GCP ICH E6(R3): digital evidence in decentralized clinical trials
Clinical trials are no longer confined to the hospital ward. Patients record symptoms on their phones, wearables stream vitals around the clock, and study visits happen over video from a kitchen table. This shift toward decentralised, digital-first research has sped up recruitment and produced far richer data, but it has also moved the point where data is born far away from the controlled environment of a clinical site.
With the adoption of ICH E6(R3), the reliability of that remotely generated data is no longer a footnote. Good clinical practice in 2026 makes data integrity an explicit, principle-level expectation, and it openly acknowledges that source data may originate from a participant's device rather than a site computer. The question for sponsors and sites becomes practical: how do you guarantee that digital evidence captured outside your walls is integral, attributable and verifiable enough to survive an inspection?
The answer is to treat each remote data point as forensic evidence from the moment it is created, certifying its origin and integrity at the source rather than reconstructing trust after the fact. That is the thesis of this insight, and it builds directly on the regulatory groundwork covered in our FDA 21 CFR Part 11 checklist for trials.
This insight is part of our guide: 21 CFR Part 11 and digital evidence in trials
What changes with ICH E6(R3) versus E6(R2)
E6(R3) is the most substantial rewrite of good clinical practice since 2016. The ICH adopted the final Step 4 version on 6 January 2025, and in the EU the General Principles and Annex 1 came into effect on 23 July 2025. Where E6(R2) layered new expectations onto an existing checklist, E6(R3) restructures the guideline around a General Principles document plus Annex 1 for traditional interventional trials. A second annex covering non-traditional designs, including decentralised trials, is expected to follow after public consultation. The result is a guideline written for how research actually happens now, not how it happened a decade ago.
Five shifts matter most. First, quality moves from box-ticking to a risk-based, quality-by-design model, where sponsors build reliability into the trial rather than auditing it in afterwards. Second, data integrity is reinforced around the ALCOA+ attributes, with explicit focus on the reliability of and confidence in trial results. Third, sponsors carry greater accountability for third-party technology vendors. Fourth, informed consent is updated to cover electronic and remote contexts. Fifth, safety surveillance is expected to be more timely. Taken together, the centre of gravity moves toward demonstrable, defensible data.
Decentralised trials enter the standard
The most consequential change for digital evidence is that E6(R3) explicitly recognises decentralised clinical trials. The guideline accepts that source data may originate from electronic health records, wearables and ePRO or eCOA platforms, and it treats elements such as timestamps and device identification as part of a credible audit trail. In a traditional trial, a monitor could compare a case report form against a source document held at the site. In a decentralised trial, the source is a stream of readings from a patient's wrist, and there may be no paper original at all. The standard now expects you to prove the provenance of that stream.
This is exactly the scenario where source data verification gets harder. When a monitor can no longer physically inspect the original, the integrity of the digital capture has to carry the evidentiary weight that a site visit used to provide.
ALCOA+ and data integrity as an explicit requirement
ALCOA+ is the framework E6(R3) leans on to make integrity concrete. Originating with the FDA and adopted by the FDA, EMA and WHO, it defines nine attributes that trustworthy data must satisfy: Attributable, Legible, Contemporaneous, Original, Accurate, Complete, Consistent, Enduring and Available. The extended ALCOA++ adds Traceable, the ability to follow the full provenance of every change. These are not abstractions. Each attribute maps to a question an inspector can ask of a single data point.
In a decentralised setting, the hardest attributes to evidence are Original, Contemporaneous and Attributable. Was this the first, unaltered capture? Was it recorded at the time of the event, not entered later? Can you show who or what produced it, when, and from which device? Without a deliberate mechanism, a reading that travels from a wearable through an app to a database accumulates handoffs, and each handoff is a place where Original quietly becomes a copy of a copy. ALCOA+ as an explicit requirement means those gaps now have to be closed by design, not explained away during an audit.
Digital evidence in decentralised trials: remote data quality
Remote data quality is, at heart, an evidentiary problem. The reliability E6(R3) asks for depends on being able to demonstrate, for any given data point, where it came from, that it has not changed, and exactly when it was captured. That demonstration is the same discipline used for court-ready digital evidence: provenance, integrity and a verifiable point in time. Treating trial data this way is what turns a remote reading into defensible evidence rather than an unverified number.
