Every deviation.
Inspection-ready.
Protocol Deviation Management Software
Deviation tracking, CAPA oversight and quality review — consolidated from EDC and site logs into one governed record.
The single, verifiable record of what happened, when, and who caught it — captured early, reviewed by role, and traceable to closure under 21 CFR Part 11.
Protocol deviations live in a dozen Excel logs
Every site keeps its own log. CRAs, CRO operations and the sponsor reconcile them by hand against the EDC export — weekly, biweekly, quarterly. It's slow, error-prone, and there is no single audit trail to put in front of an inspector.
Each site maintains a separate spreadsheet, in its own format, with no shared controlled vocabulary.
Teams aggregate and cross-check logs against the EDC export by hand, on three different cadences.
Status changes sit in meeting minutes. The data can't be queried without manual compilation.
One governed record for every protocol deviation
Vera Deviate takes in your EDC export and your existing per-site logs, applies the review workflow, holds a tamper-evident audit trail, and serves every report and query live. Every deviation records who caught it — the site, the CRA, the sponsor, or the EDC itself — so the source of each finding is part of the record, not someone's memory. The spreadsheets and the manual reconciliation are retired; Vera becomes the single system of record.
Ingests the EDC audit-trail export, takes in existing per-site Excel logs, and lets CRAs log deviations directly — all into one record, no re-keying.
Site, CRA, CRO operations and sponsor each see exactly their scope, enforced server-side.
Every create, edit, status change and import is written to an append-only log with actor, reason and before/after values.
Meeting agendas, escalation views and the quarterly summary generate on demand — not by hand.
Four review stages, one system
Vera Deviate supports the full deviation-management workflow natively — no switching between Excel, the EDC and the issue tracker.
The site logs the deviation in the EDC; Vera ingests it on import. The CRA can also log directly when a site has no EDC access.
The Vera dashboard is the meeting agenda — open deviations, escalations and ageing. Changes are captured live in the audit trail.
Escalated deviations surface alongside their CAPA reference, linked to your issue/CAPA tool. Reviewed by role on a biweekly cadence.
The summary report — counts by site, country, category, grade, status and ageing, with quarter-on-quarter trend — generates on demand.
Manual reconciliation vs. Vera Deviate
- One Excel log per site, in different formats
- Hand reconciliation against the EDC, three cadences
- Status history scattered across meeting minutes
- Inspection prep is a manual scramble
- One governed record across all sites
- EDC ingested automatically; no re-keying
- Tamper-evident audit trail, every change captured
- Reports — and inspection readiness — on demand
Built for 21 CFR Part 11 and GDPR
Compliance is designed in, not bolted on — so the record holds up when an inspector asks to see it.
Append-only log; every privileged action carries a typed reason and timestamp in UTC.
Close-out, reopen and void require e-signature with re-authentication.
Site-scoped data segregation enforced server-side; participant identifiers minimised from the sponsor view.
All data hosted in the EU. Data-processing agreement provided to sponsors.
In production, not in a slide deck
Reference deployment and study details available under NDA.
Part of the Bionabu system
Vera Deviate is the downstream layer. Upstream, PrepStoriesAI prepares the patient; in the middle, Vera Content governs what they read. Same standard, end to end.
Book a walkthrough.
We'll map one of your studies to Vera Deviate and tell you whether it fits. If it doesn't, we'll tell you that too.
Book a walkthrough →