Data Monitoring Committees (DMCs)/Data Safety Management Boards (DSMBs) have been around for over a decade in the US and EU. See: FDA’s guidance and the EMA.
Although not technically obligatory in the US, FDA expects and even requires them for many studies. Companies also are largely in favor of their use as it gives another layer of safety and protection to the patients and the companies. The methodology has largely been worked out and is usually rather straightforward.
Things got a little more complicated in the US, at least as of December 2015, when the FDA released a draft guidance on Safety Assessment for IND Safety Reporting.
This document makes several important proposals on clinical trial safety:
- Use of a Safety Assessment Committee
- Performance of aggregate analyses to compare AE rates across treatment groups
- Planned unblinding of safety data
- Reporting thresholds for IND safety reporting
- Development of a Safety Surveillance Plan
Safety Assessment Committee (SAC)
The one that has complicated things in terms of safety tracking is the first item, the Safety Assessment Committee (SAC). This committee oversees the evolving safety profile by reviewing the cumulative SAEs from all trials with the product plus other safety information (e.g. animal studies, epidemiology) as well as doing unblinded comparisons of event rates in study drug and control groups. The goal is to see whether a case or group of cases meet IND expedited reporting requirements. Another duty may be assisting the DMC about changing the trial, revising informed consent etc.
The FDA discussed the difference between the DMC And SAC. The DMC is often limited to only one trial on a particular product though I have served on DMCs that have monitored multiple trials or even all the trials of that particular drug. The FDA notes this in the 2015 guidance by saying that the DMC “will not be able to function as a safety assessment committee because a DMC may meet too infrequently and is usually focused on a single trial, rather than on the entire safety database. The DMCs also recommend to the sponsor when to modify or stop the study because the investigational drug is not effective or clearly demonstrates an adverse effect on an important safety endpoint.”
The SAC’s role is “to review accumulating safety data to determine when to recommend that the sponsor submit an IND safety report to FDA and all participating investigators.”
In addition, unblinding should be limited to the data that is needed to evaluate the event. The DMC is usually unblinded (though not always) but the SAC should remain blinded as much as possible but, in fact, may be totally unblinded in some instances.
This whole area is rather nebulous and there is overlapping of duties especially if the DMC reviews each SAE or each probable SUSAR in an unblinded fashion.
SACs vs DMCs
In practice, this has worked out a bit more cleanly than might have been anticipated.
The DMC is usually covering only one study and they meet infrequently (e.g. quarterly). The DMC makes study level decisions on changes to the protocol, stopping the study, etc. DMCs have been in place for nearly two decades and the mechanisms have been well worked out. In practice, some DMCs which had oversight of multiple studies have been stopped and the DMC will only cover one study. The SAC took over the overall safety review.
The SACs are less than 3 years old and the mechanisms have been worked out in various ways. The SAC analyzes data across an entire series of studies in the program for a product. The SACs have a larger role and establish or help establish a safety surveillance plan, decide which data to review and then create tables for aggregate analysis as well as having a role in many cases in defining the prospective anticipated SAEs, how causality will be determined and have an overview of IND safety reporting. They may also play a role in the standardization of coding if they see disparities across the studies. Since the SAC plays a large role in determining whether cases meet IND safety reporting criteria they may need to meet frequently such as weekly in large studies. This is now a full-time job in some situations. This is quite different from a DMC.
How This Is Set Up In Practice
Companies have responded in various ways usually as a function of their size.
Large companies, including multi-nationals with studies in other countries in addition to the US, may have sufficient personnel to set up formal in-house SACs which adhere to the requirements of the FDA draft guidance. The membership is internal and may include members around the world such that the meetings are by phone or internet. There is a formal SOP and/or charter for the SAC.
Some large companies out-source some or all of their SACs or SAC functions. The FDA now expects most programs, particularly complex ones with very ill patients or with drugs with potential safety issues, to have DMCs and an SAC in place even though the DMC and SAC documents are only guidances not obligations. The SAC should be in place early in the development process (e.g. Phase I).
Small and Midsize Companies
Small and midsize companies usually do not have sufficient personnel or infrastructure to set up an SAC. These companies usually out-source the SAC to one of the many CROs that offer this function.
The CRO will have a model or template SAC document which they will customize to meet the sponsor’s desires and needs. They will usually have a roster of available members such that the committee can be created in a couple of weeks. Sometimes one or more members of the sponsor serve on the SAC. This has worked well in practice. The charter/SOP must be quite specific and describe the interactions (blinded and unblinded) between the sponsor and SAC.
Administrative functions become very important with the SAC especially if they meet weekly, more frequently or ad hoc. There will be a lot of data to be tabulated and analyzed. As safety data coming in from the field can change daily, mechanisms must be put in place to set clear data lock points for data to be tabulated and sent to the SAC. Important updates (e.g. deaths) must also be conveyed.
If an important safety issue arises, the SAC should be able to meet within 24-48 hours in an ad hoc fashion to receive and analyze the data, meet and convey a formal decision to the sponsor. Operationally someone must “own” this function and be sure it operates well. Many companies and CROs have developed software to expedite this process. All of this must be in a set of written documents, SOPs, data table templates etc.
SACs are now de facto obligatory in many/most programs. They are complex to set up and may be even more complex to operate if there are many protocols in the program with thousands of patients. They are costly and most companies will not be able to set this up internally for large programs thus necessitating out-sourcing.