Data retention is a critical aspect of regulatory compliance, ethical accountability, and operational continuity in clinical research. Research sites using DecenTrialz must ensure that all data collected, generated, and stored during the course of trial recruitment and pre-screening is retained in accordance with applicable laws, institutional policies, and sponsor agreements.

This section outlines the default data retention policies on the DecenTrialz platform, site-level responsibilities, and key considerations under HIPAA.

What Is Data Retention in the Context of Clinical Trials?

Data retention refers to the duration for which clinical trial-related data, including participant screening records, communication logs, audit trails, and regulatory documentation, is securely stored and made accessible for verification, monitoring, or inspection.

Even though DecenTrialz only handles pre-screening and referral activities, records generated during this phase are subject to the same ethical and regulatory scrutiny as those generated during the full study lifecycle.

Platform-Level Data Retention Policies (DecenTrialz)

By default, DecenTrialz maintains a minimum data retention period of 6 years, consistent with HIPAA regulations.

Data stored includes:

• Pre-screener responses
• Eligibility outcomes (without PHI unless consented)
• Communication records with participants
• Audit logs of site activity
• Referral timestamps and status history
• Site user access records

All retained data is:

• Encrypted at rest and in transit
• Time-stamped and version-controlled
• Hosted on secure U.S.-based servers compliant with HIPAA and 21 CFR Part 11

No participant-identifiable data is retained beyond the referral stage unless explicitly consented and governed by the research site’s own data handling protocol.

Site-Level Responsibilities for Retention

Although DecenTrialz enforces foundational data retention standards, research sites are ultimately responsible for aligning retention practices with:

• Local IRB or EC (Ethics Committee) policies
• Institutional SOPs
• Sponsor contracts
• National data protection laws (e.g., HIPAA in the United States, GDPR if operating cross-border)

You must ensure that:

• Required study logs and reports are downloaded and archived before trial closure
• PI (Principal Investigator) oversight is maintained for long-term document custody
• Participant communication notes and eligibility status history are preserved in case of audits

Sites may export DecenTrialz-generated data to their internal systems using the “Download Record Archive” feature prior to trial archival.

Retention of Consent-Related Records

Even during the pre-screening stage, some communications (such as expressions of interest or voluntary opt-ins) may constitute limited informed consent records. These must also be retained for a minimum of 6 years, or longer if your IRB or sponsor requires.

If your site collects any additional documentation from participants outside of the DecenTrialz system (e.g., handwritten notes, phone transcripts), retention of those records must also follow institutional policy.

Data Destruction After Retention Period

At the end of the applicable retention period:

• DecenTrialz will notify site administrators prior to scheduled data archiving or destruction
• Sites may request extended retention or secure export for permanent archiving

Sites must not delete any data prematurely without written authorization from the sponsor and/or IRB.

Key Note: Maintaining accurate, secure, and complete data records is an ethical obligation and a legal requirement. Failure to retain data for the appropriate duration can lead to regulatory penalties, audit deficiencies, or even trial invalidation. Always confirm your site’s retention policy with your IRB or institution’s research office and document all retention-related decisions for audit readiness.