Research compliance reflections: Emerging from the pandemic

By Emmelyn Kim, MA, MPH, MJ, CHRC, and Hamangi Patel, LMSW, CCRP, RQAP-GCP, CHRC

Emmelyn Kim (ekim@northwell.edu) is AVP, Research Compliance & Privacy Officer, and Hamangi Patel (hpatel17@northwell.edu) is Director, Research Compliance, at The Feinstein Institutes for Medical Research, Northwell Health, Lake Success, NY.

The COVID-19 pandemic was a game changer not only for the healthcare field, but also for clinical research. This especially holds true for professionals working in research compliance. The surge and panic that accompanied the initial peak of the pandemic that emerged in New York has subsided; however, it still strangely feels like it was yesterday. As we emerge from the pandemic with greater availability of vaccines, we’ve taken the time to reflect on what we’ve learned. We also realize that certain practices will stay behind forever while others will continue into the new normal. This includes risks inherent in the new environment, but also opportunities for growth. This article highlights reflections from the perspective of research compliance professionals that include best practices and practical planning considerations for research organizations that are emerging from the pandemic.

This document is only available to members. Please log in or become a member.
Become a Member Login

Research at our organization prior to the pandemic, and similarly at most organizations, was largely conducted on-site using paper-based or a hybrid of paper- and electronic-based systems for documentation. The instant shutdown of the country at the onset of the pandemic and site safety protocols required administrative and compliance staff to work remotely while trying to support clinical research teams on-site. The pandemic and rapid increase in research studies created an unprecedented need for digital transformation overnight. Healthcare organizations raced to gather real-world data for research studies—a challenge researchers historically faced—to share with industry or collaborating organizations to identify appropriate treatments. Reprioritization of resources to handle the influx of COVID-19 patients coming into the hospital meant that certain research activities needed to be paused while others were quickly implemented. The rapid shift required compliance staff to adapt and adjust operations to reflect on-the-ground realities. This included reprioritizing audits and reviews to COVID-19–related activities and ensuring appropriate timing and careful coordination with research teams.

Best practices implemented

  • Regularly evaluated FDA COVID-19–related guidance documents, privacy and security rules, federal funding agency policies (including any flexibilities that were allowed), and institutional policies to create workable and compliant solutions.

  • Collaborated with research support service offices within our organization. For example, worked with the Human Research Protection Program, Office of Clinical Research (overseeing operations), Legal Affairs, and Research Information Systems group to create guidance, templates, and tools for clinical researchers on how to document and obtain consent from research participants for COVID-19 trials using technology due to quarantine and isolation procedures.

  • Evaluated organization-approved electronic applications that could be leveraged to maintain workflow, communication, and collaboration during such a critical time.

Fortunately, our department had been piloting an electronic collaboration and project management platform prior to the pandemic, which became more widely deployed throughout the organization during the peak period. Eventually other functionalities and video capabilities were incorporated. The use of this multifunctional platform allowed on-site and remote research staff to share documents, chat in real time, and video chat with parties when needed to ensure clinical staff were supported during such a difficult time. Key clinical trials were also being implemented across various locations throughout our organization, which required multidisciplinary teams to communicate, collaborate, and share data with staff who were both on-site and remote. This new environment increased risk in many ways, and the use of technology became critical in closing those gaps. The platform facilitated continuation of source data verification by external sponsor monitors for clinical trials as well as audits and investigations by our compliance team to be conducted in real time.

It became evident that a portion of our research compliance work plan needed to better incorporate areas using technology to test controls and spot-check areas that had become more vulnerable by remote work. However, the modified work plan required coordination, flexibility, and input from the compliance team, research teams, and research support services. The necessary change in processes around obtaining consent and collecting and sharing of data, all while reminding researchers about the importance of maintaining a culture of compliance, was a collaborative effort that needed to be messaged out by all parties. Our compliance team maintained open lines of communication by keeping in touch with research site contacts via email, chat, and virtual meetings, all while trying to maintain employee wellness—a very challenging balancing act.

The importance of creating a connected and supportive environment for remote compliance teams

Employee wellness is a vital area that compliance teams should continue to pay attention to. The compliance help line calls increased during the pandemic, and the change in environment made it challenging to perform investigations and audits, creating a more stressful workload for compliance teams. Individually, people have gone through a lot the past year and a half, and those working remotely found themselves simultaneously working and taking care of family members. The installation of home offices can easily erode the boundary between work and home life, with emails being sent around the clock on nights and weekends, and work hours increasing without the need to commute. Communication with team members about what was happening in their communities, families, and support systems was just as important. This included being aware of and acknowledging not only health-related, but social and racial justice issues that affected some employees more than others. It was important to be an ally when needed and ensure that team members were taking the time they needed and were aware of available resources to turn to for assistance.

Best practices implemented

  • Recognized and discussed as a department the vulnerabilities of the changing environment for our compliance team and the importance of creating and sustaining a connected and supportive environment.

