site or sponsor lead using a formal request form or workflow tool.

Step 2: Revoke Old User’s Access – Disable login, archive credentials, and record in audit log.

Step 3: Assign and Validate New User Role – Provision new user with appropriate permissions and confirm via SOP-defined checklist.

Step 4: Update Documentation – Reflect changes in delegation logs, TMF, and system access logs.

For instance, when replacing a CRA, the new user must be configured to view monitoring reports but not edit CRF data entered by the site.

3. Deactivation Protocols for Departing Users

To minimize risks, deactivation must follow a defined and documented protocol:

• Confirm end of participation with site or sponsor management
• Revoke EDC system access immediately
• Retain login history and role-based permissions in the audit trail
• Remove user from communication and distribution lists

Delayed deactivation can lead to unauthorized logins, as noted in a recent EMA inspection where an ex-PI had active access 30 days post-departure, triggering a CAPA.

See sample access control SOPs at PharmaValidation.in.

4. Permission Verification for the New User

Merely duplicating the previous user’s access may not suffice, especially if responsibilities vary. Steps include:

• Mapping the new user’s job function against access rights
• Testing access before go-live (e.g., can the user respond to queries but not export data?)
• Validating any blinded/unblinded views for Medical Monitors
• Documenting approval and activation date

For example, if a site adds a new Study Coordinator, their access must enable data entry but restrict signature authority, which is reserved for the PI.

5. Audit Trail Requirements for Role Changes

Role modifications must be logged with:

• User ID and username
• Previous and new roles
• Timestamp of the change
• Initiator and approver of the request

Systems like Medidata Rave and Oracle InForm support automated audit trail logs for each access change. These logs should be retained in the TMF and available during regulatory inspections.

ICH GCP E6(R2) 5.5.3 specifically requires that electronic systems maintain a security and audit trail to track data modifications—including user access transitions.

6. Communication and Training for New Users

After technical provisioning, sponsors must ensure:

• Completion of EDC system training modules
• GCP refresher for system access expectations
• Familiarity with study-specific CRFs and edit checks

New users should not begin working in the system until all training records are completed and archived. Any deviation must be documented and approved by QA.

7. Managing Role Changes at Scale

In large global studies with hundreds of users, role changes may occur weekly. Best practices for scalable management include:

• Maintaining a centralized User Access Matrix
• Automated provisioning systems integrated with CTMS
• Quarterly access reviews across sponsor and CRO users
• Version-controlled Role Assignment SOPs

For example, a sponsor may set up a centralized EDC Access Portal with standardized request forms and automated notifications to IT and QA teams.

Conclusion: Ensure Compliance with Structured Role Change Workflows

Managing mid-trial role changes is not merely a technical task—it is a critical compliance and data security function. By establishing SOP-driven processes for deactivation, new role assignment, documentation, and audit trails, sponsors and sites can reduce risks and maintain regulatory readiness throughout the trial lifecycle.

Every access change should be traceable, justifiable, and auditable. Sponsors must ensure that role transitions—whether at site, sponsor, or vendor level—are handled with the same rigor as protocol amendments or data corrections.

Download access templates and SOP examples at PharmaValidation.in.