/ IRB Help Sheet
Repository Protocol Checklist
- Purpose Statement
- Collection Information
Describe the data/specimens to be included.
Indicate the sources of data/specimens.
Describe the process of acquiring data/specimens, including methods of collecting specimens, if applicable.
Submittal requirements – Describe conditions under which data/specimens may be accepted, including the requirement for a signed Submittal Agreement, if applicable.
Describe the plan for certifying documentation of local IRB approval to the OHSU IRB for each site contributing data/specimens to the OHSU database/repository. Indicate that a copy of the approval letter from the contributor should be included in the submission to the repository.
Consent and authorization (C/A)
Describe how C/A has been or will be obtained from subjects, or why a waiver of C/A is justified.
Describe the process for documenting whether the person from whom the data/specimens were obtained signed a legally effective consent and authorization (C/A).
If applicable, state that any IRB approved consent forms for the collection of the material being submitted to the repository should be included with data/specimen submissions.
Data transfer security – Describe methods to ensure security and confidentiality during the collection of data and specimens.
- Maintenance Information
Security and Confidentiality – Describe how and where data/specimens will be stored. Include:
Location and housing of data/specimens.
Coding – A method to code the data/specimens, including a process to protect/maintain the key to the code and limit access to the key. The coding system must be adequate to reduce the possibility of unauthorized re-identification.
Control of access to the data/specimens – access to the un-coded data/specimens must be restricted to a limited number of repository staff. Accountability for controlling and monitoring access must be provided.
Describe who will have access to the data/specimens.
Describe the requirements for access.
Security procedures – a method to prevent unauthorized access to the coded data/specimens (including computer security and specimen storage security measures) must be provided.
Description of how the privacy of subjects and the confidentiality of data will be protected, including if a Certificate of Confidentiality (CoC) will be obtained. A CoC is required for sensitive information.
Indicate who is designated as the Guardian.
Describe details of the Guardian’s responsibilities, including:
Ensuring that data/specimens are received and released according to OHSU policy and the IRB approved repository protocol.
Executing a repository sharing agreement each time data or specimens are released for research purposes.
Ensuring the security and confidentiality of stored data and specimens.
Ensuring the security and confidentiality of data and specimens during transfer.
Tracking acquisitions and releases of data and specimens.
Maintaining methods for identifying data/samples for which consent has been withdrawn and ensuring no future use.
Identifying data/samples that have limitations on future uses and ensuring that future uses are not contrary to those limits.
Certifying genetic opt out status with OHSU officials, if applicable.
- Methods for Tissue and Sample Storage & Handling (If applicable)
- Release Information
Describe the mechanisms for release of data/specimens. Include a complete description of the process and requirements for requesting and releasing data/specimens.
State that separate IRB approval/determination will be required for each specific human subject research activity that uses identifiable data/specimens from the repository.
Describe methods for securing and tracking signed Repository Sharing Agreements from recipient investigators, if applicable.
Describe methods for verifying that releases of data/specimens are not contrary to any previously imposed limits, via law, previous consent, genetic opt-out, or other applicable limits.
Verify that material transfer agreements will be used when necessary for the transfer of biological materials.
Data transfer security – Describe methods to ensure security and confidentiality during the release of data and specimens.