Data from patient devices, wearables and apps
Patient-generated data is the defining feature of decentralised research and its biggest integrity challenge. A continuous glucose monitor, an ePRO questionnaire completed at home, a video consultation, a photograph of a self-administered injection site: each is source data, yet none of it is born inside a validated site environment. The data crosses consumer devices, networks and third-party platforms before it reaches the sponsor. Every step is an opportunity for loss, duplication or alteration, whether accidental or deliberate.
The forensic answer is to fix the evidence as close to its origin as possible. Capturing the reading, the screenshot or the recording at the source, before it can be edited or re-saved, preserves the Original and Accurate attributes that matter most. The same principle underpins reliable forensic acquisition of online content, where waiting even minutes can mean the difference between defensible evidence and a number nobody can stand behind.
Timestamp, hash and unique data identification
Three technical controls do most of the work in proving remote data integrity. A qualified timestamp answers Contemporaneous: it binds the data to an officially recognised moment in time that cannot be back-dated. A cryptographic hash, typically SHA-256, answers Original: it produces a fixed fingerprint of the data so that any later alteration, even a single changed pixel or character, is immediately detectable. Unique data identification answers Attributable and Traceable: it ties the record to its originating device and session so the chain can be reconstructed end to end.
| ALCOA+ attribute | DCT integrity question | Technical control |
|---|---|---|
| Original | Is this the first, unaltered capture? | SHA-256 hash at the source |
| Contemporaneous | Was it recorded at the time of the event? | Qualified timestamp |
| Attributable | Who or what produced it, and from where? | Unique device and session identification |
| Traceable | Can every change be followed? | Certified audit trail |
These controls are the same ones that anchor recognised standards for handling digital evidence, including ISO/IEC 27037 for digital evidence. Bringing that forensic rigour into a trial workflow is what lets a sponsor answer an inspector's questions with proof rather than assurances.
Third-party technology vendors and sponsor responsibility
E6(R3) is explicit that sponsors remain accountable for the data even when the technology belongs to someone else. The guideline draws a useful line: a vendor's tool must be fit for purpose, but it is not necessarily GCP-compliant on its own. A wearable manufacturer optimises for consumer accuracy, not for evidentiary integrity. An ePRO platform may be validated for usability without producing a tamper-evident record. The accountability for closing that gap sits with the sponsor.
This is why integrity controls cannot be assumed to come bundled with the device or the app. A sponsor needs an independent, verifiable layer that certifies the data regardless of which vendor produced it, so that the evidentiary chain does not depend on any single supplier's good behaviour. That independence is also what keeps the data defensible if a vendor relationship ends or a platform is retired mid-study.
How TrueScreen strengthens ALCOA+ integrity at the source
TrueScreen is the Data Authenticity Platform that protects, verifies and certifies data authenticity, enabling faster, reliable, fraud-proof and compliant critical workflows. In a decentralised trial, it adds the independent integrity layer that ALCOA+ now demands, applied at the moment data is captured rather than reconstructed later. The approach is forensic: acquisition at the source in a controlled environment, verification of what was captured, certification with legal value, and secure preservation.
The platform maps cleanly onto the attributes E6(R3) prioritises. Acquisition at the source preserves the Original and Accurate state of a reading or screenshot before any AI, person or software can alter it. A qualified timestamp gives the Contemporaneous proof that the capture happened when it claims to. A SHA-256 hash locks the fingerprint of the data so any later change is detectable. A certified audit trail records every step from capture to storage, supporting Complete, Consistent, Enduring, Available and the Traceable attribute of ALCOA++. The result is an internationally recognised, incontestable digital seal that gives the captured evidence legal value, building on the broader discipline of Digital Provenance.
Because certification is available through an API, it can run at the point of capture inside the patient's environment rather than as a manual afterthought, and it is content-agnostic: an eCOA screenshot, an eConsent recording, a telemedicine consultation or a remote monitoring file can all be sealed the same way. For organisations in the healthcare and pharma sector, that means a single, vendor-independent way to make remote trial data defensible. Consider a sponsor running a cardiology study where patients submit daily ECG strips from a home device: certifying each upload at the source turns a stream of unverified files into a body of evidence a monitor can verify without ever seeing the original device.
