What is an IRB or Institutional Review Board?

An IRB is a diverse group of scientific and non-scientific individuals who conduct the initial and ongoing review of clinical research studies in order to ensure the protection of the rights and welfare of human subjects participating in those trials. The Code of Federal Regulations Title 21, Parts 50 and 56 and Title 45 CFR Part 46 governs the composition and conduct of IRBs. (See Title 21 CFR or Title 45 CFR)

How often does Copernicus Group IRB hold Board meetings

CGIRB Board meetings are held every Tuesday and Thursday with the exception of Thanksgiving week and Christmas week.  (See Schedule)

If we are interested in having a protocol and Subject Information and Consent Form reviewed, when does CGIRB need the material?

We have a schedule of submission dates that must be met in order to assure CGIRB Board review at a specific scheduled meeting. Generally, the submission deadline is by 5:00 PM, one week before the scheduled Board meeting you desire. Please contact us for additional information regarding the CGIRB meeting schedule. (See Schedule)

How quickly does CGIRB notify researchers of the Board review decisions?

Approval documents are sent to the Principal Investigator within 2-3 business days of an unconditional approval decision. Whenever possible, CGIRB sends decisions within 3 business days of the review meeting. In cases where there is a condition placed on approval, the condition must be met prior to processing the unconditional approval documents.

What is CGIRB’s policy for reporting IND Safety reports?

The majority of IND Safety Reports, Suspected Unexpected Serious Adverse Reaction (SUSAR) Reports, Council for International Organizations of Medical Sciences (CIOMS) Reports, and MedWatch Reports (“Reports”) are unlikely to meet reporting requirements under CGIRB reporting guidelines. Reports that must be reported are those reports that indicate a new or increased risk of harm to subjects or others. Generally, to be reportable, such an event should be previously unknown to the IRB and requires an action taken to minimize the risk to other subjects, such as a change to the protocol or additional disclosure of risk information in the consent document.

If there is an agreement that the sponsor report unanticipated problems directly to CGIRB on the behalf of the PI, that is the only report that needs to be submitted to CGIRB. If there is no such agreement in place, the PI is required to submit reports to CGIRB, if they are determined to be reportable unanticipated problems.

Submit the report with the completed CGIRB Promptly Reportable Information Form within 5 business days of your receipt.

What is CGIRB’s policy for reporting Unanticipated Problems (UPs) other than IND Safety reports?

A UP event is reportable if it meets all of the following:

  • related or possibly related to the research
  • unexpected in terms of its nature, severity or frequency
  • suggests that the research places subjects or others at a new or increased risk of harm

Generally, to be reportable, an event should be previously unknown to the IRB and require some action to be taken to minimize the risk to subjects or others, such as a safety-related change to the protocol or additional disclosure of risk information in the consent document or investigator’s brochure.

Under the above definition, many adverse events will not meet CGIRB reporting requirements.

Submit reportable UPs on the Promptly Reportable Information Form within 5 business days of the site’s awareness.

You will receive an acknowledgement for submissions that meet the CGIRB reporting requirements.

What are the “rights” of a research subject?

If you decide to be in a research study, you should carefully read and discuss the CGIRB-approved Subject Information and Consent Form with the study staff and study doctor before having any procedures done. Any questions you have should be answered. The decision of whether to take part in the study is completely voluntary. You and only you should make this decision. As a research subject, you have a right to information about the study procedures, study drug, risks and benefits of the study, alternative treatment, confidentiality, and any payment that may be provided for taking part. If you do not understand why something is being done during the study… ask. If you decide to take part in a study, you also have a right to withdraw from the study at any time.

What do we mean when we discuss Quality Assurance in research?

Human subject research is governed by numerous regulations and guidances. Additionally, most sponsors, CROs, SMOs, investigator sites, institutions, and IRBs have standard operating procedures (SOPs) in place to govern activities associated with the conduct of clinical research. All of these regulations, guidelines, SOPs, the IRB-approved protocol, and other procedural documents serve as standards against which compliance may be assessed. Quality assurance auditors are employed at various stages of the research and development process to assess compliance with applicable standards. The purpose of most clinical quality assurance audits is to verify, through interviews and documentation reviews, the following:

  • That the rights and welfare of the human research subjects are and have been protected
  • That the research study is being conducted in accordance with the IRB-approved protocol and in compliance with applicable regulations, guidelines, SOPs, and other written standards
  • That the investigator is administering the investigational product only to subjects under the investigator’s personal supervision or under the supervision of a sub-investigator responsible to the investigator, and that the investigator is maintaining accountability for the investigational product
  • That the data, derived from source documentation, are verifiable

Because FDA and OHRP encourage research entities to conduct internal quality assurance activities in an effort to provide continuous quality improvement, audit reports are not routinely requested during regulatory inspections. Therefore, documentation associated with quality assurance audits does not have to be maintained and retained with the study documentation. It is preferable for audit documentation to be maintained in a separate location from research study files.

What is HIPAA?

