In a recent webinar, Advarra experts Emily Eldh and Ben Shankle provided insights and information in Remote Monitoring: Study Compliance in a Changing World. Due to time constraints, we were unable to answer all audience questions during the Q&A period, so our experts have responded to additional questions in this blog.
Q: When accessing an electronic health record (EHR) for remote monitoring, our privacy department expressed concern that the study monitor has access to the research participant’s entire medical record and not just to medical records related to the study. From an IRB perspective, do you have a concern or recommendation for additional protection/safeguards?
A: Monitors and auditors typically have access to all parts of the medical record available at the clinical site either in a hard copy or electronically. Sometimes certain parts of a medical record (e.g., psychiatric visit notes) may be separated out, and if those records are not relevant to the research, that access could be limited. It will largely depend on the type of research.
Q: Should we inform research subjects that we will review their data remotely via other systems and document sharing methods?
A: Generally, subjects should be informed that their data will be reviewed, but you do not need to specify how it will be done. If you do specify how that will be done in the protocol or consent, then you will need to follow that – and you will need to submit any changes as an amendment.
Q: Do you have any resources for learning more about remote monitoring?
A: The FDA recommends a risk-based approach to monitoring – using a combination of remote, centralized, and on-site techniques – since 2013. You could advise them of this guidance pre-dating the pandemic.
Q: Should the remote monitoring portal be a site-to-vendor agreement or a sponsor-to-vendor agreement?
A: It could be either or both, depending on the contractual relationship being established.
Q: Many sponsors have to re-write monitoring plans to accommodate for COVID-19. Does the IRB approve the updated plan every time? What is the investigator’s role in ensuring compliance?
A: The IRB does not need to review the revised monitoring plan unless the protocol changes and/or consent form documents previously approved by the IRB. The sponsor is responsible for monitoring the research.
A local/site investigator is responsible for developing a plan for the supervision and oversight of the clinical trial at the site. Provide supervision and oversight even for highly qualified and experienced individuals. As it applies, a plan may include routine meetings with the sponsor’s monitors.
Q: Do you know if there are discussions about moving monitoring back on-site in the future?
A: The FDA has recommended a risk-based approach to monitoring – using a combination of remote/centralized and on-site techniques – since 2013. I think a hybrid approach, including both on-site and remote methods, will become routine if it isn’t already.
Additionally, the American Society of Clinical Oncology (ASCO) Journal published an article last year outlining findings from a survey on COVID-19’s impact on oncology clinical trials.
Q: What should a vendor provide the site in order to document that they are HIPAA compliant? What other requirements should a site ask the vendor to ensure accuracy and security?
A: Vendors should provide institutions with an assertion that their product can be used in a HIPPA-compliant manner along with documentation on how their product achieves it.
Additionally, any vendor should provide a full explanation of how their product keeps data secure against unauthorized access.
From there, it will be up to your IT/Compliance team to determine if their measures are sufficient.