ÁùºÏ±¦µä

720. Noncompliance

Updated June 10, 2024

Research studies may result in the implementation of unapproved changes to IRB-approved research plans or failure to comply with established regulations, policies, and procedures. Any action or activity associated with the conduct or oversight of research involving human participants that fails to comply with the research plan as approved by a designated IRB, or federal regulations or institutional policies governing such research constitutes noncompliance. Noncompliance may range from minor to serious, be unintentional or willful, and may occur once or several times.

Noncompliance includes deviations to the protocol made in the interest of a single participant such as to coordinate study visits. Noncompliance may result from the action of a participant, investigator or staff and may or may not impact the rights and welfare of research participants or others, or the integrity of the study. Complaints or reports of noncompliance from someone other than the research investigator are handled as allegations of noncompliance until such time that the allegation is validated or found to be invalid and dismissed.

This policy addresses noncompliance as it pertains to the conduct of research involving human participants. Noncompliance associated with the oversight of such research, including noncompliance by Research Integrity & Security staff or the IRB, is covered by policies detailing the Quality Monitoring and Quality Improvement functions of the university’s Human Research Protection Program.

Examples of Noncompliance for Non-Exempt Research

Conducting research with human participants without IRB approval:

“Conducting research” includes recruitment, consent, data collection and analysis, and writing up findings or research related reports. Engaging in these activities before IRB approval is obtained or after IRB approval expires constitutes noncompliance and may result in sanctions against the use of data obtained before or after IRB approval.

Changing or deviating from the IRB-approved research plan:

Failure to implement research activities according to the IRB-approved research plan constitutes noncompliance. The IRB must approve all changes to non-exempt human research before the changes are initiated unless changes are necessary to eliminate immediate harm to participants. In the latter case, the Principal Investigator (PI) may implement the changes but must report them to the IRB within five days of implementation.

Common changes include the following:

  • Increasing or decreasing participant enrollment by greater than 10% of the anticipated number;
  • Editing materials to which participants will be exposed (e.g., recruitment, educational, and consent materials);
  • Adding, removing, or editing questions on surveys or interview guides;
  • Collecting information that could identify participants when the research plan stated that no personal identifiers would be collected;
  • Removing study activities. In the approval process, the IRB assesses research benefits. Removing components of a research study may affect the IRB’s assessment of study benefits.

For examples of deviations, see Protocol Deviations policy in the online Human Research Protection Program (HRPP) Policy Manual.

Implementing study procedures with a participant who did not agree to the specific activity:

Some research is designed to allow participants to agree to some aspects of the study and to decline to participate in other aspects (e.g., videotaping). Involving a participant in an activity to which they have not consented constitutes noncompliance and may constitute an Unanticipated Problem if the activity involves risks to the participant or others.

Failing to record, code, store, or destroy data as described in the IRB-approved research plan:

PIs provide specific information in the IRB application about their plans for data management and storage, and for removing or coding personally identifiable information. Failure to adhere to the stated plans constitutes noncompliance and may constitute an Unanticipated Problem if unauthorized disclosure may harm a participant or others.

Initiating research prior to receiving notification of IRB approval:

The IRB may approve research with conditions. Before any research activities may commence under these conditions, researchers must provide the IRB with the requested revisions for review. Once the IRB determines the revisions are satisfactory, the PI will receive formal notification of IRB approval. Initiating any research activities prior to notification of IRB approval constitutes noncompliance and may result in restrictions in the use of any data collected before notification of IRB approval.

Using data from a minor who did not have parent permission to participate in the research study:

This may occur in classroom research activities when not all parents agree to their child’s participation in research, or when minor undergraduate students engage in research that was not designed to include minors and consequently, did not include processes for obtaining parent permission.

Changing or adding study locations:

The IRB considers study locations in assessing equity in participant enrollment. Changing or adding study sites may alter the IRB’s assessment. Failure to obtain acknowledgement or approval for changes or additions to study locations constitutes noncompliance.

Not using the IRB-approved, date-stamped consent document when enrolling participants:

Research Integrity & Security staff electronically “stamp” the IRB approval date in the footer of approved versions of consent documents/materials. Researchers must use the stamped, approved versions when enrolling research participants. Failure to do so constitutes noncompliance.

Pre-testing or piloting research materials or activities without IRB approval:

The definition of “research” in the federal regulations includes “research development, testing and evaluation” among activities that may be considered research. Pre-testing or piloting materials or activities before obtaining IRB approval may constitute noncompliance.

Tips to Minimize Noncompliance

  • If materials are edited after IRB approval has been obtained, submit an amendment to have the changes approved.
  • Contact the IRB if an immediate change is necessary.
  • Ensure all members of the research team, including students, know what is expected of them and are familiar with the approved research plan.
  • When uncertain, contact the IRB or Research Compliance Officer (RCO) with any questions, before acting.