  • Along with the scheduled meetings and touch-base calls, we used technology not only to stay on top of our workload but to promote wellness programs offered by our organization, maintain our human experiences like celebrations of team member birthdays/milestones, and engaging in virtual team-building exercises.

  • We celebrated our wins and engaged in thoughtful reflections on how to improve. Just as importantly, we had to ensure that people were taking time off and decompressing, and we also made sure to communicate and maintain a flexible approach to work–life balance even as we emerged from the pandemic.

Assessing future privacy and security risks in research and innovation

As the medical research community moves forward in this new environment, we are going to continue to see more activity in research and innovation. Research will continue to be focused on new treatments and vaccines as well as long-term studies on the effects of COVID-19 disease and vaccines. Analysis of larger and more global datasets will be required to fully evaluate the effects of the pandemic and prepare for potential similar situations. Continued use and expansion of technology in research, including interconnected devices, wearables, and research participant–generated data through mobile devices and apps, will present new risks and opportunities. As technology and computing capabilities advance, we will see more communication and collaboration platforms and data management systems emerge as well. This will lead to development of intellectual property and balance of the need to protect such assets while enabling open collaboration. At the same time, organizations will need to continue to address integrity, security, and protections of healthcare and research data and systems due to increased risk of cybersecurity attacks.[4] All of these technological advances will bring greater complexity and a different set of privacy and security concerns than we’re accustomed to.

Best practice

Compliance professionals will need to work more closely with IT security and innovation teams to regularly assess, reprioritize, and pivot to better monitor risks in the future.

Opportunities for growth in research compliance after the pandemic

In summary, the pandemic has changed the landscape for compliance teams, particularly those working in the research environment at healthcare organizations. We will have more of our workforce operating in a remote environment, with increased use of remote communications and technologies with research participants, and more activities and collaborations that cross state and international borders.

Expanding the following compliance areas should be considered:

  • Privacy and security programs,

  • Export controls and sanctions screenings,

  • Ethics and integrity, and

  • Other global compliance and engagement areas.

Conclusion

Establishing good relationships with IT security and other key stakeholders can help organizations mitigate risks and implement better controls. Expanding the remote workforce can also allow entry for individuals with unique skillsets. The new hybrid work environment will limit the “water cooler” in-person conversations, and so we are going to have to get creative by setting up open office hours, chat sessions, and virtual drop-in meetings in order to maintain those connections over time. The increase in virtual training sessions and conferences also allows easy access to continued education and certification opportunities for professionals. The pandemic has really pushed us into a different playing field, and while we may lament the ways of the pre-COVID-19 era, we realize that it has shaped us into more agile and sophisticated compliance professionals.

Takeaways

  • COVID-19 has created a more complex regulatory environment for healthcare research organizations.

  • Incorporate technology and the remote work environment into your compliance work plans.

  • Create a connected and supportive environment for remote compliance teams.

  • Assess future privacy and security risks in research and innovation.

  • Consider the opportunities for growth in post-pandemic research compliance.

 


Would you like to read this entire article?

If you already subscribe to this publication, just log in. If not, let us send you an email with a link that will allow you to read the entire article for free. Just complete the following form.

* required field

First name field cannot be blank!
Last name field cannot be blank!
We will send you an email that will give you access to this entire article.
Email field cannot be blank!
Enter a valid email!
Company field cannot be blank!
Enter a valid company!
Title field cannot be blank!

We're committed to your privacy. The Society of Corporate Compliance and Ethics (SCCE) & Health Care Compliance Association (HCCA) uses the information you provide us to contact you about our relevant content, products, and services. For more information, check out our Privacy Policy.


About SCCE

The Society of Corporate Compliance and Ethics (SCCE) is a non-profit, member-based professional association. SCCE supports our members' work with education, news, and discussion forums. We are a community of leaders, defining and shaping the corporate compliance environment across a wide range of industries and geographic regions. In developing and maintaining effective ethics and compliance programs, our members strengthen and protect their companies.

952.933.4977

About HCCA

The Health Care Compliance Association (HCCA), is a 501(c)6 non-profit, member-based professional association. HCCA was established in 1996 and is headquartered in Minneapolis, MN. We provide training, certification, and other resources to over 10,000 members. Our members include compliance officers and staff from a wide range of organizations, including hospitals, research facilities, clinics and technology service providers.

952.988.0141

Facebook X LinkedIn
Copyright © 2024 by Society of Corporate Compliance and Ethics (SCCE) & Health Care Compliance Association (HCCA). No claim to original US Government works. All rights reserved. All information provided through this site, including without limitation all information such as the “look and feel” of the site, data files, graphics, text, photographs, drawings, logos, images, sounds, music, video or audio files on this site, is owned and/or licensed by SCCE & HCCA or its suppliers and is subject to United States and international copyright, trademark and other intellectual property laws. Any third party logos and/or content provided herein is owned by such third parties and is used by permission herein. Your use of this site to is subject to our Terms Of Use and Privacy Statement.
Cookie settings