he FDA visits Yale University approximately every two years to conduct an audit of the human subjects protection program (an audit of the IRB), as well as to perform audits of specific research studies (an audit of the investigator’s study files, records, and activities). These audits are conducted in order to verify compliance with FDA regulations and ensure the integrity of data generated by the various drug, device, or intervention studies. The FDA has published a self-evaluation checklist for IRBs preparing for an audit and can assist in identifying potential areas of weakness and preparing for an external audit. Nonroutine FDA audits are also conducted in response to complaints or as part of the approval process when new products are submitted for approval. The FDA must ensure that the data supporting a sponsor’s claim of safety and efficacy are valid before giving its approval to market the product. Since audits typically focus on written documentation, it is imperative that investigators keep their case files and study records current. Inspectors may be interested in reviewing the following types of documents: medical records, laboratory results, case report forms, signed consent forms, and IRB approvals.
The IRB can assist investigators in preparing for an external audit. If contacted by the FDA to schedule an audit, investigators should inform the IRB immediately. Investigators can learn more about FDA inspections at the following FDA link and by reviewing this 1998 FDA guidance document, which describes FDA inspections of clinical investigators as well as the potential regulatory sanctions.
The OHRP also conducts audits of institutions that conduct human subjects research sponsored by all agencies of the executive branch of the federal government (other than the FDA) that fund research involving human subjects. In addition to compliance oversight visits (or audits), the OHRP will also visit campuses or other institutions to provide technical or educational assistance, with the goal of strengthening the human subjects protection program. The OHRP’s audits are generally conducted in response to complaints, credible allegations, or indications of noncompliance with the Common Rule. The OHRP will typically attempt to resolve these issues by exchanging correspondence with the institution and reviewing documents and records provided by the institution. However, site visits may be required for the OHRP to determine if noncompliance has occurred and if specific or programmatic corrective actions are necessary to bring the institution’s human subjects protection program into compliance. These compliance audits will be conducted by five to eight individuals (OHRP staff and external consultants) and may last several days. A formal letter listing audit findings and required corrective actions is presented to the institution following the audit. These letters are also posted on the OHRP website. The OHRP has posted an Adobe PDF document that describes common compliance oversight findings on their website. A description of the OHRP compliance oversight procedures for evaluating institutions is available on their website.