Ongoing oversight of protocols is an essential part of protecting human subjects involved in research. This oversight provides information upon which actions may be taken by investigators, IRBs, sponsors, government agencies, and institutions hosting research, to keep the risks in a reasonable relationship to the benefits. There are three distinct types of oversight that are employed: annual renewal of approval of protocols, ongoing data and process monitoring, and formal audits.
Renewal of Approval of Protocols
Protocol renewals are conducted at least annually by the IRB and involve (at a minimum) a review of documents prepared by the investigator, including a description of subject recruitment rates, adverse events, new information that changes the risk-benefit ratio, or any material changes to the protocol. In some cases the renewal may involve a more comprehensive review of the protocol and include an assessment of the investigator’s case records and consent forms, on-site monitoring of ongoing research, observation of the consent process, and interviews with investigators, staff, and subjects. The IRB applies the same criteria for approval in the protocol renewal as it does in the initial review (e.g., acceptable risks, potential benefits, informed consent, and safeguards for human subjects).
The School of Medicine Human Investigation Committee’s “Request for Reapproval and Request for Termination” forms are available at the following link.
Data and Process Monitoring
Monitoring is conducted on an ongoing basis throughout a study to ensure the integrity of the scientific data collected as well as to ensure that subject safeguards are sufficiently protective. Monitoring involves several distinct activities - monitoring of efficacy data, monitoring of adverse-events data, and process monitoring. Monitoring of efficacy data is generally conducted only in studies utilizing DSMCs and involves the periodic analysis of collected scientific data to determine if the study is likely to reach a statistically valid result. A double-blind, multicenter, Phase III clinical trial is an example of a study that would typically monitor efficacy data periodically throughout the study. During these periodic data monitoring periods, the data is unblinded, analyzed, and compared to the stopping guidelines outlined in the protocol. In other types of studies, efficacy is evaluated at the end of the study or is not a goal of the study (such as in a Phase I clinical trial).
Data monitoring (of adverse-events data) is a requirement of all research protocols. The specific monitoring interval is dependent on the study’s risks and is written into each protocol’s data and safety monitoring plan. This periodic evaluation of adverse events is conducted to determine if these events alter the risk-benefit ratio of the study and whether modifications to the protocol or consent form are necessary. These adverse-events data monitoring functions may be conducted by the investigator’s staff, sponsors, a clinical research organization, a DSMC, or a governmental agency such as the FDA, the NIH or the OHRP. Although adverse-events data monitoring is conducted continuously, the data are analyzed periodically.
Process monitoring of a protocol may also be conducted, and it is a separate activity from data monitoring. During process monitoring observations are made of certain practices that are routinely conducted as part of the protocol, such as completing subject records, administering informed consent, or reporting of adverse events. These observations are intended to verify that the procedures put into place to ensure the safety of subjects and the integrity of the data are being followed. A secondary benefit of process monitoring is often the clarification of procedures and of the responsibilities of investigators and their staff. These monitoring activities may be conducted by a representative of the IRB or the research sponsor.
Audits
Audits are the third type of oversight conducted on approved protocols. Audits are assessments that capture the compliance status of a protocol at a point in time. They ensure the ongoing safety of subjects participating in the research by verifying that the study is being conducted in accordance with the IRB-approved protocol, institutional policy, and applicable guidelines and standards. Audits may be conducted proactively, for cause, or after a study is completed to check authenticity of submitted data against source documents. The FDA and the OHRP conduct “for-cause” audits, generally as a result of complaints raised by subjects or others associated with the research (such as sponsors or co-investigators). The FDA also conducts random audits of clinical-trial protocols. Some grant sponsors, such as the NIH, conduct announced audits of research protocols. During these audits they may check for site adherence to Good Clinical Practice (e.g., adherence to the protocol, proper administration of informed consent, reporting of all adverse events, and accurate completion of all source documents-case histories and case report form entries). Prior to an announced audit by a sponsor, investigators often request a preliminary audit by the institution’s IRB, and investigators are encouraged to do this. Finally, “end-of-study” audits may be conducted by regulatory agencies such as the FDA or the OHRP prior to granting approval to commercialize a new drug or device, or by the study sponsor in preparation for submitting the study results to a regulatory agency. In all cases, audit reports must be maintained in an investigator’s files, the IRB’s files, and in some instances may have to be reported to the FDA or the OHRP. Additional information on the audits performed by government agencies can be found at the following link.
Institutions that hold an approved OHRP federalwide assurance, such as Yale University, are required to ensure that they have procedures that “include formal mechanisms for monitoring compliance with human subject protection requirements.” As such, in addition to the IRB authority to audit research, institutions hosting research under the direction of an IRB may also audit a study protocol as part of a proactive human subjects protection initiative or for cause (such as a follow-up to a complaint from a study subject). There is also a growing trend to perform a small number of audits on a randomly selected set of protocols annually and/or to conduct audits of certain categories of research (such as those involving new drugs or medical devices, or vulnerable populations, or research conducted under emergency waiver of informed consent). Investigators should not be surprised if an internal audit is conducted on their protocol. Host institutions also conduct financial audits of protocols.