SCRS Talks
SCRS Talks, hosted by the Society for Clinical Research Sites (SCRS), is a platform for clinical research industry professionals to hear about valuable information shaping the research industry today. These short interviews will provide new perspectives and insights on pressing topics, current events, and the research community.
SCRS Talks
AI at Your Site: Compliance and What It Takes
Use Left/Right to seek, Home/End to jump to start or end. Hold shift to jump forward or backward.
AI is moving fast, and research sites are feeling the pressure to keep up. But before diving in, there are some foundational questions every site should be asking. Jimmy sits down with Marc Wartenberger, VP of Compliance and Security at CRIO, to break down what a defensible AI validation approach actually looks like, why under-documentation is the most common compliance mistake sites are making right now, and what the January 2026 FDA and EMA joint guidance means for day-to-day site operations. If your site is anywhere on the AI journey, this one is worth your time.
Hello and welcome to SCRS talks provided by the Society for Clinical Research Sites. My name is Jimmy Bechtel and I'm the Chief Site Success Officer with the Society. Today, with us is. Marc Wartenberger, the Vice President of Compliance and Security with CRIO here to talk a little bit about how AI comes into the picture when we talk about regulation, compliance, security, and the like, really interesting topic. I'm sure everyone is anxious to hear about what. Is happening in this space. So we'll try to get as much in this, 15 minutes or so as we possibly can. But before we jump into the topic, Marc, I'd love to learn a little bit more about you and your background and maybe hear a little bit about CRIO.
Marc WartenbergerThank you, Jimmy. Thank you so much for having me. hello everyone. My name is Marc Martin Berger. as Jimmy mentioned, I am the head of compliance and security at CRIO. Many of you all know us, as an eSource company, for sites and sponsors, that provide eSource solutions, for sites around the world. And, my role as The head of compliance and quality, is also, tied in with the role of the data protection officer and, work closely with our EU clients to make sure that that data protection and privacy is, provided in a manner that meets all applicable regulations. been doing this now for, 15 years and, last four with CRIO and I'm really excited to be here and talk about AI and regulations.
Jimmy BechtelThat's great, Marc. And we're excited to have you as well. So, you joined us, down in Amsterdam, for the European Site Solutions Summit, which we know surfaced a lot of questions from the floor on AI in daily site operations. It really was, sort of a hot topic there. So from your perspective, what is the most important thing you think sites need to understand before they start operationalizing ai?
Marc WartenbergerThat's a great question. You know, a key thing for ai, especially as you are getting started on your AI journey, for sites as you're looking to implement. You know, AI tools is to first look for augmentation, of your site workflows and not an immediate replacement, right? I think, the, the true value that you can get out of an AI tool is to get some of those minutes and hours back in your workday and during your work week. So, you know, find and identify small wins early on. You can then scale, across your teams, across your departments to then, you know, truly get some meaningful, full value out of an AI tool. so don't, yeah, I would, I would say, you know, take the stairs, to go into the pool and don't jump in right away. I think you'll be much better served with, taking smaller steps and then see how to, how to best scale up.
Jimmy BechtelThat's great advice, Marc. I think the key thing there for me is the augmentation, right? we see and we hear about AI and everyone seems to be creating this hype around, don't be left out. Don't, you know, don't get behind with ai. And that probably tends to spark like, well, we gotta do it. We gotta figure it out. We gotta jump into ai, pour a bunch of money into it, invest in all these solutions. But really finding and taking a step back and finding ways to augment your work. I think with ai. Is probably a really valuable, first step. so that's, I think that's a great takeaway for our audience. When it comes to ai, Marc and validation sites tend to go one of two ways. They either stall out and they, you know, they get lost in the mix or they overbuild, like we kind of just alluded to, so. You know, when we talk about augmentation and, and taking those initial first steps, what does that simple defensible validation approach really look like when it's put into practice? And how do you know when you're at the right place, when you've kind of done enough?
Marc WartenbergerOne size does not fit. All right. This is the, this is the key takeaway here. And, as our, regulators always try to point out and emphasize is that, we have to take a risk based approach, right? This is emphasized in ICHA six R three. The latest, version that was released, this last year. So, first question would be what data? do I have in that particular AI tool? Right? And what decisions are being made or, what data is being used out of that tool to then make a decision, right? If it's not an automated decision tool, like for example, if a patient recruitment AI tool should be handled and evaluated and then qualified much differently than let's say an you know, adverse event. Know, assessment tool, right? Those are clearly two different things that carry two different risk profiles. And, any AI tool validation and, and documentation that you keep onsite, should be, through that risk based lens and approach.
