The EudraVigilance (EV) Gateway is a single, common electronic regulatory submission environment. Regulatory submissions can be sent and received in a fully automated and secure way, including all aspects of privacy, authentication, integrity and non-repudiation of all transactions in pharmacovigilance.
The EV Gateway allows pharmaceutical companies and sponsors of clinical trials to report to a common reporting point within the European Economic Area (EEA) from where the transactions are re-routed to the addressed national competent authorities and the European Medicines Agency (EMA). It provides national competent authorities with a secure reporting mechanism to companies, sponsors and to us.
The EV Gateway follows the ICH M2 Gateway Recommendation for the Electronic Transfer of Regulatory Information (ESTRI-Gateway). Companies and sponsors are responsible for implementing at least one of the multiple ESTRI standards in order to ensure electronic communication with any regulatory authority.
What are the advantages of the EV Gateway?
- standardises secure data transmission between us, national competent authorities, companies and sponsors in the EEA
- eliminates data transcription errors
- accelerates the communication for expedited safety reporting
- reduces the paper processing burden/cost for national competent authorities, companies and sponsors in the EEA
- complies with international standards and open technology solutions
How do I connect to the EV Gateway?
The EV Gateway is providing a single point of contact between companies and sponsors as well as national competent authorities in the EEA. It is considered a hub and the connections for the companies, sponsors and national competent authorities in the EEA are known as spokes. Safety and acknowledgement messages are routed through the hub to the desired spoke.
The simplicity of this design allows for the secure transmission of all safety and acknowledgement messages to every participant without the expense and complexity that would be needed to establish a connection between each and every endpoint. The process of establishing the connection requires several steps:
- Step 1: Document transport choice
The EV Gateway supports all popular forms of transport. The most popular form is EDIINT – AS1 or email, followed by AS2 or http and https and FTP. - Step 2: Exchange profile information
In order to use the EV Gateway for secure document exchange you must provide us with the necessary information in order to create a profile. We will in turn provide the same information to you so that you can create a profile on your system. This information consists of name and address, contact person, and transport details. This information exchange can take place using email. - Step 3: Exchange public keys for encryption
The EV Gateway uses a combination of public/private key encryption, which is also known as asymmetric encryption and symmetric key encryption. This hybrid system uses the best characteristics of each method and minimises the shortcomings of each. It follows the widely adopted S/MIME standard for securing messages.
The EV Gateway uses Triple DES encryption and requests that you select a 1024 bit or higher key length to provide enhanced security. - Step 4: Test the connection
When a successful connection has been established, safety and acknowledgement messages, as well as medicinal product report messages, can be transferred between each party in the program. This is accomplished by sending an encrypted safety or acknowledgement message to the EV Gateway, where it is unencrypted, checked for basic accuracy, then re-encrypted and sent to the ultimate destination.A list of appropriate registered parties is maintained and distributed by us. It can be also accessed by registered users in the restricted area of the EV website. Safety, acknowledgement and medicinal product report message exchange can only take place between registered parties.
During the testing procedure, a series of XML files are sent to the EV test environment with paper reports in parallel to assure the correctness of the XML files and compliance with the requested specifications: syntax, field lengths, minimum information and data coding against ICH E2B (R2) and ICH M1 and M2 standard terminology.
This will also allow comparison of the submitted data and ensure quality assurance and data consistency. The successful completion of the testing between us and the EDI partner will be certified by us so that the EDI partner can move into production pilot. The currently established regulatory reporting mechanism will remain unaffected during the test phase. Details of the 10-sample case can be found in annex 5 of the relevant guideline. This step of the testing is applicable for the testing of all EDI partners with us. Other EDI partners may decide to follow the same process.
How are messages exchanged with the EV Gateway?
Before you can exchange individual case safety reports (ICSRs) and suspected unexpected serious adverse reactions (SUSARs), you need to create ICH M2 compliant safety messages that may contain one or more ICSRs. While there can be any number of ICSRs within a message, all of them must be for a single receiver. The message should not exceed two megabytes in size.
To acknowledge the receipt of a safety or medicinal product report message, the receiver must generate an acknowledgement message in the ICH M2 format.
In order to transport a safety or acknowledgement message to the correct receiver, you need to correctly specify the message sender identifier (ICH DTD version 2.1 M.1.5) and the message receiver identifier (ICH DTD version 2.1 M.1.6). The EV Gateway reads the sender and receiver information specified in the safety, acknowledgement or medicinal product report messages and routes the message to the appropriate receiver.
The message sender identifier (ICH DTD version 2.1 M.1.5) must be the sender's own profile ID and must be identical to the company's, sponsor's or national competent authority's name in each safety report attached to the safety message.
Both the message sender identifier (ICH DTD version 2.1 M.1.5) and the message receiver identifier (ICH DTD version 2.1 M.1.6) must correspond with the organisation identifier list maintained by us. Only those parties that are registered with us are able to exchange safety messages either with us or other registered parties (EV community).
Possible partners are pharmaceutical companies, sponsors of clinical trials and national competent authorities in the EEA.
There are three possible ways of exchanging safety, acknowledgement and medicinal product report messages between registered pharmacovigilance parties in the EEA:
- Using an ESTRI gateway
A tool providing a fully automated way to exchange safety and acknowledgement messages e.g. between the locally established pharmacovigilance system of a company and the pharmacovigilance system of a partner of the EV community. - Using the web trader component of EVWEB
An integrated component of the EV Gateway that is made available by us to registered parties that do not have their own ESTRI Gateway established, providing a way to securely exchange safety and acknowledgement and medicinal product report messages in a semi-automatic way. - Message posting function of EVWEB
A tool providing a semi-automatic way to upload safety, acknowledgement and medicinal product report messages, that have been generated by the sender using his local pharmacovigilance system, to the EV Gateway from where the messages will be re-routed to the specified receiver.
Possible communication scenarios inside the EV community
Reporting to EMA
Companies, sponsors and national competent authorities in the EEA send for example safety messages to our EV Database Management System (DBMS). The EV Database Management System (DBMS) returns an acknowledgement message to the original sender.
Re-routing via EMA
Companies applicants and sponsors can send a safety message to the EV Gateway from where the safety message is re-routed to the national competent authority specified as the receiver in the message. The acknowledgement message generated by the receiving national competent authority is re-routed via the EV Gateway to the sender of the original safety message.
National competent authorities can send safety messages to the EV Gateway from where the safety message is re-routed to companies or sponsors specified as the receiver in the message. The acknowledgement message generated by the receiving company or sponsor is re-routed via the EV Gateway to the sender of the original safety message
Contact
For support in connecting to the EV Gateway, contact EMA EV Gateway administrator at:
Help Desk
tel: 44 (0) 20 7523 7523
email: gatewaysupport(at)ema.europa.eu