Compliance Corner: Expert offers advice on investigator noncompliance
Expert offers advice on investigator noncompliance
Institutional involvement is crucial
Research compliance can be defined a variety of ways, and the trick is for institutions to define and understand the types of noncompliance that are reportable to federal agencies, a compliance expert says.
"There are various levels of noncompliance from scientific misconduct to minor administrative oversight to serious noncompliance," says Heather L. Fields, JD, a shareholder in the health care department of Reinhart, Boerner, Van Deuren of Milwaukee, WI. Fields speaks at national IRB and research conferences about compliance and other issues.
The Food and Drug Administration (FDA) and the U.S. Department of Health and Human Services (DHHS) require IRBs to report serious or continuing noncompliance with DHHS or FDA regulations or IRB determinations, Fields notes.
Noncompliance also should be reported to the research institution and the study sponsor.
Federal regulations leave it up to each institution and IRB to define the words "serious" and "continuing."
However, Fields offers these examples of continuing noncompliance, serious noncompliance, and scientific misconduct:
• Continuing noncompliance:
The principal investigator (PI) repeatedly fails to keep complete temperature logs in compliance with the protocol-specific storage and handling plan for an investigational test article; or
The PI repeatedly fails to file adverse event reports with the IRB in a timely manner.
• Serious noncompliance examples:
The PI conducts non-exempt human subjects research without having obtained appropriate informed consent and without IRB review and approval; or
The PI makes a significant modification to the IRB-approved research protocol (e.g., increases dosage amounts) without first obtaining IRB approval.
• Scientific misconduct:
Fabrication: When a PI makes up data or results and records or reports them;
Falsification: When a PI manipulates research material, equipment, or processes, and/or changes or omits data or results; or
Plagiarism: When a PI uses another person's ideas, processes, results, or words, and doesn't give the original source credit.
Typically, reports to OHRP and the FDA will include these items, Fields says:
- Name of the research institution;
- Name of the PI;
- Name of the research project and/or grant proposal;
- Number of the research project;
- Description in detail of the noncompliance; and
- Corrective actions being taken by the institution.
Another issue that is left up to the institution's discretion is the precise time frame for reporting noncompliance, Fields says.
"The new guidance from the Office of Human Research Protection (OHRP) provides a time frame that is hard to pin down because the regulations require prompt reporting, but don't give a date, she says.
"What OHRP will tell you is that depending on the seriousness of the incident, they want to know within a few days to a few weeks," Fields says. "If 30 days have gone by and you have not reported it, then that's a problem."
The clock starts ticking when the institution becomes aware of the incident, but this can be tricky, as well.
For instance, an IRB might hear an allegation from a study nurse that something's wrong, but it takes time to sort out whether the allegation is credible and to find out what's really going on, Fields explains.
When Fields offers examples, she'll say that a single, late adverse event report that was lost on someone's desk may not be serious, and is not continuing.
"But if they repeatedly fail to file reports they are required to report, or if they repeatedly refuse to address the IRB's request for information, or are not filing continuing review reports, then that may eventually rise to the level of something that needs to be reported," Fields explains.
Protocol changes without IRB approval are another area of noncompliance, and the severity of these can range from minor to serious.
"There are a fair number of PIs out there who will modify what they are doing with a research study, and they may not seek an amendment to the protocol," Fields says.
"Suppose there is a PI who modifies a study drug's dosage for a single patient because the person is not tolerating the levels of doses called for, then obviously the PI can make modifications to protect the patient's health and safety," Fields explains. "But that must be reported as a protocol deviation, and if it continues to be an issue, the protocol may need to be modified."
"The most important thing for IRBs to understand is their role in the institution's compliance process," Fields says. "I don't think IRBs are well-suited to handle noncompliance investigations or to sort out all of the facts that need to be detailed."
It's the research institution's responsibility to make certain subjects are protected, and so it's important to have someone at the institutional level be in charge and responsible for any investigation into research noncompliance, Fields adds.
"It's critical that the IRBs are alerted to noncompliance, and they do make the required reports, but it doesn't mean they have to be in charge of the process," Fields says.
The institution's compliance process needs to encompass a variety of offices dealing with research projects, including the financial office, the grants office, the dean's office, and the IRB office, Fields says.
Fields offers these suggestions for how an institution should handle noncompliance issues:
- First: Identify someone to lead the institutional process (the IRB staff and members may not be best situated to take charge of this process);
- Second: Conduct at least a preliminary investigation to find out what type of noncompliance is involved;
- Third: If serious or continuing (or suspected to be serious and continuing) noncompliance occurs, then report to appropriate departments within the institution and have the IRB report to the required governmental agencies;
- Four: Complete the full investigation of the specific incident, looking for patterns of continuing noncompliance (audits could be used to determine if it's an ongoing problem);
- Five: Develop a corrective action plan to address the investigation's findings; and
- Six: Provide follow-up, including making additional governmental reports and monitoring implementation of the corrective action plan.
"You need to ferret out the problems and investigate them with the ultimate goal of preventing future problems by educating and training the entire research staff," Fields says.
In an ideal situation, a noncompliance finding would result in an institution providing additional support to the investigator and research staff and offering education and training to enhance their understanding of compliance issues, she says.
"Also, you need to have a system in place that has lots of safeguards to make sure people know what they're supposed to be doing," Fields explains. "And you need to make sure there's a process to catch problems early before things become serious."
Fields offers these examples of types of corrective action that could be taken in response to noncompliance:
- Modifying the consent form or the research;
- Notifying current or past study participants;
- Providing another informed consent of current participants;
- Monitoring research and consent process;
- Educating and mentoring PIs and study staff;
- Providing more frequent reviews and additional reporting;
- Making additional resources available to support the PI's activities;
- Placing limitations on the PI's research activities or use of data; and
- Suspending or terminating IRB approval.
Education and training are an institution's and IRB's best defense against noncompliance problems, Fields says.
Quality improvement programs and random audits are some of the ways an institution can prevent noncompliance crises.
"Do a spot check to help research staff before they do something that becomes a significant noncompliance issue," Fields suggests.
This effort will pay off in the end because the goal is to help improve the lives of research subjects and move forward medical thinking, Fields says.
"It's very time-consuming and expensive for institutions to deal with serious noncompliance," Fields adds. "It's an integrity issue, and it causes a lot of disruption in the day-to-day operations."
Research compliance can be defined a variety of ways, and the trick is for institutions to define and understand the types of noncompliance that are reportable to federal agencies, a compliance expert says.Subscribe Now for Access
You have reached your article limit for the month. We hope you found our articles both enjoyable and insightful. For information on new subscriptions, product trials, alternative billing arrangements or group and site discounts please call 800-688-2421. We look forward to having you as a long-term member of the Relias Media community.