For Researchers

The Network of IRBs across the DOE Complex

Within DOE there are 2 central IRBs and a number of site-specific IRBs.  Additional information about the IRBs in the DOE complex can be found on the Institutional Review Boards page. 

Which IRB will reviews your study depends on

  • the funding source and
  • how many sites are participating in the study.

What training is required is also determined by what IRB reviews your study.

The CDOEIRB-Classified reviews all studies that are funded through the Strategic Intelligence Partnership Program (SIPP). 

If your DOE site does not have an IRB or cannot review your study, submit your study to the CDOEIRB or the CDOEIRB-C.

If your DOE site has an IRB, and your study is being conducted at

  • only your DOE site, it will be reviewed by your DOE site IRB.
  • multiple sites and all are DOE sites, it will be reviewed by one of the CDOEIRBs
  • multiple sites but not all are DOE sites, a new Reliance Agreement must be put in place.  That agreement will specify which IRB reviews the study.

Table of Contents

Overview of the IRB Process

What follows is specific to the operations of the CDOEIRBs.  However, it is generally applicable across the DOE complex for all site IRBs.  For information specific to each DOE site, contact the site IRB Administrator.
Overview of the IRB Process

IRB Review Process– 5 Basic Steps 

5 Basic Steps

Step 1:  Is it human subjects research?

Under the federal regulations, a study is considered “human subjects research” if the answer to both of the following questions is “yes.” IRB approval is required before any research activity can begin.  Only the IRB/IRB office can make the determination about whether a study that involves interaction with individuals or use of human data or biospecimens involves human subjects research.  IRB approval is not retroactive.

In addition, DOE has additional conditions that may result in a study being determined to be human subjects research. 

      • Projects that DOE “manages as human subjects research” as specified in DOE Order 443.1C:
        • Former Worker Medical Screening Program projects
        • Human terrain mapping studies
      • Other projects that always require IRB determination:
        • Modification of the human environment
          • Studies that test devices in buildings/homes in which humans will be present
          • Air flow studies that include the use of tracer materials
        • Studies in which individuals are asked to test devices, products, or materials developed through research
        • Studies that use social media data or publicly available data
        • Survey research
        • Studies that ask individuals their opinions about devices, products, or materials
        • Studies using de-identified or anonymized data

Is it research?

Research:  A systematic investigation, including research development, testing and evaluation, designed to develop or contribute to generalizable knowledge.
Generalizable:  Information/research findings that are intended to be applied to populations or situations beyond that studied/will have meaning and impact outside of the single immediate activity itself.

<h3">Is it human subjects? </h3">

A human subject is a living individual about whom an investigator (whether professional or student) conducting research:
(1) Obtains information or biospecimens through intervention or interaction with the individual, and uses, studies, or analyzes the information or biospecimens; or
(2) Obtains, uses, studies, analyzes, or generates identifiable private information or identifiable biospecimens.
Intervention includes both physical procedures by which data are gathered (for example, venipuncture) and manipulations of the subject or the subject’s environment that are performed for research purposes.

Interaction includes communication or interpersonal contact between investigator and subject.

Private information includes information about behavior that occurs in a context in which an individual can reasonably expect that no observation or recording is taking place, and information that has been provided for specific purposes by an individual and that the individual can reasonably expect will not be made public (for example, a medical record).

Identifiable private information is private information for which the identity of the subject is or may readily be ascertained by the investigator or associated with the information.

An identifiable biospecimen is a biospecimen for which the identity of the subject is or may readily be ascertained by the investigator or associated with the biospecimen.

Next Step: 
Continue to Step 2 for details on training and how to get started
Step 2

Step 2:  Before you submit

If this study is conducted at a single DOE site, consult with the IRB Administrator concerning required training.

If the study will be reviewed by a CDOEIRB, the training requirements are the following:

      • All study staff who will be engaged in the research and will interact with research participants or their PII must complete HRP-422 and CITI training.
      • The required staff-specific CITI training can be found at <link the CITI specific to CDOEIRB>.
      • All training must be completed before your study will be reviewed by the IRB.

