DOE-Specific Requirements
Table of Contents
- Reporting Requirements
- Public Database
- Protection of Data used in Research Involving Human Subjects
- Projects Involving Modification of the Human Environment
- Protection of DOE and Contractor Employees as Vulnerable Research Subjects
- Human Terrain Mapping
DOE requirements are specified in DOE Order 443.1C, Protection of Human Research Subjects. The contractor requirements document, at the end of the Order and the Notice, will include specific requirements for researchers from DOE laboratories or other DOE M&O contractor organizations and their sub-contractors. For grantees and cooperative agreement holders, please refer to your DOE award and any special conditions, which should include the same requirements as those outlined in DOE Order 443.1C. .
a) Reporting Requirements
DOE requires that PIs report the following to the IRB and that the IRB report to the DOE and/or NNSA Human Subjects Protection Program Manager immediately:
(1) Upon a finding of a suspected or confirmed data breach involving Personally Identifiable Information (PII) in printed or electronic form, and the incident must be reported to the DOE-Cyber Incident Response Capability in accordance with the requirements of DOE O 206.1. The appropriate HSP Program Manager must also be notified of any corrective actions taken and consulted regarding the plan for any remaining corrective actions.
(2) Upon learning of a serious adverse event. The appropriate HSP Program Manager must also be informed of any corrective actions taken and consulted regarding the plan for any remaining corrective actions.
DOE requires that PIs with studies under the purview of the Central DOE IRBs report to the IRB immediately:
- Upon learning of any unanticipated problems, adverse events, incidents of noncompliance, and complaints about the research.
DOE requires that the IRB report to the DOE and/or NNSA Human Subjects Protection Program Manager, within 48 hours:
(1) Upon learning of unanticipated problems, significant adverse events, and complaints about the research, as well as suspension or termination of IRB approval of research. The appropriate HSP Program Manager must also be notified of any corrective actions taken and consulted regarding the path forward for any remaining corrective actions; and
(2) Upon learning of known or potential incidents of noncompliance with requirements of this Order, 10 CFR Part 745, or 45 CFR Part 46. The appropriate HSP Program Manager must also be notified of any corrective actions taken and consulted regarding the path forward for any remaining corrective actions
Each DOE and NNSA site should also immediately report the appointment of a new DOE or NNSA Site IRB Chair, Co-Chair, or IO.
b) Public Database
Information about all projects funded or conducted by DOE or its sites is posted on the DOE Human Subjects Research Database.
c) Protection of Data used in Research Involving Human Subjects
Research involving human subjects must also comply with Federal and DOE-specific requirements for protecting the personally identifiable information (PII) generated in such research. Methods for protecting such data must be specified in the application.
Requirements include: keeping PII confidential; releasing PII only under a procedure approved by the responsible IRB and DOE; using PII only for purposes of the IRB-approved project; handling and marking documents containing PII as “containing PII or containing Protected Health Information (PHI)”; establishing and documenting safeguards to prevent unauthorized use or disclosure of PII and PHI; protecting PII stored on removable media using encryption procedures that are compliant with Federal standards (FIPS-140-2 certified); sending removable media containing PII by express overnight service with signature and tracking capability; sending passwords to encrypted files separately from the files; and using 2-factor authentication for log-on access for remote systems.
Suspected loss of PII or PHI must be reported immediately to: 1) the DOE funding office Program Manager, or, if funded by an outside organization, the Program Manager at that organization; 2) the applicable DOE site or central IRB. If the DOE Program Manager and/or IRB is unreachable, the PI is responsible for immediately notifying the DOE Joint Cybersecurity Coordination Center (JC3) (1-866-941-2472).
d) Projects Involving Modification of the Human Environment
DOE Headquarters and outside organizations fund numerous studies at DOE laboratories that may include efforts such as: testing new energy-efficient devices in homes or offices and responding to surveys on such devices and personal energy use practices; studies of airflow in public places or individuals’ homes, using pefluorocarbon tracer gases; and other similar studies. For such projects, DOE asks that the reviewing DOE site or central IRB ensure that the following key questions are answered to their satisfaction, even for exempt HSR:
- Do individuals other than the research team need to be present for the research to occur?
- Have all the risks and discomforts been identified and considered and minimized, e.g., have chemicals/materials been evaluated for human health effects, all devices had appropriate safety testing, and other potential risks been identified in the population group(s) to be exposed?
- How will anyone who is involved in the study but not part of the research staff be informed of the research? Will consent forms be used? Are key elements of informed consent included or requirements for a waiver met?
- Is there a way for people to opt out if they wish without repercussions?
- How will the PI monitor the research?
- How and from what sources will data be collected?
The Central DOE IRBs use the checklist, HRP-421-CHECKLIST-Modification of the Human Environment.
e) Protection of DOE and Contractor Employees as Vulnerable Research Subjects
All personnel (employees, contractors, and students) are vulnerable to pressures to appear cooperative with regard to projects conducted by their managers and/or coworkers. Additionally, when the subject pool consists entirely of people who are or may be familiar with the study, the validity of the data may be in question.
The basic ethical principles that form the basis of U.S. Federal laws governing human subjects research are very clear on this topic: subject selection cannot be based solely on the subject’s ready availability or malleability.
Additionally, researchers are discouraged from conducting research on themselves, unless clearly justified and approved by the IRB and the researchers’ management. While researchers may be aware of the risks of self-experimentation, they may also be more willing to accept risks that are ill-advised. Application for review with the IRB allows a neutral third party to raise concerns and/or propose measures to promote the welfare of researchers.
View letter was sent by the DOE Institutional Official to all Laboratory Institutional Officials.
The Central DOE IRBs use the checklist, HRP-423-CHECKLIST-Protecting Employees Who Participate as Research Subjects.
f) Human Terrain Mapping
Read DOE O 443.1C and the contractor requirements document carefully and work with your IRB Manager/Administrator to assure all requirements are met. Human terrain mapping (HTM) is: research and data gathering activities primarily conducted for military or intelligence purposes to understand the “human terrain,”—the social, ethnographic, cultural, and political elements of the people among whom the U.S. Armed Forces are operating and/or in countries prone to political instability. This work includes observations, questionnaires, and interviews of groups of individuals, as well as modeling and analysis of collected data, and may become the basis for U.S. military actions in such locations. In addition to HTM, such activities are often referred to as human social culture behavior (HSCB) studies. It is DOE policy that HTM activities will be managed as HSR.
The Central DOE IRBs use the checklist, HRP-420-CHECKLIST-Human Terrain Mapping.