As a CRA, one of my main duties is to maintain data integrity at research sites. The vast majority of the sites I work with are upstanding professionals, who would never commit fraud, but I do hear my fair share of horror stories from both sites and CRAs-- from stories of forged PI signatures to coordinators submitting their own blood as patient samples.
But I had one horror story I'll never forget.
It happened fairly early in my career as a CRA. The site was selected to work on two related protocols by the CRO I worked for and the plan was to conduct two separate SIVs (Site Initiation Visits). I traveled with a senior CRA for the first SIV and then the following week we returned, with me conducting the second SIV and her observing.
The first SIV went well. The PI (Principal Investigator) and CRC (Clinical Research Coordinator) were very experienced and had a long working history. They showed a good grasp of the protocol, had everything we needed for the SIV already prepared, and thought they could beat their enrollment target. Enrollment was painfully slow for this study, so we left excited to have them onboard.
Two days later I called the site to confirm our visit for the following week. The back up clinical research coordinator answered and told me they had already enrolled 2 patients in the protocol. He then told me that unfortunately the main coordinator had quit and that he would now serve as the new primary coordinator.
First hurdle for me-- but not to worry, as I had completed the month-long internal training with the CRO and knew just how to handle the situation. I informed the new primary CRC not to enroll any new patients and that when I arrive the following week I would train him, and the new back-up coordinator, on both protocols. I asked him if he had everything he needed and he told me that he had everything except the regulatory binder for the 2nd protocol. The regulatory binder is 5 inches thick and their site only had 5 rooms, so I assumed he just hadn't looked for it yet.
I followed up with the coordinator the next day. This was when serious red flags started to show. The CRC informed me that he couldn't find the regulatory binder and that he believed the previous coordinator had stolen it out of spite.
CRA training did not cover this situation.
I reported the incident to my manager, who reported it upwards until it got to our Vice President. The message came down that if the site truly felt that is what happened then they should report it to the police, as there is proprietary information in the ISF for the sponsor.
I called the site back to tell them the instructions. That was a Friday.
The next day was Saturday and I was at a Pitt football game (go Panthers!) when I got a phone call from the prior coordinator. She was frantic because the site had threatened to call the police. She told me she didn't take the regulatory binder and that she quit because the site was committing massive fraud. Both patients they enrolled in the study were fabricated, and they were forcing her to fake the data. They used the doctor's wife's maiden name (per protocol family is not allowed) and the new back-up coordinator's name (per protocol staff not allowed). She also said neither person had the indication or was taking the required medication. She stated that the PI was swabbing toilet seats in an attempt to get positive cultures and was swabbing patients at the ER he worked at without consenting them. He was also not approved to see patients at the ER.
You don't have to be a Clinical Trials expert to see we had a serious problem on our hands. I informed the CRC that she was doing the right thing and that it would be in her best interest to provide me as many details as she could in writing. The coordinator sent me the email, and I forward it onto the study team. At this point, it was still her word against the site's, not yet rising to a presumptive case of fraud.
The next week, I went to the site with the senior CRA with a new plan of action. The senior CRA was going to train the staff, while I would make copies of everything they did in case they tried to destroy data.
On our way to the site, the senior CRA logged into Facebook and found someone who matched the PI's wife's name; her profile picture had her sitting on his lap.
When we arrived at the site, we saw even more disturbing evidence. The name of the other "patient" (the back-up clinical research coordinator) was etched into the glass of the entrance to the site. We hadn't even walked through the door and already the case made by the previous coordinator was looking spot on.
I started making copies of everything the site did, while the other CRA met with the newly promoted primary study coordinator. Things did not look good. Records were sloppy and incomplete, and lab kits were missing. When we asked the coordinator about the missing kits and incomplete records, he quickly blamed the previous coordinator.
His tone quickly changed when we asked to meet with the new backup coordinator (who had the same name as the other "patient"). His face turned red and he stated, "I have no idea who that is." We pointed out that her name was etched in the glass on the front door. He went into full panic mode. He stuttered something incomprehensible and dashed out of the room. At this point there wasn't any doubt left. We left the site with our copies without activating them on either protocol.
We reported our findings to our managers and scheduled a return visit for the following week, only this time with our Vice President accompanying us.
During our visit, we reviewed everything we found. The coordinator was shaky and on edge, but the PI didn't bat an eye; he simply blamed the previous coordinator for everything. Our VP had seen enough and we shut down the site for the study and put them on our DO NOT USE list. Shortly afterwards, for unrelated reasons, the study was terminated.
That is not where the story ends.
Fast forward. I was looking at a routine email correspondence on a new study when I noticed a familiar name on the "To" line. I looked more closely … and it was the same site. I looked up their staff… and it was the same PI and coordinator team.
I raised the issue with our QA department; because I was at a different employer, we did not have the definitive evidence we would have liked. But after many meetings, the CRO decided not to move forward with this particular site.
This story is a victory for clinical trials integrity, but it's a bigger battle. I know that for every site that gets caught doing fraudulent activities there are probably five out there that are still negatively affecting clinical trial data. Indeed, had the former coordinator not called me, and had the site not used the names they did, there is a good chance we would have not been able to ferret out the fraud.
More safeguards are needed to prevent stories like this from happening in the first place. My experience with fraud is one of the reasons I’m a strong advocate of the use of eSource and other technologies in clinical research, which have built-in data validation features. Clinical trials are crucial for advancements in life saving medications and devices. It is up to us, clinical research professionals, to provide accurate and complete data, for the greater good.
Takoda Roland (CCRA, CCRP), Founder of Philadelphia Pharmaceutical Research, is a clinical trials futurist. He has experiencing working in multiple clinical trials positions and is a member of the of the SOCRA (Society of Clinical Research Associates) and the ACRP (Association of Clinical Research Professionals). His experiences have enabled him to provide consulting services to multiple clinical research start ups.