“HIPAA” stands for the Health Insurance Portability and Accountability Act of 1996. This regulation includes “the Privacy Rule”, which outlines the standards for privacy of individually identifiable health information. The specific regulations for HIPAA are in Title 45 CFR Parts 160 and 164.

What is a review preparatory to research?

This is a specific term related to the review of a potential subject’s PHI [private health information or individually identifiable health information] in order to prepare a research protocol or for similar purposes, such as to determine whether the person might be eligible for participation in a research study. By following the requirements for a review preparatory to research, you will comply with HIPAA as you seek to identify potential subjects whose PHI will not be disclosed to third parties without the subject’s prior authorization. Note that this method must not be used if such PHI will be disclosed to a third party to the covered entity.

The requirements for complying with this approach are as follows:

  • Notification by the covered entity that the review of PHI is needed in order for the preparation of a research protocol or for similar purposes, such as to determine whether a person might be eligible for participation in a research study.
  • Notification that the PHI will be used solely for this review preparatory to research.
  • Notification that the PHI is necessary for the purposes of this review.
  • Notification that the PHI will not be disclosed to third parties to the covered entity.

Note that CGIRB is not involved in this activity. We only include this information as a service to you.

Does CGIRB have Authorization language incorporated into a Subject Information and Consent Form Template?

Yes, we do. Go to our forms section for the Subject Information and Consent Form and Authorization to Use and Disclose Personal Health Information for Research Template.


Will CGIRB accept submissions of alternative authorization language?

Yes, alternative Authorization language can be submitted to CGIRB for Board review. This language would need to meet the standard that CGIRB has adopted. The CGIRB Checklist for HIPAA Authorization Language can be found on our forms page.

Can a Sponsor/CRO collect PHI regarding a subject who signed the consent to participate section of the Subject Information and Consent Form but inadvertently did not sign the HIPAA authorization section?

If the investigator/site is not a covered entity, then the answer is Yes. HIPAA would not apply to a non-covered entity and therefore authorization is not required.

However, if the investigator/site is a covered entity under the provisions of HIPAA, then written authorization from the subject is required prior to disclosure of the subject’s PHI. The investigator may collect the PHI, since he/she is the covered entity; however, allowing an unaffiliated monitor to view the source documents would constitute an unauthorized disclosure to a third party.

In order to determine if a site is a covered entity, consult the following federal website: http://www.cms.hhs.gov/HIPAAGenInfo/06_AreYouaCoveredEntity.asp

As a Principal Investigator, how do I find out who can be the Legally Authorized Representative for a research subject?

Who can serve as a legally authorized representative (LAR) is determined on a state-by-state basis. When a study requires consent to be provided by an LAR, CGIRB requests that the Principal Investigator (PI) confirm with a regulatory attorney or with the sponsor who may serve as an LAR for their particular state. The Sponsor is responsible for ensuring proper monitoring of investigators under Title 21 Part 312.50 and Title 45 CRF 46.102, which includes confirming that a legally effective consent process was performed. The PI and/or the person obtaining consent should verify that the person signing as LAR has the authority to provide consent on the subject’s behalf; otherwise the consent may not be legally effective.

Is CGIRB a Covered Entity or Business Associate as defined by HIPAA regulations?

After consulting with several industry experts, attorneys, and regulatory officials, it has been determined that independent institutional review boards are NOT covered entities or business associates. As a result of this, it is our policy that we do not enter into business associate agreements.

Q: How can I determine if my organization is a covered entity?

The Health Insurance Portability and Accountability Act of 1996 (HIPAA – The Privacy Rule) applies to any entity that is:

  • A health care provider that conducts certain transactions in electronic form (called a “covered health care provider”)
  • A health care clearinghouse
  • A health plan

An entity that is one or more of these types of entities is referred to as a “covered entity” in the regulations. A decision tool to assist you in deciding whether or not your organization is a covered entity is available at: http://www.cms.hhs.gov/HIPAAGenInfo/Downloads/CoveredEntitycharts.pdf

Where can I find more information about race and ethnicity categories?

The FDA has a Final Guidance Document for Collection of Race and Ethnicity Data in Clinical Trials that was released in September 2005. This document is available at: http://www.fda.gov/downloads/RegulatoryInformation/Guidances/ucm126396.pdf

Specific Categories and Definitions are listed on page 12 of this document and are as follows:

The minimum categories for data on race and ethnicity for Federal statistics, program administrative reporting, and civil rights compliance reporting are defined as follows:

  • American Indian or Alaska Native. A person having origins in any of the original peoples of North and South America (including Central America), and who maintains tribal affiliation or community attachment.
  • Asian. A person having origins in any of the original peoples of the Far East, Southeast Asia, or the Indian subcontinent including, for example, Cambodia, China, India, Japan, Korea, Malaysia, Pakistan, the Philippine Islands, Thailand, and Vietnam.
  • Black or African American. A person having origins in any of the black racial groups of Africa. Terms such as “Haitian” or “Negro” can be used in addition to “Black or African American.”
  • Hispanic or Latino. A person of Cuban, Mexican, Puerto Rican, South or Central American, or other Spanish culture or origin, regardless of race. The term, “Spanish origin,” can be used in addition to “Hispanic or Latino.”
  • Native Hawaiian or Other Pacific Islander. A person having origins in any of the original peoples of Hawaii, Guam, Samoa, or other Pacific Islands.
  • White. A person having origins in any of the original peoples of Europe, the Middle East, or North Africa.


