Clinical Supply APIs: Myths and Realities

In talking to industry experts, one of the most common topics of conversation, and areas of confusion, are APIs. Indeed, a software’s API can make or break the efficiency of a clinical trial. Today, we delve into the significance of having a complete and open API in our Randomization and Trial Supply Management software.

What is a modern API?

An API (application programming interface) is a software feature that enables a customer to push and pull data to and from software via other computers - as opposed to humans needing to accomplish this using the UI. The API is typically used in concert with, rather than instead of, the user interface. Human users will interact with the software’s UI, while other systems will be pushing, pulling, synching, and doing other operations on data behind the scenes.

A modern API has several capabilities. The gold standard for a modern API is a well-documented REST interface. It might also include webhook capabilities.

This is used to perform foundational activities such as reading data that’s in the system, or pushing new records into the system which will then appear in the UI. Some other, more advanced, but useful capabilities, include features such as webhooks, which can provide a notification that something has happened (like a new study participant being enrolled). This can trigger other software to ask for more information via the REST API.

One of the most important elements of a modern API is not the software itself, but its documentation. Complete, easily understandable, and up-to-date documentation is absolutely essential for the API to be useful. Great documentation allows your company’s software engineers or IT team to effortlessly get systems talking to each other. But without it, projects are likely doomed to frustration and failure.

(Talk about bad API options here) - SOAP, CSV exports, FTP, TCP ???

Why is an API so important?

In a clinical trial, the journey of a participant’s data often starts at screening and randomization, often in an RTSM. Data typically originates with a clinical trial coordinator entering a participant’s name, date of birth, screening attributes, and any information used for stratification into the RTSM. Using this information, the RTSM can randomize the participant while ensuring properly balanced treatment arms.

At this moment, several other systems should become aware of the participant. Probably the most notable of these is the EDC. How does this happen? Ideally, the RTSM automatically pushes the participant’s data into the EDC without manual entry by study staff. This is where the API comes into action. Bluefin’s RTSM fires a webhook which is received by the EDC or an intermediate system, which tells that system to pull the new data from Bluefin’s REST API and push it to the EDC.

Integrating an RTSM and EDC isn’t the use for a modern API. The RTSM should also be able to integrate with your depot and labs to automate the movement and tracking of study drugs and supplies. And the API will allow you to pull any information you desire into BI tools, data warehouses or lakes, or any other systems used for reporting, analysis and optimization.

In a world where skilled and talented people are increasingly hard to find, automation is the answer. And automation comes with the added benefit of reducing errors due to inaccurate manual double entry.

Is an open API secure and compatible with strict industry regulations?

A common misconception is that many companies cannot offer modern, open APIs with their software because of the stringent security and privacy requirements in healthcare. This could not be further from the truth. We’ve heard this argument propagated by companies whose products are missing a modern API - because they know the cost and time it will take them to catch up is setting them back in the market.

In fact, an API is arguably more secure and private than the user interface (UI). Modern APIs follow stringent security protocols and respect the same permissions as the UI. Just like the UI, an API user has permission to view only what the system administrator designates. Only properly permissioned users can connect to it. All data is encrypted and impossible for the wrong people to read while it’s in transit. Contrast this with a UI, which can be viewed by anyone who’s in the same room - even people who are not the logged-in user.

The more you can automate using modern security practices and APIs, the more secure your clinical trial will be.

Does your RTSM have a modern API?

Does your RTSM system have a modern API that allows seamless integration with all your systems? Do your vendors hold open exchange of data - even with their competitors - as a core value?

If not, take a look at Bluefin. We offer modern clinical trials software, starting with the RTSM. Openness is one of our core values, because it’s what’s right for our customers and it moves the whole industry forward. Our complete, fully documented, and modern API is an outward expression of that. We can’t wait to talk about how we can help with your RTSM needs.