Published on 21/12/2025
Comparing eSource and Scanned Source Documents for Remote SDR
Understanding the Difference Between eSource and Scanned Source in Clinical Trials
Remote source data review (SDR) relies heavily on how source documents are made available to monitors. In the evolving regulatory landscape, two primary formats dominate: electronic source (eSource) and scanned source documents. While both are used to support remote oversight, they differ significantly in terms of validation, traceability, regulatory expectations, and operational efficiency.
eSource refers to data originally recorded electronically, often in systems like electronic medical records (EMRs), eDiaries, or direct data capture tools validated for clinical use. These systems typically include audit trails, controlled user access, and structured metadata. In contrast, scanned source refers to paper source documents that are scanned into PDF or image formats and uploaded to portals or repositories for remote review.
The FDA and EMA both accept eSource under certain conditions, emphasizing data integrity, access control, audit trail functionality, and traceability. Scanned documents are permissible as supporting records but often face challenges in standardization, redaction, and authentication. Understanding the differences between these formats is crucial for inspection readiness, especially when implementing remote SDR workflows.
Key Differences Between eSource and
The table below outlines the main differences sponsors must consider when using eSource or scanned source in centralized or remote monitoring environments:
| Aspect | eSource | Scanned Source |
|---|---|---|
| Data Origin | Captured electronically at source | Captured on paper, then scanned |
| Validation | Requires system validation (e.g., GAMP5, 21 CFR Part 11) | No system validation required, but process must be SOP-governed |
| Audit Trail | In-built audit trail logs every change, user, timestamp | Limited or absent audit trail; requires manual log or notation |
| Access Control | Granular user access managed via roles | Access often managed via portal login; less granular |
| Redaction for Privacy | Can automate PHI masking using role settings | Manual redaction (blackout or editing before scan) |
| Data Traceability | Direct linkage to eCRF via integration | Visual comparison only; no data-level traceability |
| Document Authentication | Digitally signed by authorized users | Stamped or signed physically; requires scanned signature pages |
| Regulatory Acceptability | Supported by FDA, EMA under Part 11 and Annex 11 guidance | Accepted when traceable, legible, and properly redacted |
Sponsors must ensure that whichever format is used, it aligns with ICH GCP, FDA/EMA guidance, and is documented in the Monitoring Plan and TMF index. Reviewers must be trained in handling both formats, including limitations and evidence expectations.
Implementation Considerations for Remote SDR Using eSource or Scanned Source
The choice between eSource and scanned source is often dictated by site infrastructure, technology contracts, data sensitivity, and regulatory environment. Regardless of the source type, sponsors must take the following implementation steps to ensure compliance and inspection-readiness:
- Access Governance: Set up role-based access for remote reviewers. For eSource, this may involve virtual EMR access portals. For scanned source, ensure secure file-sharing portals are validated and access-controlled.
- Documentation SOPs: Clearly define how source data is captured, uploaded, reviewed, and filed. Include handling of redactions, version control, and backup.
- Audit Trail Capture: For eSource, ensure audit logs are extractable for inspections. For scanned source, maintain reviewer logs noting review date, initials, and any discrepancies identified.
- Training and Verification: Provide role-based training for monitors, data reviewers, and site staff on source document formats, remote access, and documentation expectations.
- Filing in TMF: Ensure source data review logs, dashboard exports, and any related CAPA or escalations are traceable and stored in the TMF under appropriate sections (typically 1.5.7 or 5.4).
Case Study: Mixed Format SDR in a Multicenter Trial
In a 400-subject, Phase II trial across 8 countries, the sponsor deployed a mixed SDR approach. Four sites used eSource via EMR integration, while four relied on scanned documents uploaded weekly to a secure portal. The central monitoring team implemented the following process:
- Developed two SDR SOP annexes (eSource and scanned)
- Trained central monitors on dual-review templates
- Used the same KRI framework (e.g., missed visit documentation, AE underreporting)
- Logged SDR outcomes in a unified SDR Review Tracker
During an FDA inspection, the inspector sampled five subjects—three from eSource, two from scanned—and requested review logs, audit trails, and CAPA follow-ups. The sponsor was able to provide complete documentation, reviewer signatures, timestamps, and corrective action details. No observations were issued.
Inspection Readiness: SDR Documentation Requirements by Format
The following checklist can be used to ensure that SDR documentation is format-compliant and audit-ready:
| Requirement | eSource | Scanned Source |
|---|---|---|
| Reviewer Logs | Integrated into platform or captured via external tracker | Manual entry in Excel log or audit form |
| Audit Trails | System generated, exportable | Not available; replaced by manual evidence |
| Access Control | Role-based system login | Portal access login with two-factor authentication |
| PHI Redaction | Automated via access rules | Manual blackout or post-scan editing |
| CAPA Linkage | Linked via issue management system | Referenced in SDR tracker manually |
| TMF Filing | Audit trail, screenshots, reviewer logs filed | Scans, review forms, escalation notes filed |
Conclusion: Choosing the Right Source Format for Your SDR Strategy
Both eSource and scanned source documents can support remote SDR when implemented correctly. However, they carry different compliance risks and documentation requirements. Sponsors must ensure that processes are SOP-governed, roles are trained, systems are validated, and all actions are traceable for inspections.
Key takeaways:
- eSource offers greater efficiency, audit readiness, and automation but requires system validation
- Scanned source is flexible but requires careful documentation, redaction, and TMF mapping
- Both formats should be addressed in the Monitoring Plan, RBM framework, and CAPA escalation logic
- Training and reviewer logs are essential in demonstrating oversight consistency
As regulators focus increasingly on remote oversight and source data integrity, understanding the nuances between source formats will be critical to trial success and inspection preparedness.