If your study is funded by a non-DOE organization/agency, ensure that you comply with the requirements of sponsoring organizations/agencies, which may be in addition to those that are required by the Federal Regulations and DOE. You must comply with the most stringent requirements. Consult with the IRB if you need clarification.
Next Step: 
Continue to Step 3 for information about documents needed to complete the IRB submission 

 

Step 3

Step 3:  How to submit

The CDOEIRBs and DOE-site IRBs use a web-based application system through which researchers submit studies using human subjects for review to the IRB.   If you are uncertain about the use of this web-based system at your site, contact your IRB Administrator.

You can access the DOE-provided web-based system, contacting your IRB Administrator, who willset up an account.

If you are already a user, it is advisable to reach out to the IRB Administrator to let them know of a new study submission or with any questions that you may have.

Your study has not been submitted to the IRB until you CLICK ON THE SUBMIT BUTTON in the web-based system.  You must be the PI or Proxy PI to submit the study in the system.

Components of a submission

What follows is specific to the web-based application system that DOE provides for use by DOE sites and the CDOEIRBs.

The documents that are needed for the IRB to review vary depending on the type of study that you are doing.  Within the website, the study protocols and informed consent templates are listed in the Library under Templates.  Always check to make sure you are using the current version of the template since these change over time.  If you have any questions about which template to use, contact your IRB Administrator before proceeding.  If you fill out the wrong template or an old version of the template, it will be returned to you to complete the correct one.   The following documents must be uploaded with your submission as applicable.

  • Study protocol—This is the primary document of the submission.  The appropriate template to complete depends on the type of study you are doing.  Carefully review the templates in the library of the website to select the appropriate template for your study. 
  • Informed consent—Unless your study is exempt HSR, this is required.  It may be required for certain types of exempt HSR.  There is a consent template in the library of the website.
  • Recruitment materials—when study participants will be recruited, all recruitment materials (ads, handouts, scripts, etc.) must be reviewed.
  • Statement of work or grant if one is available.  
  • Other supporting documents—These are data collection instruments used in the study.  These include screening documents, interview questions, questionnaires, surveys, audio/visual/written materials shown to the participants.  There may be additional instruments depending on the study.

Personally Identifiable Information (PII) or Protected Health Information (PHI)

If you are collecting PII or PHI, you must address the following in the study protocol

  • Methods for maintaining confidentiality of PII/PHI;
  • Procedures for release of PII/PHI, where required;
  • Documentation that the PII/PHI will be used for the program under review;
  • Handling and marking documents containing PII as “containing PII/PHI;
  • Establishing reasonable administrative, technical, and physical safeguards to prevent unauthorized use or disclosure of PII/PHI;
  • Making no further use or disclosure of the PII/PHI except when approved by the responsible IRB(s) and DOE, where applicable, and then only under the following circumstances: (a) in an emergency affecting the health or safety of any individual; (b) for use in another research project under these same conditions and with DOE written authorization; (c) for disclosure to a person authorized by the DOE program office for the purpose of an audit related to the project; (d) when required by law; or (e) with the consent of the participant;
  • Protecting PII/PHI data stored on removable media (CD, DVD, USB Flash Drives, etc.), using encryption products that are Federal Information Processing Standards (FIPS) 140-2 certified;
  • Using passwords to protect PII/PHI used in conjunction with FIPS 140-3 certified encryption that meet the current DOE password requirements cited in DOE Order 205.1C, DOE Cyber Security Program, and DOE Order 206.1, DOE Privacy Program (or current versions of these documents); ;
  • Sending removable media containing PII/PHI, as required, by express overnight service with signature and tracking capability, and shipping hard copy documents double-wrapped;
  • Encrypting data files containing PII/PHI that are being sent by e-mail with FIPS 140-3 certified encryption products;
  • Sending passwords that are used to encrypt data files containing PII/PHI separately from the encrypted data file, i.e., separate e-mail, telephone call, separate letter;
  • Using FIPS 140-3 certified encryption methods for websites established for the submission of information that includes PII;
  • Using two-factor authentication for logon access control for remote access to systems and databases that contain PII/PHI. (Two-factor authentication is contained in the National Institute of Standards and Technology (NIST) Special Publication 800-63 Version 1.0.2 (PDF)); and
  • Reporting the loss or suspected loss of PII/PHI immediately upon discovery to: 1) the DOE funding office Program Manager; and 2) the applicable IRBs (as designated by the DOE Program Manager). If the DOE Program Manager is unreachable, immediately notify the DOE Integrated Joint Cybersecurity Coordination Center (iJC3) (1-866-941-2472). Refer to the Protection of PII section for additional information.