Jimmy BechtelThat's a great suggestion, Marc. I think, yeah, approaching things from. And I, I guess I ob objectifying them around the, whether or not it's going to open me up to, or, or close the door or maybe prevent risk, I think is a really important perspective. And that's, a great way to. Really understand where I'm at, right? What do I need to do and how do these things ultimately affect, my practice? and Marc, you sit on the SCDM regulatory Council, which is an excellent place to be. And further speaking to your knowledge in this space. And they host regular town hall. So you're hearing from a lot of sites at once, most likely through these forums. Talk to us a little bit about what the most common AI compliance mistakes you are seeing right now.
Marc WartenbergerWow. Jimmy, how much time do we have? The biggest compliance mistake you can make is to under document what you are doing, right? And, it comes down to having a clear understanding of what the tool does. The AI tool does it, I'm calling it a tool because that's what it is, right? I, a hammer alone doesn't build a house. It takes a human, it takes nails or it takes, you know, like screwdrivers and screws, right? Like all these different things. AI is just one tool in your tool belt, right? And we should treat those tools as such. Under documenting is probably the the worst mistake one one can make. Right? And that's what really comes down to making sure you as an organization, whether it's a site, site network, sponsors, CROs, you need to have a clear AI strategy. Don't employ shadow ai, right? And then no one can just go on and you use their personal AI accounts on whatever tool you want to use, right? To all of a sudden, you know. Punch in patient data, right? That's not what we want to do. Right? identify a clear strategy and then use approved tools, right? Where you can then have, the proper documentation, on hand that, in case, in. Auditor, shows up at, you know, on your doorstep, that you can demonstrate that you've done your due diligence with an AI tool. and that's probably the one mistake I want to point out for everyone to avoid.
Jimmy BechtelIt's a really interesting point, Marc, because again, when we talk about compliance and regulation here, that it's, it really kind of does go back to, as you were alluding to the documentation and the compliance and just making sure that all your T's and i's are dotted and you're not, you're taking the time to understand how it's going to affect a process and potentially sensitive information before you're diving headfirst into something. I think that's, that's a part that we might miss. I wish ignorance could be bliss in our industry, but we all know that it's not. and approaching something like AI where we start to have such integration into our daily lives and potentially touching, again, sensitive information, it's so important that we take the time to understand the breadth of how that's going to be ingrained or implemented and what it's going to affect and touch before we get down the road too far. I wanna begin to wrap us up here, Marc. it's been great, conversation here with, a question around the January 2026, FDA and EMA joint guidance that came out, right as sites are trying to figure out how to move forward with ai. It's great to have these kinds of guidances and they do help us maybe directionally, but. What does it actually require of sites from a day-to-day, perspective?
Marc WartenbergerSure. it obviously reinforces the need for human oversight, in any clinical trial activities where AI is in play, right? You, we often hear the term of human in the loop, approach, and that human in the loop approach needs to stay in place. obviously it also emphasizes data governance and transparency and, We need to make sure that they also emphasize that you need to make sure that existing processes, regarding software including AI are, clearly and explicitly stated, consistent and auditable, right? So whatever you do, you need to be able to make sure to have the proper documentation and processes in place to back up your claim on how a tool is used.
Jimmy BechtelDocumentation. Documentation. Documentation. Right. I mean, it, it's kind of the age old adage for our industry and for the medical industry at large. but being able to, not only demonstrate that, but also, like you said, kind of prove or, or understand that you made the decision. Around these tools and their implementation in an educated way. and we didn't just, you know, kind of go out willy-nilly, buy a chat GPT license and start plugging a, a bunch of random information into it. and understanding the, the dos and don'ts because we know that, AI makes a lot of stuff up. And, if we. Implemented in the wrong place and we don't, effectively put the guardrails around what we're trying to do with it. Then we open ourselves up to a lot of potential challenges and problems. So, Marc, I I want to thank you for your time today with us and, you know, providing some insight into a few paths and a few maybe, takeaways and things to think about for the sites as they embark upon this journey and what this means for them. So again, thank you for being with us here today.
Marc WartenbergerThank you so much for having me. I really appreciate it.
Jimmy BechtelFor those that are listening, thanks again for tuning in. We want to, we look forward to continuing these discussions, highlighting other important pieces of information and paths, considerations, and, maybe gate checks for AI and innovation going forward. For more information on other site facing resources, be visit our website, myscrs.org Thanks again for listening, tuning in, and until next time.