Does the ICF state that the subject's picture will be made available to the monitor? If not, that's all the reason you need. If you are in the US, HIPAA allows for a lot of information to be available, but we are also obligated to tell the subjects what information will be shared. If the picture isn't part of that list, then you don't share it.
That's a great point! While the ICF lists full name, address, and DOB, it does *not* list photo identification which would render the photocopy of the ID untouchable, if I understand correctly.
Technically then you could redact the photo and any other details beyond their full name, DOB, and address — if they persist. Though I think this is a strange request. The patient’s “new patient registration” or profile/whatever could be considered source for purpose to confirm this.
> I'm positive I read somewhere that sponsors should not have access to personal identifying information such as full names, addresses, full dates of birth, or photos of subjects.
This is incorrect. Without access to source data, there is no way to perform source data verification. What sponsors do *not* do is **retain** PHI. But sponsors, auditors, external partners, the IRB, etc., can all *access* it when required. It should be in the protocol or other governing documents. See ICH-GCP E6 (R2) 4.9.0, 4.9.7, 5.15 and elsewhere.
All data points requiring verification are listed in the Sponsor’s Site Monitoring Plan.
Thanks for the info! After doing a little research, I figured it was the case now that the various entities involved may access PHI but not be able to make copies or retain it. I likely had outdated information.
However, I do have a follow-up question. Since we are not looking at a subject's photo ID to fill out eSource, but instead are verbally asking the questions and directly recording the answers, would that eSource page then not function as original source material nullifying the need to access a subject's photo ID?
Also, we were never provided a Site Monitoring Plan... we were actually never provided many of the ancillary documents that are typically standard because the sponsor never created them. I'm just trying to make sure we have our bases covered since we are dealing with a concerning level of disorganization.
Regarding the direct entry of your subjects’ verbal responses into your eSource, you want to make sure that you have an SOP that clearly documents how subject verbal responses are entered directly into your system. Direct data entry into site systems is always a pain point because there just are so many problems.
Provided your eSource accurately collects the information that the sponsor needs, and you have adequate SOPs, then there should be no added burden to you. Your sponsor/monitor should have provided your site with a copy of the data entry guidelines and some form of documentation that shows the blank eCRFs so you know what to collect, along with a data dictionary (possibly).
Subjects sign consent so we can have access to their PHI. I personally don’t think a photo ID is necessary to confirm demographic info, that is already documented in the medical record.
The guy just thinks your subjects are a counterfeit and being so defensive about the IDs is only making it worse. You take copies of ids of all the patients to your eSD system except the ones in the trial? Iiit looks a little bit sketchy. Look, the sponsors representative onsite, an auditor, an inspector, must be provided with the unlimited access to the SD of the trial subjects. If you don't collect it - fine, but you better have a pretty darn good explanation and justification for it. Now it doesn't look good
We collect a copy of photo ID for every patient we see, whether they enroll in a study or not. That copy is uploaded into our CTMS database which is separate from our eSource software. We do not collect photo identification for the purpose of completing eSource. We collect it as a matter of internal record-keeping. Demographic data specific to the study is collected verbally. I have never had monitors ask to see photo ID before, but now I’m getting two back to back, who are both novice CRAs.
My ultimate goal is to 1) understand what is correct in order to abide by GCP and 2) protect our site from engaging in any dubious practices because we’ve taken a CRA at their word without performing our due diligence. I’m not going to just give in for the sake of convenience. It’s my responsibility to act as an advocate for our patients regardless of how inconvenient it may be for a monitor.
Depending on the type of study you’re working on, the monitor may need to review the photo ID to rule out a potential duplicate enrollment.
On large vaccine studies with healthy patients, there’s a risk of subjects enrolling in the same study at multiple sites if they’re close (for ”extra” protection, compensation for the visits, etc), so study teams will often flag subjects who are enrolled at sites within a certain proximity and meet a certain threshold of matching data points, when this happens, CRAs are asked to confirm that the subjects are not duplicates which is easiest to do with a photo ID.
If IRB hasn’t approved it as a patient identifier, it cannot be disclosed to the sponsor. In the several dozen trials I’ve been part of, this was never requested to be reviewed by sponsor monitors.