Next Step:
Continue to Step 4 to learn about the review process

Step 4

Step 4:  After you submit

Throughout this step, timely interaction between the IRB and the researcher will decrease the time between submission and approval of the study.

There are 3 levels of IRB review.  Determination of the level depends on the risk of the study.  Minimal risk studies can be reviewed under the exempt and expedited process if the research fits into one of the categories for that level of review.  If the research is greater than minimal risk, the study must be reviewed by the IRB at a convened meeting (i.e., full board review).  The federal regulations define minimal risk as “the probability and magnitude of harm or discomfort are no greater than those ordinarily encountered in daily life or during the performance of routine physical or psychological examinations or tests.”

IRB pre-review of submission

The IRB Administrator does an initial review of the study to make sure that all required documents are included in the submission and all training for study staff is up to date, that required components within each document are complete, to identify any questions or concerns to the PI.  The level of review is determined.

Clarification requests: 

The IRB Administrator or IRB may request clarifications or revisions during the pre-review.  These are official communications from the IRB and should be completed in a timely manner.

IRB review and determination

                What the IRB will look at/consider:

  • General IRB Considerations:
  • The nature and purpose of the research;
  • Risks and benefits to the subjects, including physical, psychological, sociological, economic, and legal risks and whether the risks are minimized and reasonable in relation to anticipated benefits, if any;
  • The subject population and whether selection of subjects is equitable and just;
  • Whether additional safeguards have been included when subjects are considered vulnerable, such as children, prisoners, pregnant women, mentally or physically disabled or economically or educationally disadvantaged persons, or DOE employees.
  • The process of informed consent and method of documentation.
  • Data collection, processing and storage, including methods employed to ensure the safety, privacy and confidentiality of that data.
  • Whether additional IRB review and/or oversight is required on more than an annual basis.
    • Other DOE-, Sponsor, and PI’s Organization-Specific Requirements

DOE O 443.1C
Some sponsors have specific requirements.  Consult the IRB Administrator regarding which requirements apply.
Next Step: 
Continue to Step 5 for required activities after IRB approval.

 Step 5

Step 5:  After approval

IRB Brochure

For studies reviewed by the CDOEIRBs, a copy of HRP-104-GENERAL-Brochure-Should I participate in a Research Study? must be provided to each potential study participant prior to the informed consent process.

Immediately reportable to the IRB

Report any participant concern/complaint, adverse event, problem (anticipated or unanticipated), non-compliance or other new development to the IRB right away. In the case of loss of personally identifiable information, report to the IRB and immediately notify the DOE Integrated Joint Cybersecurity Coordination Center (iJC3) (1-866-941-2472) and other authorities.
The IRB may determine that a Reportable New Information submission (RNI) is required.  An RNI includes, but is not limited to

  • Information that indicates a new or increased risk to subjects or others
  • A subject or others experiencing unexpected harm probably related to study procedures
  • Non-compliance or allegations of non-compliance with federal regulations governing human research or with the IRB-approved study protocol or determinations of the IRB including a missed continuing review date
  • A failure to follow the approved study protocol
  • A breach in confidentiality
  • A change in study procedures to eliminate an immediate hazard
  • Complaint from a participant

Modifications

Any planned changes must be reviewed by the IRB.  These include the approved study protocol, recruitment materials, consent process and documents, data collection instruments and research staff.  Note that minor changes which do not increase the risk to participants can be dealt with through expedited review even when the study was approved by a convened Board meeting.  The study team cannot implement changes until approved by the IRB.  The CDOEIRBs will not review the modification until all research staff are up to date on DOE-specific and CITI training.

Closing a study

When a study is completed, a closure report must be submitted for all studies reviewed by the CDOEIRB. Any new submission for any other studies will not be considered for review until the closure report is submitted.

Human Subjects Research Database

DOE has a public-facing website that provides information about all HSR that is funded or conducted by DOE or its sites.  If a DOE IRB is used, the information for this website is automatically provided each fiscal year.  Additional information about this database can be found at:  https://science.osti.gov/HumanSubjects/Human-Subjects-Database/home

If a non-DOE IRB is used, then information must be separately provided at the end of the fiscal year (September 30).