How does Canadian review of studies work at CGIRB?

For more information on our review of Canadian studies, please refer to our Canadian FAQ sheet below.

Does CGIRB apply signatures to approval documents?

Based on current regulatory requirements and industry standards, CGIRB does not apply signatures to approval documents and other routine communications provided to clients and to investigator sites. (See CGIRB’s Statement of Signature Requirement).

As a Clinical Investigator, what do I need to do to ensure that I am compliant with HIPAA?

(This answer is based on the assumption that the clinical investigator is a covered entity as defined by the regulations.) For your ongoing studies under the approval of CGIRB, your HIPAA Authorization language must be submitted to the Board for review and be approved prior to its use.

In addition, any time you plan to use or disclose PHI [private health information or individually identifiable health information] as a result of your identifying potential subjects prior to their recruitment, you must follow a plan permitted by HIPAA. For example, to identify potential subjects for inclusion in your research protocol, you would likely need to review the patient’s existing health information. If any of this PHI used to identify potential subjects and/or to recruit subjects is disclosed to a third party, such as when it is reviewed by the study monitor, you must either obtain from CGIRB a Request for Waiver/Alteration of Authorization Form (see forms) See other “waiver of authorization” question below.

Lastly, it is also your obligation to be aware of any state and local laws that raise the standards for privacy beyond the HIPAA requirements.

What is a “waiver of authorization” and how do I obtain such a waiver?

With CGIRB Board approval, subject authorization may be waived if you do the following:

  • Provide a brief description of the PHI [private health information] for which use or access has been determined to be necessary.
  • Inform CGIRB that the research involves no more than a minimal risk to the privacy of the subject, based on, at least, the presence of the following elements:
    1. An adequate plan to protect the PHI from improper use or disclosure.
    2. An adequate plan to destroy the identifiers linked to the PHI at the earliest opportunity consistent with the research, unless there is a health or research justification for retaining the identifiers or such retention is otherwise required by law.
    3. Declare that the PHI will not be reused or disclosed to any other person or entity, except as required by law, for authorized oversight of the research study, or for other research for which the use or disclosure of PHI would be permitted by the regulation.
    4. Declare that the waiver will not adversely affect the rights and welfare of the subject.
    5. Declare that the research could not practicably be carried out without the waiver.
    6. Declare that the research could not practicably be conducted without access to and use of the PHI.

Go to our forms section for the CGIRB Request for Waiver/Alteration of Authorization Form. Note that the CGIRB Board must grant this waiver if the waiver request is related to a study approved by CGIRB.

Assent Form FAQs

Does CGIRB have a template assent form?

In September 2011, CGIRB released a new template assent form. Click here to view.

What is the age for written assent?

The regulations do not require the documentation of assent (i.e. a signed assent form), however the IRB has the discretion to determine when written assent is required. These decisions are based on the age, maturity, and degree of literacy of the subject.

In general, CGIRB does not require a signed assent form for children under the age of 10. CGIRB will determine what type of assent process is appropriate depending on the subject population, and this information is communicated to the sponsor as part of the initial review.


Do parents need to sign the assent form in addition to children?

Parents are not required to sign the assent form that is signed by the child.

The regulations require a signed permission form from the parents of pediatric subjects when the research involves more than minimal risk. CGIRB generally reviews a separate Parental Permission form for nearly all research studies involving children, regardless of the risk determination.

As part of the initial review process, CGIRB determines whether the permission of one parent or both parents is appropriate for a study, and this is also communicated to the sponsor as part of the initial review.


Should older children read and sign the Parental Permission form?

In the FDA Information Sheets, the FDA acknowledges that older children may be well acquainted with signing documents through prior experience. Therefore, signing a form to give assent may be appropriate for an older child.

In some cases, the IRB may determine that older children can sign a separate assent section at the end of the Parental Permission Form, or the IRB may request that older children be offered a copy of the Parental Permission form to read in addition to the assent form. The IRB will make this determination at the time of the initial review.


What assent process should be used when the study population cannot provide written assent (i.e. children with severe disability or disease).

If the pediatric subject population is generally not able to read and sign an assent form, there should be a process for documenting that assent took place. One method that is used is to have an independent third party verify, by signature, that the assent of a child was obtained.

The IRB may also decide in some cases that documentation of assent is not warranted, for instance, if the capability of some or all of the children is so limited (infants or toddlers) that it prohibits obtaining assent.

****Remember, obtaining assent is a process. Researchers should consider issues of privacy, such as allowing the opportunity for older children to converse with the person obtaining assent one-on-one.