E-Prescription Advisory Notice

Office of Compliance Services – E- Prescription Activity Advisory Notice: Assembly Bill No. 2789

May 31st, 2021

As of January 1, 2022, Assembly Bill No. 2789 requires health care practitioners authorized to issue prescriptions to have the capability to transmit electronic data transmission prescriptions, and would require pharmacies to have the capability to receive those transmissions. The bill would require those health care practitioners to issue prescriptions as an electronic data transmission prescription, unless specified exceptions are met.

The law provides certain exemptions, including if transmission of the prescription is temporarily unavailable because of technological or electrical failure; if the prescription is dispensed by a pharmacy located outside California; or if the prescription is issued to a patient who has a terminal illness pursuant to Section 11159.2 of the Health and Safety Code. The complete list of exemptions is included within Business and Professions Code section 688.

In addition to the electronic transmission requirements for most prescriptions, there are additional new requirements for controlled substance prescriptions. Under this law, a healthcare practitioner who does not issue a controlled substance prescription as an electronic data transmission prescription due to technological or electrical failure shall document the reason in the patient’s medical record as soon as practicable, and within 72 hours of the end of the technological or electrical failure.

The bill states that failure to meet the applicable requirements will result in administrative sanctions as deemed appropriate by the medical board.

References:

https://www.dca.ca.gov/licensees/ab2789_bulletin.pdf

https://leginfo.legislature.ca.gov/faces/billTextClient.xhtml?bill_id=201720180AB2789

Thank you,

Elizabeth Ruszczyk,
Acting Chief Compliance Officer
Chief Privacy and Data Security Officer
Office of Compliance Services
UCLA Health Sciences

Clinical Research Advisory Notices

 

Office of Compliance Services - Clinical Research Advisory Notice: DocuSign Application validated for 21 CFR Part 11 Compliance

August 2, 2021

Title 21 CFR Part 11 is the part of the Code of Federal Regulations that establishes the United States Food and Drug Administration (FDA) regulations on electronic records and electronic signatures (ERES). Part 11 defines the criteria under which electronic records and electronic signatures would be considered reliable, consistent and equivalent to paper records (Title 21 CFR Part 11 Section 11.1 (a)).

Part 11 applies to “records in electronic form that are created, modified, maintained, archived, retrieved, or transmitted under any records requirements set forth in Agency regulations.” Consequently, if a research site owns (i.e. UCLA Health Sciences), controls, or operates its own systems with electronic FDA-regulated records, Part 11 applies. This is applicable for electronic records that include, but are not limited to: Signed consent forms, Source documentation, Institutional review board (IRB) records, Drug accountability logs, Delegation of authority logs, and Other records required to be kept by the research site per FDA regulation.

Part 11 requires that controls, system validations, audit trails, electronic signatures, and documentation be implemented for software and systems involved in the processing of electronic information and data that FDA predicate rules require to be maintained. A predicate rule is any requirement delineated in the Federal Food, Drug and Cosmetic Act, the Public Health Service Act, or any FDA regulation other than Part 11.

As a result of a thorough review and analysis, the UCLA Health Sciences Enterprise Clinical Research Information Systems Department together with the Office of Compliance Services has validated the DocuSign Application to be compliant with 21 CFR Part 11 requirements.

If you are contacted by a study sponsor, Contract Research Organization (CRO), or another party seeking certification of compliance with 21 CFR Part 11 pertaining solely to the DocuSign Application, you may rely upon and provide the attached document to the requester, without completing additional sponsor/requester provided forms. This compliance statement document may also be printed out and maintained with other required research records.

In the event the sponsor, CRO, or requester is seeking certification of compliance with 21 CFR Part 11 pertaining to the other electronic systems used by UCLA clinical investigators (e.g. Box, REDCap, OnCore, etc.), please contact the Office of Compliance Services at: [email protected]; or 310-794-6763 for assistance.

Thank you,

Eric E. Evans
Acting Chief Compliance Officer
Deputy Compliance Officer
Office of Compliance Services
UCLA Health Sciences

Office of Compliance Services - Clinical Research Advisory Notice: UCLA HS Policy 9441 - FDA Inspection Notifications Related to Research Studies Policy effective 7/27/2017

August 1, 2017

The Food and Drug Administration (FDA) developed the Bioresearch Monitoring Program (BIMO) to help ensure and monitor the protection of the rights, safety, and welfare of human research subjects involved in FDA-regulated clinical research studies. The BIMO program was also intended to verify the accuracy and reliability of clinical study data submitted to the FDA in support of research or marketing applications and to assess compliance with statutory requirements and FDA's regulations governing the conduct of clinical research studies.

