Are we breaking the law by using Excel in medical R&D ?

February 12, 2017
.  written by 
Jón I.

We all know Microsoft’s Excel. It’s a fantastic software tool used by many for different aspects of data analysis and calculation. Although, a whole lot of tasks that can be accomplished by using Excel, there is a need to use industry-focused software solutions to generate quality data.

Do we notice the errors?

In medical research and development, I have personally seen many examples of Excel being used as the primary medium for data collection. Thus, many have gotten used to creating ‘table based’ data sheets for their studies, tests, or research projects – whether it’s public, private, or development driven. These excel sheets can span from 1X10 to 10000x100 cells in size, and store large amounts of sensitive personal information along with both qualitative and quantitative data. The problem with large sheets is that cells and data can easily be corrupted or even deleted when working in an active document. Who hasn’t accidentally pressed enter, backspace, or any other button while having an active document open? Well, I have. In many cases, this has still worked out OK Or do we even notice? There are serious risks involved when it comes to data quality and project outcomes.

Are you ready for the GDPR?

What worries me is that with the new GDPR (General Data Protection Regulation) we might be involved in a different type of risk as well – in regards to security of data and private identifiable information. Risking non-compliance with the new GDPR can cost businesses millions of €. This fact alone should already raise many eyebrows. We are however seeing cases in countries like Switzerland, where authorities are starting to ban the use of tools such as Excel to collect data for clinical trials and medical research and development. Simply because the risk of manipulating data is too high, along with the fact that controlling access to PII withheld within these documents, and other sensitive information cannot be ensured well enough. I believe, that when the new GDPR will be fully forced into action by May next year, other countries will follow as well. Are you interested in learning how SMART-TRIAL could benefit your organization? Let's have a chat, and allow us to share various case-stories, to see if you can relate.