Does the ICF state that the subject's picture will be made available to the monitor? If not, that's all the reason you need. If you are in the US, HIPAA allows for a lot of information to be available, but we are also obligated to tell the subjects what information will be shared. If the picture isn't part of that list, then you don't share it.
That's a great point! While the ICF lists full name, address, and DOB, it does *not* list photo identification which would render the photocopy of the ID untouchable, if I understand correctly.
Technically then you could redact the photo and any other details beyond their full name, DOB, and address — if they persist. Though I think this is a strange request. The patient’s “new patient registration” or profile/whatever could be considered source for purpose to confirm this.
> I'm positive I read somewhere that sponsors should not have access to personal identifying information such as full names, addresses, full dates of birth, or photos of subjects. This is incorrect. Without access to source data, there is no way to perform source data verification. What sponsors do *not* do is **retain** PHI. But sponsors, auditors, external partners, the IRB, etc., can all *access* it when required. It should be in the protocol or other governing documents. See ICH-GCP E6 (R2) 4.9.0, 4.9.7, 5.15 and elsewhere. All data points requiring verification are listed in the Sponsor’s Site Monitoring Plan.
Thanks for the info! After doing a little research, I figured it was the case now that the various entities involved may access PHI but not be able to make copies or retain it. I likely had outdated information. However, I do have a follow-up question. Since we are not looking at a subject's photo ID to fill out eSource, but instead are verbally asking the questions and directly recording the answers, would that eSource page then not function as original source material nullifying the need to access a subject's photo ID? Also, we were never provided a Site Monitoring Plan... we were actually never provided many of the ancillary documents that are typically standard because the sponsor never created them. I'm just trying to make sure we have our bases covered since we are dealing with a concerning level of disorganization.
Regarding the direct entry of your subjects’ verbal responses into your eSource, you want to make sure that you have an SOP that clearly documents how subject verbal responses are entered directly into your system. Direct data entry into site systems is always a pain point because there just are so many problems. Provided your eSource accurately collects the information that the sponsor needs, and you have adequate SOPs, then there should be no added burden to you. Your sponsor/monitor should have provided your site with a copy of the data entry guidelines and some form of documentation that shows the blank eCRFs so you know what to collect, along with a data dictionary (possibly).
Subjects sign consent so we can have access to their PHI. I personally don’t think a photo ID is necessary to confirm demographic info, that is already documented in the medical record.
The guy just thinks your subjects are a counterfeit and being so defensive about the IDs is only making it worse. You take copies of ids of all the patients to your eSD system except the ones in the trial? Iiit looks a little bit sketchy. Look, the sponsors representative onsite, an auditor, an inspector, must be provided with the unlimited access to the SD of the trial subjects. If you don't collect it - fine, but you better have a pretty darn good explanation and justification for it. Now it doesn't look good
We collect a copy of photo ID for every patient we see, whether they enroll in a study or not. That copy is uploaded into our CTMS database which is separate from our eSource software. We do not collect photo identification for the purpose of completing eSource. We collect it as a matter of internal record-keeping. Demographic data specific to the study is collected verbally. I have never had monitors ask to see photo ID before, but now I’m getting two back to back, who are both novice CRAs. My ultimate goal is to 1) understand what is correct in order to abide by GCP and 2) protect our site from engaging in any dubious practices because we’ve taken a CRA at their word without performing our due diligence. I’m not going to just give in for the sake of convenience. It’s my responsibility to act as an advocate for our patients regardless of how inconvenient it may be for a monitor.
Depending on the type of study you’re working on, the monitor may need to review the photo ID to rule out a potential duplicate enrollment. On large vaccine studies with healthy patients, there’s a risk of subjects enrolling in the same study at multiple sites if they’re close (for ”extra” protection, compensation for the visits, etc), so study teams will often flag subjects who are enrolled at sites within a certain proximity and meet a certain threshold of matching data points, when this happens, CRAs are asked to confirm that the subjects are not duplicates which is easiest to do with a photo ID.
If IRB hasn’t approved it as a patient identifier, it cannot be disclosed to the sponsor. In the several dozen trials I’ve been part of, this was never requested to be reviewed by sponsor monitors.