The FDA BIMO Program involves site visits to clinical investigators, sponsors, monitors, contract research organizations (CROs), Institutional Review Boards (IRBs), non-clinical (animal) laboratories, and bioequivalence analytical laboratories.

The FDA conducts both announced and unannounced inspections of clinical investigator sites. These inspections are typically conducted under the following circumstances:

• To verify the accuracy and reliability of data that has been submitted to the agency;
• As a result of a complaint to the agency about the conduct of the study at a particular investigational site;
• In response to study sponsor’s concerns;
• Upon termination of the clinical site;
• During ongoing clinical research studies to provide real-time assessment of the investigator’s conduct of the study and protection of human subjects enrolled in the study;
• At the request of an FDA review division; and
• Related to certain classes of investigational products that FDA has identified as products of special interest in its current work plan (i.e. targeted inspections conducted based on current public health concerns).

In the event a UCLA faculty or staff member is notified of an upcoming FDA inspection, or if the inspector arrives onsite for an unannounced inspection, please refer to UCLA HS Policy 9441 (attached) for guidance regarding notifications to be sent to UCLA Officials and the study sponsor, as well as the prospective post-inspection response and corrective actions that may be required. This policy applies to all UCLA faculty and staff involved in the implementation, conduct, and coordination of FDA-regulated clinical research studies.

For additional assistance or inquiries, please contact the Office of Compliance Services at (310) 749-6763 and [email protected], the JCCC Office of Regulatory Compliance at (310) 206-5775 and [email protected], or the CTSI Office of Regulatory Affairs at (310) 794-8900 and [email protected].

Thank you,

Derek H. Kang
Chief Compliance Officer for
UCLA Health System and
David Geffen School of Medicine
Office of Compliance Services

Office of Compliance Services - Clinical Research Advisory Notice: 21 CFR Part 11 Compliance

September 1, 2016

Title 21 CFR Part 11 is the part of the Code of Federal Regulations that establishes the United States Food and Drug Administration (FDA) regulations on electronic records and electronic signatures. Part 11 defines the criteria under which electronic records and electronic signatures would be considered reliable, consistent and equivalent to paper records (21 CFR 11.1 (a)).

Part 11 requires that controls, system validations, audit trails, electronic signatures, and documentation be implemented for software and systems involved in the processing of electronic information and data that FDA predicate rules require to be maintained. A predicate rule is any requirement delineated in the Federal Food, Drug and Cosmetic Act, the Public Health Service Act, or any FDA regulation other than Part 11.

As a result of a thorough review and analysis, the UCLA Health Sciences Enterprise Compliance Oversight Board believes that UCLA's EPIC system is compliant with 21 CFR Part 11 requirements.

If you are contacted by a study sponsor or another party seeking certification of compliance with 21 CFR Part 11 pertaining solely to the UCLA EPIC System, you may rely upon and provide the attached document to the requester, without completing additional sponsor/requester provided forms. This compliance statement document may also be printed out and maintained with other required research records.

In the event the sponsor or requester is seeking certification of compliance with 21 CFR Part 11 pertaining to the other electronic systems used by UCLA clinical investigators (e.g. REDCap, OnCore, etc.), please contact the Office of Compliance Services at: [email protected]; or 310-794-6763 for assistance.

Thank you,

Derek H. Kang
Chief Compliance Officer for
UCLA Health System and
David Geffen School of Medicine
Office of Compliance Services

 

Privacy Advisory Notices

 

Office of Compliance Services - Patient Privacy Advisory Notice: How you can Protect Patient Privacy

Protecting Patient Privacy is Part of Patient Care

Protecting Patient Privacy means:

• You may access, use, and disclose a patient’s information only if it is necessary to perform your job duties; and
• You may access, use, and disclose only the minimum amount of patient information necessary.

You may access, use, and disclose PHI in order to carry out your work duties for the purpose of:

• Patient Treatment – (e.g. being part of a patient’s care team, registering a patient, or taking a patient’s vitals)
• Payment and Billing Services
• Health Care Operations – (e.g. teaching, quality assessment activities, internal auditing)

You must not access a patient’s medical record in CareConnect, or other sources where patient information is stored, without a work related reason.

You must not use, discuss, or disclose a patient’s medical information without a work related reason.

Thank you all for your continued commitment to protecting patient privacy.

Derek H. Kang
Chief Compliance Officer for
UCLA Health System and
David Geffen School of Medicine
Office of Compliance Services