Sponsor Monitors, Non-Yale Employees
Per federal regulations and ICH Good Clinical Practice, Sponsors are required to monitor clinical trials to verify that the rights and well-being of human subjects are protected; the reported trial data are accurate, complete, and verifiable from source documents and that the conduct of the trial is in compliance with the currently approved protocol/amendment(s), with GCP, and with the applicable regulatory requirement(s). Monitoring may occur via scheduled on-site visits, when permissible by Yale University and Yale New Haven Hospital, or via the below remote options.
1. For monitor direct access to medical records:
Sponsor monitors are allowed to access the Yale enterprise-wide Electronic Health Record (EHR) for source data verification, both on-site and remotely. Sponsor Site Access and Monitor Research Confidentiality and Responsibility Agreements are required.
Click here to learn how to request monitor EpicCare access. NetID required.
2. For sharing source documents remotely to monitors, including PHI:
Share via Secure File Transfer
Filelocker allows you to share files with other people both inside and outside of Yale University. It is a temporary and secure storage system for sharing files and data. The link and password must be sent separately.
Screen Share via Zoom
The secure version of Zoom provided by Yale School of Medicine should be used when using this option for remote monitoring. If PHI is required to be shared, there should be assurance that the data will not be maintained by the sponsor. This could be via a written agreement signed by the monitor indicating they will review and securely delete after a certain number of days.
3. For sharing source documents remotely to monitors, with PHI redacted:
Share via Box
Box is a cloud-based file sharing and storage service. If Box, either Yale’s or a sponsor’s version, is to be used than PHI must be redacted of all identifiers (including dates).
Yale generally does not support the use of Sponsor Third Party Systems as there is no way to confirm the level of security.