Upload
allison-lamb
View
216
Download
0
Tags:
Embed Size (px)
Citation preview
Advanced Topics in the Submission of Research Protocols to the
Institutional Review Board (IRB) and the Office for the
Protection of Human Subjects (OPHS)
Maryann Rossi, PhD, CIM, CIPAccreditation and Education Manager
OPHS
ASAP Course; November 18, 2009
IRB 201
Participants will:
• Know key PI responsibilities under human subject protection regulations
• Learn how the HIPAA Privacy Rule relates to research
• Know what Data and Safety Monitoring Plans are and when to have one
Learning Objectives
Learning Objectives (cont.)
• Be able to identify protocol deviations and Serious Adverse Events; know when and how to report them
• Understand concepts of waiver of informed consent/assent and waiver of documentation of informed consent/assent
• Become familiar with Emergency Use Exemption
• Be introduced to regulatory requirements for multi-site studies
Organizational Plan
Education Programs
Conflict
of Interest Investigators and Research Staff
Compliance Oversight
Communications System
Institutional Review Board
Investigational Drug Services
Contracts and Grants
Office for the Protection of Human Subjects
Human Research Protection Program (HRPP) Components
PI Responsibilities (1)
• To conduct research ethically and in accordance with regulations, CNMC policies, and IRB requirements
• To ensure research personnel have appropriate qualifications and required training (e.g., CITI)
• To have sufficient resources to ensure appropriate care, oversight, and safety of subjects
PI Responsibilities (2)
• To obtain and document informed consent and assent in accordance with regulatory requirements unless otherwise authorized by the IRB
• To protect subject privacy and data confidentiality
• To follow the protocol as approved by IRB
• To obtain IRB approval prior to implementing any protocol modifications
• To monitor the data to ensure subject safety and welfare
• To report to the IRB unanticipated, serious events or other unanticipated problems that involve risks to subjects or others
PI Responsibilities (3)
• To submit Continuing Review reports on a timely basis to avoid protocol expiration
• To submit a final report to the IRB at study closure
*****
The PI bears the ultimate responsibility for his/her research staff and how the protocol is conducted.
PI Responsibilities (4)
HIPAA
• Heath Insurance Portability and Accountability Act of 1996 (HIPAA)
• Protected Health Information (PHI)
• Includes individually identifiable information
• Covered Entities (CE):– Health Care Provider– Health Plan– Health Care Clearinghouse
1st Belmont Ethical Principle
RESPECT FOR PERSONS• Treat individuals as autonomous
agents• Right to know• Right to choose• Right to privacy and confidentiality• Right to withdraw
• Additional protections for persons with reduced autonomy
Privacy vs. Confidentiality
Privacy• Is about people• Refers to persons’ interest in controlling
access to themselves
Confidentiality• Is about data• Refers to agreements with the participant
about how data are to be handled
18 HIPAA Identifiers
1. Name
2. Any geographic subdivisions smaller than a state (except initial 3 digits of ZIP code)
3. All elements of dates (except year) directly related to an individual (e.g., DOB, date of admission)
4. Telephone numbers
5. Fax numbers
6. Electronic mail addresses
HIPAA Identifiers (cont.)
7. Social security numbers
8. Medical record numbers
9. Health plan beneficiary numbers
10. Account numbers
11. Certificate/license numbers
12. Vehicle identifiers and serial numbers (including license plate numbers)
13. Device identifiers and serial numbers
HIPAA Identifiers (cont.)
14. Web Universal Resource Locators (URLs)
15. Internet Protocol (IP) address numbers
16. Biometric identifiers, including finger and voiceprints
17. Full-face photographic images and any comparable images
18. Any other unique identifying number, characteristic, or code
Implications for Research
• Investigator must obtain patient’s permission before using PHI– Part of the standard CNMC informed consent
template
• Release of private information for research without patient’s authorization is a violation [exceptions described ahead]
Research NOT Covered by HIPPA
Only uses de-identified data:
“. . .health information that does not identify an individual and with respect to which there is no reasonable basis to believe that the information can be used to identify an individual is not individually identifiable health information.”