Reporting Noncompliance to the IRB

For information about who may report and how to report incidents or actions that may constitute noncompliance, see the policy for Reporting Complaints and Problems in Research, Protocol Deviations, and Unanticipated Problems. For information about the preliminary steps in the assessment of problem reports, including potential noncompliance, see the policy for Assessment of Complaints and Problems in Research.

Types of Noncompliance: Minor versus Serious, Non-continuing versus Continuing

Noncompliance can be relatively minor or serious, and it can be a one-time event or a continuing problem. Following a determination of noncompliance, the IRB may require a range of corrective actions appropriate to the nature and degree of noncompliance.

Minor versus Serious Noncompliance

Serious noncompliance is any failure to adhere to requirements for conducting research that may reasonably be regarded as presenting a genuine risk of substantive harm to the safety, rights, or welfare of human research participants, research personnel, or others (including their rights to privacy and confidentiality of identifiable private information), or as impacting the scientific integrity of the study. A single instance of noncompliance may be deemed as serious noncompliance upon consideration of the facts by the IRB. Violation of policies, state and local laws, and/or federal regulations may also constitute serious noncompliance.

Non-continuing versus Continuing Noncompliance

Continuing noncompliance is a persistent failure to adhere to the laws, regulations, or policies governing human research. The repeated failure to adhere to appropriate standards of research represents continuing noncompliance regardless of whether the pattern of noncompliance is a consequence of a lack of knowledge on the part of the investigator or a willful lack of commitment by the investigator and study team to protect human participants.

Determination of Minor Noncompliance

Minor noncompliance may be discerned by the RCO investigating a complaint, conducting a Directed Audit or Administrative Internal Assessment, or determined based on an investigator’s report of a Protocol Deviation or Unanticipated Problem.

Investigation by Research Compliance Officer

If an investigation results in a finding of minor noncompliance, the issue may be resolved by the Research Integrity & Security Director or IRB Chair or designee.

The RCO will:

  • prepare a summary report of the investigation;
  • make recommendations for resolution of the issues identified in the report (e.g., corrective actions, education and training, or a combination); and
  • send a copy of the report to the Research Integrity & Security Director, IRB Chair, and the PI.

Within 10 business days of receipt of the report or on a date agreed upon in writing by the RCO, the PI must reply with an action or management plan for addressing the recommendations in the report.

Upon approval of the plan, the investigator must implement the action or management plan and notify the RCO (in writing) within 30 calendar days of successful implementation.

The RCO will send the PI an acknowledgement of successful implementation of the action or management plan, and confirmation that the minor noncompliance has been satisfactorily resolved.

Investigator Report of Protocol Deviation or Unanticipated Problem

The Protocol Deviation or Unanticipated Problem report must include a description and justification for all corrective actions taken without prior IRB approval. Investigators must also consider what types of corrective measures should be taken to prevent future occurrences. The RCO will assess risk of harm to participants or others to determine if immediate corrective actions are needed to protect the participants or others and will make the necessary recommendations to mitigate such risks. The RCO or Research Integrity & Security staff may send to IRB member for expedited review. Following this initial assessment, the problem will be evaluated for the three criteria for an Unanticipated Problem:

  1. The situation or event was unanticipated;
  2. The situation or event was related or possibly related to participation in the research;
  3. The situation or event suggests the research places participants or others at greater risk of harm than originally known.

Assessment of the situation or event will be documented in IRBNet package. Research Integrity & Security staff/RCO will send a letter of minor noncompliance to the Investigator.

Determination of Potential Serious or Continuing Noncompliance

If the RCO’s investigation of a reportable event, complaint, Directed Audit or Administrative Internal Assessment results in a finding of greater than minor noncompliance, the RCO, with confirmation from the Research Integrity & Security Director and IRB Chair, may appoint an IRB sub-committee. After the IRB sub-committee meets and evaluates the findings, the RCO will refer the matter for review by a fully convened IRB at the next scheduled meeting. The RCO will notify the investigator and the Responsible Official of pending IRB review.

The Research Integrity & Security Director or IRB Chair or designee may provide preliminary notice to the Institutional Officer, DHHS Office of Human Research Protections and the Food and Drug Administration, as appropriate.

If research participants are at immediate risk of harm or have the potential to be placed at further risk while awaiting the outcome of a convened IRB meeting, the IRB Chair may place some or all aspects of the study on suspension pending the decision of the convened IRB.

IRB Review of Potential Serious or Continuing Noncompliance

As noted above, allegations of noncompliance that may constitute serious or continuing noncompliance are reviewed by the convened IRB.

