic Patient Report Outcome
- CTMS – Clinical Trial Management System
- LMS/Wiki – Learning Management Systems
- eTMF – Electronic Trial Master Files
- Laboratory Reports through Fax
- HMS – Hospital Management Systems
- HIS – Hospital Information Systems
- Custom Portals
Structured or unstructured data are collected and transferred from Trial sites. Over 30% of the data elements are classified as moderately complex or complex to be extracted by software with human intervention. Also the distribution significantly differs between the types of Clinical Trial.
Tech Challenges in CRO Sites:
- Providing Single Sign-on functionality
- Integrating discrete systems
- Reduce training time of different systems
- Processing unstructured data efficiently
- Secured data transfer and storage
- Meeting FDA guidelines / Compliances
There is a need to develop a single software platform that can meet the investigative site requirements considering the operational challenges and workflow. The effort and cost of the project is so high that the CROs and sponsors are looking for solutions that can address the critical issues immediately.
In high volume investigative sites, around 40 to 50 systems are used to capture data and each system has its own login credentials. It was found in a survey that people use secure software and notebooks/papers to store the password. Dedicated staffs are appointed to oversee the management and protection of passwords. Most of the systems/applications force the users to change password once in 90 days.
In this article, we would assess Single Sign-on system that can be used in Investigation sites to address some of the challenges faced by investigation sites in adopting some of the well known technical solutions.
CAS SSO Integrating Software Used in CRO Sites:
The Central Authentication Service (CAS) is a single sign-on protocol for the web. The user can access multiple applications with same credentials. Single Sign-On (SSO) means a better user experience when running a multitude of web services, each with its own means of authentication.
CAS is an open source system and it is integrated using JDK 1.7 and Apache Tomcat 8. CAS uses a push model and it is inherently scalable. The purpose of CAS is to simplify the steps needed for accessing a Web application securely. As it is a centrally managed service, CAS results require fewer man-hours on maintenance. The AuthenticationHandler used in CAS has a simple method that returns a Boolean value to indicate that the given set of Credentials is valid. AuthenticationHandler implementation links to some type of backend authentication repository, such as an LDAP server or database. CAS itself includes numerous AuthenticationHandlers out of the box. It would be possible to integrate and authenticate multiple applications seamlessly. With simple configuration, we can also control user access to functionality in the different systems using CAS.
CAS has been widely used to provide SSO functionality in many software applications. It can also be used to solve other challenges in the investigative sites like authorization and multi-factor authentication. While sponsors or CROs are looking to gather more data to improve their analysis and study, resolving the challenges through technology would undoubtedly increase the quality and quantity of Clinical Trial data.