Research Covered by HIPPA
• Uses individually identifiable health information
• Involves human beings, living or dead
• Doesn’t matter if it is or is not supported by the federal government or regulated by the FDA
Options for Access to PHI
• Use only de-identified data• Obtain patient’s written authorization• Obtain HIPAA waiver from IRB • Review data preparatory to research• Decedent research• Use limited data set
– Data Use Agreement– Business Associate Contract (BAC)
HIPAA Authorization
• Subject cannot participate if HIPAA Written Authorization is not signed*
• States what PHI will be disclosed and to whom
• States how long PHI will be kept; how will it be secured
* Research using PHI
Use of De-identified Data
• Not subject to Privacy Rule
• Can include complete dates, 5-digit ZIP codes, geographic information other than street addresses
• Can have re-identification code if not derived from information about the individual
Waiver of HIPAA Authorization
Justification (must satisfy all 3 criteria):
• Use or disclosure of the PHI presents no more than minimal risk to the individual’s privacy
• Research cannot practicably be conducted without a waiver
• Research cannot be practicably conducted without access to and use of PHI
Data and Safety Monitoring
2nd Belmont Ethical Principle
BENIFICENCE
•“Do no harm”• Maximize possible benefits• Minimize possible harms• Benefits outweigh risks
Data and Safety Monitoring Plans
When appropriate (greater than minimal risk research), the research plan makes adequate provision for monitoring the data collected to ensure the safety of subjects.
• Individual investigator/independent M.D.
• Internal monitoring group (study sponsor)
• Independent Data Safety Monitoring Board (DSMB)
Elements of a DSMP
• What events will be monitored?
• How often?
• Who will monitor them?
• To whom will the information from the monitoring be given?
• What are the “stopping rules,” if any?
Unanticipated Problems in Research
2nd Belmont Ethical Principle
BENIFICENCE
•“Do no harm”• Maximize possible benefits• Minimize possible harms• Benefits outweigh risks
UPIRTSOs
Unanticipated Problems Involving Risks To Subjects or Others
Examples:
• Serious Adverse Events (SAEs)• Protocol deviations
– Failure to obtain informed consent/assent– Eligibility criteria not met; subject still enrolled
• Inadvertent disclosure of PHI• Serious and continuing noncompliance
Adverse Events
• Most are not unanticipated problems– Adverse events expected in the context of
known toxicities or side effects of the research procedures
AND/OR– Due to the natural history of the underlying
diseases and conditions
• Some are unanticipated problems
• Unanticipated problems include events that are not adverse events
OPRP Guidance; October 11, 2005
UPIRTSOs and AEs
Serious Adverse Events (SAEs)
• An untoward medical occurrence during research– E.g., Serious side effects due to study drug or
procedure
• Hospitalization and/or prolongation of hospitalization of subject
• Results in the persistent or significant disability or incapacity of subject
• Death of subject
Reporting SAEs - CNMC IRB Policies
Internal Events (those occurring at CNMC)
• Report deaths within 24 hours (concurrent with reports to FDA, Sponsor)
• Report other serious and unexpected events that are possibly, probably and very likely/certainly related < 5 days after learning of the events (concurrent with reports to FDA)
Reporting SAEs (cont.)
Internal Events (cont.)
• If the event at CNMC is serious or if CNMC is the Coordinating Center, report within 5 days, regardless of its relationship to study intervention
External AEs (those occurring outside CNMC)
• Report events that are serious, unexpected and related within 30 days of learning of them
Protocol Deviation
A one-time, unintentional action or process that departs from the IRB-approved study protocol, involves one incident, and is identified after the event occurs.
Significant deviation:
• directly or potentially disrupts the study progress, such that the study design and results would be compromised
or
• compromises the safety and welfare of study participants
Example 1: Informed Consent Irregularities
• MINOR Deviation: Subject/Parent did not receive a copy of the signed consent form. Upon discovery, a copy is given to the subject at the next visit, or mailed if the subject has since completed the study.
• SIGNIFICANT Deviation: Subject was enrolled without subject/parent signing an informed consent form. Upon discovery, the subject should immediately be consented.
Example 2: Subject Enrolled Did Not Meet Eligibility Criteria
• MINOR Deviation: Subject enrolled was 2 months younger than the lower age limit requirement. Principal Investigator is able to provide rationale for subject admittance and ensure subject safety and study integrity.
• SIGNIFICANT Deviation: A low-birth weight infant was enrolled into a treatment trial for normal weight infants and low weight infants are at higher risk for an adverse event.
Reporting Protocol Deviations
All protocol deviations must be documented on the appropriate form.
Significant deviations must be submitted to the IRB within 10 business days of being identified.
Minor deviations should be filed in the investigator’s study records and submitted to the IRB at continuing review.
