Tip of the Month
Monthly research compliance reminders and information.
Explore our Tip of the Month Archive below
November 2024
Prior & Concomitant Medication Documentation 
Current and prior medications should be documented and reviewed by the Principal Investigator (PI) or delegated Sub-Investigator(Sub-I) priorto enrollment/administration of study intervention andmaintained for the duration of the study to prevent potential interactions with study intervention and help identify eligibility exclusion medications or required medication washout periods.
October 2024
Elevate Your Research with a Self-Assessment Review
What is a Self-Assessment Review?
- A Self-Assessment Reviewis a tool provided by the OQC to assist investigators and
research teams conducting research. A self assessment may be initiated by one of the
following methods:
- Voluntarily created or at the request of a member of the research team
- Selection by the OQC to participate
- Required by the OQC in conjunction with, or because of, a separate OQC review/assessment
How is it done?
- Once a Self-Assessment is completed by the research team and submitted, the OQC will contact the PI and research team to schedule a meeting to review the Self-Assessment, discuss any findings, and provide recommendations and resources for the team. A link to the checklist is provided in the section header.
How do I request a Self-Assessment Review?
- An investigator or researcher can request a self-assessment through the IRB’s online application system,ERICA.
September 2024
Common Informed Consent Form (ICF) FDA Inspection Observations (FDA 483)
During an FDA inspection, inadequate participant protections noted during review of the ICFs could lead to an FDA 483 being issued. These notice of inspection observations may indicate non-compliance with FDA regulations.
August 2024
Protocol Deviations
A protocol deviation is ANY departure from the defined procedures and treatment plans
outlined in the protocol version or application version submitted and approved by
the IRB.
Deviations are generally unplanned and/or unintentional events that require review
and documentation from the Principal Investigator (PI).
Examples of Protocol Deviations
Performance of an unapproved research procedure
Failure to adhere to inclusion/exclusion criteria
Failure to consent on the most current, IRB approved ICF, PPF, Assent version found in ERICA
Incorrect or missed research lab assessment or procedure
Participant visits missed or outside permissible windows outlined in the approved IRB research protocol
Participant non-compliance with research requirements
Use of prohibited medications
Incorrect investigational drug dosing, administration or missed dose
July 2024
ClinicalTrials.gov Compliance Reminders
When clinical trial registration information should be submitted to ClinicalTrials.gov as required by 42 CFR Part 11.
Registration
Applicable Clinical Trials (ACTs)* and NIH funded trials are required toregisteronClinicalTrials.gov within 21 days of enrollment of the first subject.
i.e., date of when the 1st participant signs a study consent form.
Updates
An active study record should be updated at least every 12 months, or within 30 calendar days of a change to protocol information, including recruitment status or primary completion date.
Even if nothing has changed in the study, the record requires yearly review and approval.
Results Reporting
Study results of ACT studies (42 CRF 11) and/or NIH-supported clinical trials are required to be reported no later than one year after the primary completion date.
The date on which the last participant in a clinical study was examined or received an intervention to collect final data for the primary outcome measure. Whether the clinical study ended according to the protocol or was terminated does not affect this date.
* An ACT refers to a trial involving drugs, biologics, or devices that must be registered and have results posted on ClinicalTrials.gov. The criteria defining an ACT are outlined here: ClinicalTrials.Gov ACT Checklist.pdf
If you need assistance with ClinicalTrials.gov registration or results reporting, please contact the University’s ClinicalTrials.gov administrators at OQC@utah.edu
Tips and Reminders: Adverse Event Reporting
Not all adverse events will constitute unanticipated problems (UP) that require reporting to the University of Utah IRB. To be considered reportable, the event must be unexpectedANDrelatedAND present a greater risk of harm to the participant. See below for more details!
Unexpected
- Was the event unexpected from either participant perspective or the study team perspective?
- Was the event unforeseen in terms of nature, severity, frequency, etc.?
- Was the risk NOT listed in the consent form?
STOP
If the AE was expected, it does not need to be reported to the IRB, but may still need to be reported to the sponsor or other applicable agencies
Related
- “Related” means attributable to procedures of the research i.e., if the participant was not in the study, could this event have occurred because of other factors?
- If an event is deemed only “possibly” related to the research, it does not typically qualify as an UP.
- If there is not enough info to attribute relatedness to the research, the event likely does not meet the U of U IRB’s reporting threshold. If future information about the event is discovered, a report form may be necessary at that time.
STOP
If the AE was unrelated, it does not need to be reported to the IRB, but may still need to be reported to the sponsor or other applicable agencies
Greater Risk of Harm
- This may include physical, psychological, economic, or social harm, etc.
- Please consider whether the consent form is being updated with a new risk. If so, it is likely participants are placed at a greater risk of harm because of the event.
STOP
If the AE does not pose a greater risk of harm previously known, it does not need to be reported to the IRB, but may still need to be reported to the sponsor or other applicable agencies
If all three criteria above are met, the adverse event may represent a possible unanticipated problem and reported promptly to the IRB using the Report Form application in ERICA.
Elements of ALCOA+ for Data Integrity
Breaches of Confidentiality
Investigators are responsible for the confidentiality of participant information collected
during a study,
including how this information will be stored and shared.
Immediately contact the applicable Privacy Office(s) and Institutional Official(s) if the breach involves PHI
Examples of data breaches include, but are not limited to, the following:
Lost or stolen laptops storing participant information
Lost or stolen USB/thumb drives with unencrypted participant information
Accessing PHI without a business need to know
Any unencrypted PHI sent outside of the University Health Sciences
Faxes with PHI sent to the wrong fax machine outside of the University Health Sciences network
Paper with PHI not disposed of properly -i.e., shredded
Information delivered to the wrong participant using the postal service, courier, or other delivery method
All lab, imaging, and diagnostic report results should be assessed in a timely manner by the Principal Investigator or Sub Investigator listed on the FDA 1572 form. If applicable, the PI can delegate the responsibility to medically qualified Sub-I(s) on the Delegation of Authority Log.