Materials for IRB Review

The materials for IRB review are available via access to the project in IRBNet (granted to Primary Reviewer and IRB members planning to attend the meeting) and include:

  • Protocol Deviation or Unanticipated Problem report or complaint;
  • Report of findings prepared by the RCO or designee, or IRB sub-committee; and
  • Approved research plan and study documents (approved documents that are relevant to the review may be flagged as such).

To facilitate the review, the RCO sends the assigned reviewer the categories of noncompliance as defined by the University IRB, and relevant excerpts from the IRB policy manual.

IRB Determinations

Following review and discussion of these materials, the IRB will make one of the following determinations:

  1. The incident does not meet the criteria for serious or continuing noncompliance, but it constitutes minor noncompliance and should be addressed accordingly.
  2. Further investigation by the RCO is needed before the IRB can make a determination. The RCO will present a revised report at the next scheduled IRB meeting.
  3. Further investigation and consideration by an ad hoc panel is warranted. The panel will report its findings at the next scheduled IRB meeting for review and recommendations.
  4. The incident constitutes serious or continuing noncompliance. The IRB takes the actions necessary to protect the rights and welfare of research participants and ensure PI compliance.
  5. The matter does not constitute noncompliance and should be dismissed.

Outcomes Following Review at a Convened Meeting

IRB Determination of Minor Noncompliance

As noted above, minor noncompliance may be determined outside of a convened meeting by the Research Integrity & Security Director, RCO, IRB Chair or qualified designee, or IRB member conducting an expedited review. Minor noncompliance is reported to the IRB on the next agenda.

If the IRB determines that minor noncompliance has occurred, the RCO will send the PI written notification of the Board’s decision and recommendations (i.e., IRB-approved action or management plan).

  • Within 30 calendar days of receipt of the notification, the PI must implement the action or management plan and notify the RCO (in writing) of successful implementation.
  • The RCO will send the PI an acknowledgement of successful implementation of the action or management plan, and confirmation that the minor noncompliance has been satisfactorily resolved.

IRB Determination that Furthers Investigation by Ad Hoc Panel Is Warranted

If an ad hoc panel is assembled, it will consist of a minimum of three IRB members whose areas of expertise are suited to the area of study and reviewing the possible noncompliance. The IRB Chair may not be a member of the panel, but the RCO who conducted the initial inquiry may serve in lieu of a third IRB member.

  • The ad hoc panel may conduct further interviews or employ other methods to gather information.
  • The ad hoc panel will provide a written report to the fully convened IRB following their inquiry, including a summary of the information gathered, conclusions and recommendations.

IRB Determination of Serious or Continuing Noncompliance

If the IRB determines that the incident constitutes serious or continuing noncompliance or both, the IRB may:

  • require remediation or educational measures for the research team;
  • require monitoring research activities by appropriate persons;
  • require monitoring the informed consent process by appropriate persons;
  • require the PI to notify or provide additional information to past or current research participants;
  • require the PI to re-consent participants;
  • require amendments to the research plan, including the consent process;
  • require the PI to report to the IRB more frequently for this or all of their studies;
  • reduce the approval period (i.e., require more frequent continuing reviews);
  • require periodic audits by the RCO;
  • restrict the PI’s research practice (e.g., limiting their research privileges to minimal risk or supervised projects);
  • suspend IRB approval for one or more of the PI’s studies; or
  • terminate IRB approval for one or more of the PI’s studies.

If the IRB determines that an allegation constitutes serious or continuing noncompliance and may violate other University policies, the appropriate authority will be notified of the IRB’s findings for possible further review and resolution by those bodies.

PI Notification of IRB Determination and Confirmation of Completion of IRB Required Actions

The PI will be notified in writing of the IRB’s determination and required actions.

Within 30 days of the IRB notification, the investigator must submit written confirmation that all actions required by the IRB have been implemented.

The RCO will review the notification of implementation from the PI to confirm the required actions have been implemented. If warranted, they may contact the PI for additional information. The RCO will acknowledge receipt of the PI’s confirmation of implementation.

Prohibition of Retaliation for Reporting Noncompliance to Research Integrity & Security or the IRB

Care is taken to maintain the confidentiality of the person making the report and the details of the situation or incident. Upon the complainant’s request, their anonymity will be preserved to the extent possible.

Retaliation against an individual for having made in good faith an allegation of noncompliance with human research regulations or policy is a violation of University policy and an offense subject to University disciplinary procedures.

Concerns about possible retaliation or harassment must be immediately reported to Research Integrity & Security, the IRB Chair, or the Vice President for Research and Innovation (VPRI).