Informed Consent and Assent
1st Belmont Ethical Principle
RESPECT FOR PERSONS• Treat individuals as autonomous
agents• Right to know• Right to choose• Right to privacy and confidentiality• Right to withdraw
• Additional protections for persons with reduced autonomy
Regulatory Requirements – Basic Elements of IC
• State that the activity is research
• Describe purpose and duration of study
• Describe procedures
• Identify experimental procedures
• Identify risks
• Identify benefits
• Disclose any alternatives to participation
Basic Elements of IC (cont.)
• Describe the extent of confidentiality
• Explain any available compensation and medical treatment for injury
• State whom to contact about study questions
• State whom to contact about subjects’ rights
• State whom to contact in the event of an injury
• State that participation is voluntary; right to refuse or withdraw
Waiver of Informed Consent/Assent
• Research poses no more than minimal riskDefinition: The probability and magnitude of harm or discomfort anticipated in the proposed research are not greater, in and of themselves, than those ordinarily encountered in daily life or during the performance of routine physical or psychological examinations or tests [in a healthy person]
Waiver of Informed Consent/Assent (cont.)
• Subjects’ rights and welfare are not adversely affected by waiver
• Research could not be practicably conducted without waiver
• Subjects will be provided with pertinent information after participation, if applicable
CRF 46.102(i)
Documentation of Informed Consent/Assent
• Consent/Assent forms must be approved by IRB; must have approval stamp and expiration dates
• Forms must be signed and dated by subject or subject’s legally authorized representative (LAR)
• Pediatric research: Minor increase over minimal risk, no direct benefit requires signatures of both parents
Pediatric Risk Categories
• Not greater than minimal risk
• More than minimal risk with the prospect of direct benefit to the child
• Minor increase over minimal risk with no prospect of direct benefit
• Not otherwise approvable, but with potential to understand, prevent or alleviate a serious problem
Documentation of IC (cont.)
• Person obtaining consent must sign and date forms after the subject/LAR
• Copy is given to subject/LAR
• Re-consent required when subject reaches age of majority (age 18) and when substantive changes are made
Waiver of Documentation of Informed Consent
• Consent form is the only record linking subject to data and breach of confidentiality is major risk
OR• Activity involves no more than minimal risk
and involves no procedures for which consent is normally required (surveys, blood draws)
HOWEVER, documentation should be provided to subjects who request it
Emergency Use Exemption
Involves use of an investigational agent outside the clinical trial setting
• 2 FDA criteria
– Life-threatening situation; no standard acceptable treatment available
– Insufficient time to convene quorum for full-board IRB approval
• AKA “Compassionate Use”
Emergency Use (cont.)
• Requires Sponsor approval
• Requires consult with independent physician
• Patient unable to participate in clinical trial
• Notify IRB prior to test article’s use if possible
• IRB must be notified within 5 days of use
Collaborative Research at Multiple Sites
Which IRB Has Oversite?
• CNMC (local) IRB
• Lead site IRB
• Central IRB (e.g., pediatric oncology)
• External IRB -- Western IRB: industry-sponsored
protocols
Determining the IRB of Record
• Cooperative Agreements between CNMC and collaborating institutions
• Protocol submitted to two or more collaborating sites
• IRB Chairs discuss where consent is obtained, where primary risks can occur
• IRB Chairs determine which IRB(s) will have approval and oversight responsibility
• PI provides documentation of initial and continuing approvals to secondary IRB
Continuing Review
Mandatory under federal regulations• Approvals period < 365 days
• Reminders sent to investigators 90 days prior to study expiration
• Failure to submit progress report in time to permit re-approval = non-compliance
• Expired approval = Study closed (Must submit new protocol)
Protocol Closure
• Protocol is closed to further research activities including data analysis– Exception: Industry sponsored studies
• Submit Cont. Review/Closure form to IRB – Total N– Adverse events– Outcomes; publications
• Failure to close = expired protocol and possible non-compliance
Intranet Resources
http://intranet.cnmc.org/RESEARCH/DEFAULT.ASPX
• IRB submission forms• HRPP policies and procedures• CITI training information• Educational presentations• HRPP newsletter• Staff contact information
OPHS Staff
Birdena Samuel (Manager) (301) 565-8488
Roslyn Edson (IRB 01) (301) 565-8489
Loretta Polite (IRB 04) (301) 565-8541
Jan Martinez (Continuing Reviews) (301) 565-8542
Gloria Lawrence (Central IRB) (301) 565-8479
Maryann Rossi (301) 565-8485 (Accreditation and Education Manager)
Paper Submissions
Send submission materials via Inter-departmental Mail to:
IRB/OPHS
801 Roeder Road Suite 500
Silver Spring