Out-of-range values and/or abnormalities should be assessed and indicated to be Clinically Significant (CS) or Not Clinically Significant (NCS). The PI or Sub-I should sign and date each assessment.
Any results deemed Clinically Significant (CS) should be assessed for potential Adverse Event’s (AE) and if applicable, added to the participant’s medical history.
Under ICH GCP E6 (R2), PI’s are required to demonstrate oversight of a clinical trial. The review and assessment of lab and test results is one way to demonstrate PI oversight.
The following basic elements of informed consent are described in the Common Rule, FDA, and International Conference on Harmonization (ICH).
Is there a statement that the study involves research and an explanation of the purposes of the research?
Is the expected duration of participation stated?
Is there a description of the procedures to be followed including the identification of any procedures that are experimental?
Is there a description of any foreseeable risks or discomforts to the participant?
Is there a description of any benefits to the participants or others?
Is there a disclosure of any alternative procedures or courses of treatment?
Is there a statement describing the confidentiality of records?
For research involving more than minimal risk, is there a statement about what options are available if injury to the participant occurs?
Is the necessary contact information provided?
Is there a statement that participation is voluntary?
Is there a statement that individuals may refuse to participate or discontinue participation without penalty or loss of benefits?
Is there a statement about the collection of identifiable private information or identifiable biospecimens?
Additional elements of informed consent necessary under other regulations, such as Veterans Health Administration (VHA), Department of Defense (DoD), or HIPAA will have an additional checklist.
Single IRB (sIRB) Protocol & Consent Versions
The single or central IRB model is used to allow multiple institutions performing
the same protocol to use the same IRB, for consistency in the execution of the study.
The University of Utah IRB may act as the sIRB, but another institution’s IRB may
serve as the IRB of record depending on the study.
After approval of amended sIRB protocols & consents, it is recommended to track and review the following:
- It is recommended to track dates of sIRB approval, version date(s) of amended protocols and consents, and dates received at our site to ensure the most up-to-date versions are being utilized
- Does the sIRB require re-consent from participants?
- Does the approved amended protocol/consent require local IRB submission/approval?
- Local IRB submission guidelines can include, but are not limited to:
- Updates to Conflict of Interest (COI) management plans for investigators with an active COI
- Addition of a pediatric population to a trial
- Changes that require review from another University group (RDRC, CTSI, HCI, PCH, etc.)
- If unsure whether an sIRB-approved amendment needs to be submitted locally, please contact the IRB at irb@hsc.utah.edu
UUSOP-07: Deviations and Reporting
An updated version of UUSOP-07: Deviations - Documentation and Reporting will
be released in December 2023 for immediate implementation.
The FDA has recently been observed to issue 483 letters to investigators that have deviated from the IRB-approved protocol with what is referred to as "sponsor approval." Sponsor approval is not an exemption from deviation. The FDA expects investigators to obtain IRB approval for alternate procedures before implementation.
In order to protect the Institution and University investigators, UUSOP-07 will be updated to require any departure from the IRB-Approved protocol first be sent to the IRB for review and approval prior to enactment.
This will require investigators and study teams to be thoughtful when reviewing protocols. If there are areas of the protocol that are unfeasible or unnecessarily limiting, such as eligibility criteria or treatment parameters, efforts should be made to correct them before enrolling participants.
In addition, study teams are required to request an amended protocol from the sponsor for any changes that are only included in protocol administrative letters (or equivalent). Records of these requests to the sponsor must be filed in the study's regulatory binder.
Strict adherence to the IRB-approved protocol is the most effective way to ensure research integrity and compliance, and to eliminate the risks associated with FDA investigation.
Elements of Effective Corrective and Preventative Action Plans (CAPAs)
Description of Problem
Describe the problem/deviation that occurred, and when it was discovered.
Conduct Root Cause Analysis
Identify the underlying reason the problem/deviation occurred. Use the Five Why’s, a method of “digging deeper” into a problem by repeating the question “Why?” five times after each possible cause to ensure the ultimate root cause is identified.
Corrective Action
The procedures/steps taken to resolve the problem/deviation. Corrective action taken or planned should be short-term and provide immediate resolution of any nonconformities found.
Implementation
Determine how the corrective action will be implemented, who will implement it and the date implemented.
Preventative Action
Describe the procedures/steps taken to prevent the problem from reoccurring. This should be a long-term, sustainable solution to address the root cause and prevent recurrence.
Evaluation Plan
Provides details of how the CAPA will be assessed for effectiveness. Documentation must be maintained to demonstrate planning and implementation in addition to providing evidence of decisions made and actions taken.
18 HIPAA PHI Identifiers
-
- Names
- Address
- Dates related to an individual
- Phone Numbers
- Fax Numbers
- Email Address
- Social Security Numbers
- Medical Record Numbers
- Health Plan Beneficiary Numbers
- Account Numbers
- Certificate/License Numbers
- Vehicle Identifiers and Serial Numbers
- Device Numbers and Serial Numbers
- Web URLs
- IP Address
- Finger or Voice Print
- Photographic Image
- Any other Unique Identifying Number
Publishing post-analysis data with identifiable datasets includes the above PHI identifiers.
If identifiable datasets are included in publishing post-analysis data, it must align
with the IRB approved Informed Consent Form (ICF) signed by the participant. The ICF
and IRB application must indicate if identifiable datasets will be
shared/published.