◆ Cybercriminals are “sending malicious phishing emails that appear to be from trusted federal agencies,” such as HHS, in order to “steal sensitive data,” warned Michael Lauer, NIH deputy director for extramural research. “Other phishing emails have contained a link to a malicious website that was designed to look like a live map of COVID-19 cases from Johns Hopkins University.” Writing April 8 in his Open Mike blog, Lauer urged everyone to “remain vigilant and be ready to report if we see anything suspicious, and continu[e] to keep our work, data, and professional and personal lives safer and more productive.” Lauer pointed out that threats are increasing now that more work is being done from home and access to NIH and research institutions is occurring with “internet tools more and more, challenging the safety and security of these electronic systems likely to a degree not seen before.” (4/16/20)
◆ The HHS Office for Human Research Protections (OHRP) recently concluded a four-year investigation into research at Bloomsburg University of Pennsylvania, concluding that seven studies involving the same investigator were incorrectly designated as exempt, and thus conducted without the required approval of an institutional review board. But, according to a recently posted determination letter dated March 4, OHRP took no action against Bloomsburg, which acknowledged its error in handling the studies, one of which involved children. OHRP first exchanged correspondence with Bloomsburg beginning in August 2016, and continuing into 2019, about the seven studies to which Bloomsburg incorrectly applied exemption category 2, which pertains to the “use of educational tests (cognitive, diagnostic, aptitude, achievement), survey procedures, interview procedures or observation of public behavior.” (4/16/20)