Appendix I - Expectations for Specific Serious Breach Topics, Guidance for the Notification of Serious Breaches of GCP or the Trial Protocol Version 6, 08 Jul 2020, MHRA

1. Should proof of fraud relating to clinical trial records or data be reported as a serious breach?

If the fraud is likely to have a significant impact on the integrity of trial subjects or the scientific value of the data, this will be a serious breach.

Although not a legal requirement under Regulation 29A, the MHRA GCP Inspectorate encourages the reporting of all confirmed instances of clinical trial fraud occurring at sites in the UK, which the Sponsor becomes aware of. The reason for this is that, although fraud at one particular trial site may not have a significant impact on scientific value or subject integrity for that particular trial, the MHRA would wish to assess the impact on other trials or subjects/patients at that site.

If clinical trial fraud is identified at a non-UK trial site, for a trial that is also being conducted in the UK, a serious breach notification should be submitted to MHRA if the fraud is likely to have a significant impact on the integrity of trial subjects in the UK or on the overall scientific value of the trial. A site refers to any site involved in the trial, for example, a CRO or other contracted organisation and not solely to investigator sites (such as laboratories analysing samples from UK patients/subjects).

2. Should a breach of GCP or the protocol leading to the death, hospitalisation or permanent disability of a trial subject in the UK be reported as a serious breach?

Serious Adverse Events (SAEs) and Suspected Unexpected Serious Adverse Reactions (SUSARs) resulting from a breach of the conditions and principles of GCP or a breach of the protocol, will constitute a serious breach. However, it should be noted that not every SAE or SUSAR would routinely be classified as a serious breach.

Also, submission of a serious breach notification to the MHRA Inspectorate does not obviate the requirement for a SUSAR report (where applicable) to be submitted to the concerned competent authorities, for example, via the EudraVigilance database. If the breach also resulted in a temporary /permanent halt to the trial, a substantial amendment would need to be submitted to the MHRA CTU and a further amendment approved to re-start the trial.

3. Should a failure to report adverse events, serious adverse events or SUSARs in accordance with the legislation be reported as a serious breach?

If this failure results in trial subjects, or the public, in the UK being put at significant risk, then this will constitute a serious breach, for example, inadequate safety reporting in dose escalation studies may impact on the decision to escalate to the next dose level.

4. Should persistent or systematic non-compliance with GCP or the protocol be reported as a serious breach?

If this non-compliance has a significant impact on the integrity of trial subjects in the UK or on the scientific value of the trial, this will constitute a serious breach. For example, widespread and uncontrolled use of protocol waivers affecting eligibility criteria, which leads to harm to trial subjects in the UK or which has a significant impact on the scientific value of the trial. Another example would be an investigator repeatedly failing to reduce or stop the dose of an IMP in response to a trigger defined in the protocol (for example, abnormal laboratory results).

5. Should a failure to control investigational medicinal product(s) be reported as a serious breach?

This will constitute a serious breach if the failure results in trial subjects or the public, in the UK being put at significant risk or the scientific value of the trial being compromised. If a serious breach occurs due to an IMP defect, a drug defect report may need to be submitted to the MHRA Defective Medicines Reporting Centre (DMRC), in addition to the serious breach notification.

6. For trials that are on-going in the UK, should serious breaches that occur at non-UK sites be reported?

If a serious breach is identified at an investigator site outside the UK that has a significant impact on the integrity of trial subjects at that non-UK site and is likely to have a significant impact on the integrity of trial subjects in the UK, then this will require notification to the MHRA. For example:

• The cause of the breach may be such that the breach may occur at other trial sites, e.g. death of a subject due to incorrect administration of IMP resulting from erroneous reconstitution instructions in the protocol. It should be noted that as well as having to notify the MHRA of the serious breach, other concerned competent authorities may also need to be informed.

• In relation to the example above, an urgent safety measure (USM) may need to be implemented to address the cause of the breach. If, in order to address the cause of a serious breach, an USM is implemented at UK sites, to amend the conduct of the trial or suspend the trial, the USM notification should be sent by the Sponsor to the MHRA Clinical Trials Unit within 3 days of identifying the measures to be taken (in accordance with Regulation 30), in addition to the serious breach notification to the MHRA Inspectorate.

• If a serious breach is identified at an investigator site outside the UK, which is likely to affect to a significant degree the overall scientific value of the trial and the result will impact on UK patients or the UK public (for example, data will be used in a marketing authorisation application that affects the UK), then this breach should be notified to the MHRA (other concerned competent authorities may also need to be informed).

Back to the index of the Guidance for the Notification of Serious Breaches of GCP or the Trial Protocol Version 6, 08 Jul 2020, MHRA, Medicines & Healthcare products Regulatory Agency