Quality Assurance (QA)

Not for Cause Audit – A routine evaluation of the study's overall compliance not brought on by a specific reason.

For Cause Audit – When QA is alerted and asked to evaluate a study’s compliance for a specific reason. Example: Concerns or incidents may trigger an event to be reported to QA or IRB and may lead QA to conduct an audit of research activities.

Investigator requested evaluations – When the investigator requests an evaluation to assess compliance with study processes, documentation practices, workflows and to identify areas for performance improvement. These evaluations, initiated by the study team, are collaborative and designed to strengthen research compliance and study operations.

Disclaimer: Every audit is unique and these lists are not meant to be all inclusive.

Typically our audits are routine or not for cause. Selection for audit does not necessarily indicate concerns regarding the study's conduct. Audits are performed as part of the departments QA program to assess overall compliance. However, situations may arise that alert the ORP/QA team to audit a specific incident or study.

Notification process for audits

Study teams will receive an email notification from the Office of Research Protections (ORP) team with dates and times to choose from for the audit.

Examples of what an audit may entail:

• Interviews with study team
• On site visit (clinical department, pharmacy, laboratory)
• Review of study records and data (paper and electronic)

Examples of what may be reviewed:

• Correspondence between the study team and the sponsor
• Consent forms
• Protocol
• Enrollment documents and workflow
• Subject records
• EPIC
• Reports in general and monitoring reports
• Logs (education, DOA, pharmacy/device records)

When QA audits are conducted, there is an opportunity to find various types of non-compliance within the study operations. It is crucial to identify these instances of non-compliance and correct them effectively.

Non-compliance

The failure to comply with federal, state or local laws or regulations or Main Line Health IRB policies, procedures or requirements. This may include non-compliance with sponsor’s protocol and written instructions, terms of Clinical Trial Agreement and or HIPAA and privacy.

Serious non-compliance

Non-compliance that increases risks to subjects, adversely affects the rights and welfare of subjects or adversely affects the scientific integrity of the study.

Continuing non-compliance

An on-going pattern of non-compliance.

Continuing non-compliance may be due to unwillingness to comply with or lack of knowledge of either:

• Federal, state or local laws or regulations
• Main Line Health IRB policies, procedures or requirements

How to address if a non-compliance is found

If any instance of non-compliance is found at the completion of your QA audit or is identified by other means, there are steps you can take to rectify the non-compliance. 

Some of these steps include:

• Identify the problem and the cause – To ensure that the problem is completely addressed, you must identify the underlying reason or reasons why a problem occurred. Root Cause Analysis (RCA) is a structured process that can be utilized to find the main cause of a problem. The Five Whys method is a helpful RCA tool.
• Develop and implement a CAPA – A Corrective and Preventative Action plan (CAPA) addresses deviations or non-compliance that have already occurred and puts measures in place to prevent them from happening again in the future.
• Monitor and track progress – Once a CAPA is created, it is imperative to continuously check its effectiveness and ensure the initial problem was addressed and corrected.

There are many different findings that can result from QA audit, however, the most common are:

• Documentation gaps – Examples: missing signatures, use of incorrect forms or filling out forms incompletely.
• Informed consent issues – Examples: delays in obtaining consent, missing signatures or unauthorized personnel obtaining consent.
• Adverse event reporting – Examples: delayed or incomplete reporting of adverse events (AEs) or serious adverse events (SAEs) to required parties.