uthsc irb donna hollaway, rn, ccrc 11/30/2011 authority to audit 45 cfr 46.109(e) an irb shall...

RESEARCH COMPLIANCE AUDITING

UTHSC IRB

Donna Hollaway, RN, CCRC11/30/2011

Authority to Audit45 CFR 46.109(e)An IRB shall conduct continuing review of

research covered by this policy at intervals appropriate to the degree of risk, but not less than once per year, and shall have authority to observe or have a third party observe the consent process and the research.

UTHSC Local IRB PolicyThe process of compliance auditing is meant to

accomplish several important purposes:Assure human subjects are properly

protected, and that procedures to accomplish this goal are carefully documented

Assist investigators in complying with current regulatory standards for protecting human subjects and in avoiding any external sanctions that may result from non-compliance with standard of practice

Local Policy (cont)Process is intended to assure that the

University and affiliated institutions remain in good standing with federal agencies having oversight of human subject research activities.

Most frequently asked question:

“How did my study get

selected for a compliance

audit?”

TYPES OF AUDITS

Observation of the informed consent interview

For causeRandom

What is reviewed during an audit?

Informed consent documentsSubject eligibility documentationVerification of the informed consent interviewResearch recordsMedical records (if required)DatabaseStudy medication ConfidentialityRegulatory documents

“Informed consent is the cornerstone of human subject research and the critical element in assuring the protection of subjects who voluntarily choose to enroll in a study.”

Research Practitioner

July-August 2011

Informed ConsentCorrect version (most current)IRB-stamped versionPages initialed by subjectOnly designated personnel

conducted the informed consent interview

Signatures dated and timed by signatories:

Subject Person Obtaining Consent Investigator (must sign with 72

hours)

Informed Consent Verification21 CFR 312.62(b), “the case history for each individual shall document that informed consent was obtained prior to participation in the study”. Generally, industry fulfills this requirement in one of two ways:

• By documenting consents in source documents; or

• By documenting consents on case report forms.

Best practices call for a contextual statement in a source document regarding exactly how and when the consenting processing occurred.

Subject Eligibility

There must be some type of documentation that the subject strictly meets the inclusion/exclusion criteria

Research Records

Research records will be reviewed for completeness, timeliness, and accuracy

Were visits and study procedures completed within the defined window?

Can data be verified from a source?

Protocol DeviationsDeviations: Failure to follow procedures

specified in the approved research protocol in the absence of a protocol waiverMinor – no substantive effect on the risks or

benefits for the subject, and no effect on value of data, and does not result from willing or knowing misconduct on the investigator or study staff

Major – deviation that has harmed or posed significant risk of harm to subject, or compromised scientific integrity of data, or appears to result from misconduct

Medical Records

If the study involves the subject’s clinical record, the records will be compared to data points in the research record for compatibility.

Database

If the data has been entered into a database, the database will be reviewed for accuracy, security, and accessibility.

Study Medication

Is it being stored according to the protocol?Are the dispensing records up to date?Is returned study medication stored

correctly?Is it being stored securely, who has access to

it?

Confidentiality

• Where are the study records stored?• Who has access to the records?• How are the records labeled?• Has a database been created?• How are specimens labeled?• Is any portion of the specimen retained at the

local site?

Regulatory Documents

Regulatory documents are reviewed for continuity, changes in study procedures, amendments/changes that should be submitted to the IRB, study staff responsibilities/assignments, study staff training, investigator CVs, and evidence of PI oversight.

What happens after the audit?Audit report is written and forwarded to the

IRB chairmanFollow-up letter is written documenting audit

findingsPI and key study staff receive copies of audit

report and letter via iMedRISAudit report and letter is placed in “Other

Documents” in iMedRIS (as well as “Correspondence”)

How to respond to an auditIf there are no significant audit findings, no

response is necessaryIf audit findings require a revision to the

study application, a Form 2 will be requestedIf audit findings require corrective action,

items to be addressed will be outlined in the letter

A correspondence can be created in iMedRIS to address each request for corrective action or additional information