AUTHORITY: Implementing and authorized by the Illinois Health Statistics Act [410 ILCS 520].
SOURCE: Adopted and codified at 7 Ill. Reg. 11293, effective August 26, 1983; amended at 38 Ill. Reg. 19251, effective September 10, 2014.
SUBPART A: GENERAL PROVISIONS
Section 1005.10 Definitions
"Act" means the Illinois Health Statistics Act [410 ILCS 520].
"Aggregate Health Data" means a tabulation of one or more individual records or case reports that have been combined for statistical, descriptive or analytic purposes.
"Department" means the Illinois Department of Public Health.
(Section 2(a) of the Act)
"Director" means the Director of the Illinois Department of Public Health.
"Disclosure" means the communication of health data to an individual or organization outside the Department.
"Health Data", for the purposes of this Part, includes but is not limited to:
Data concerning the extent, nature and impact of illness and disability on the population of the State;
The determinants of health and health hazards;
Health resources, including the extent of available manpower and resources;
Utilization and quality of health care; and
Health care costs and financing.
"Health Facility" means an entity including, but not limited to, a hospital, long-term care facility or ambulatory surgical treatment center licensed by the State to provide health care.
"Health Facility Data" means the data element of a hospital, nursing home, or other health facility identification.
"Health Insurance Portability and Accountability Act" or "HIPAA" means the federal law (Public Law 104-191) that establishes standards for the privacy and security of health information and its associated regulations (45 CFR 160, 162 and 164).
"HIPAA
Covered Program" means a Department program identified by the
Department as a health care component in accordance with HIPAA.
"HIPAA Identifiers" means the 18 direct identifiers listed in the Privacy Rule:
Names;
All geographical subdivisions smaller than a State, including street address, city, county, precinct, zip code, and their equivalent geocodes, except for the initial three digits of a zip code, if, according to the current publicly available data from the Bureau of the Census:
the geographic unit formed by combining all zip codes with the same three initial digits contains more than 20,000 people; and
the initial three digits of a zip code for all such geographic units containing 20,000 or fewer people is changed to 000;
All elements of dates (except year) for dates directly
related to an individual, including birth date, admission date, discharge date,
date of death; and all ages over 89 and all elements of dates (including year)
indicative of age over 89, except that ages and elements may be aggregated into
a single category of age 90 or older;
Phone numbers;
Fax numbers;
Electronic mail addresses;
Social Security numbers;
Medical record numbers;
Health plan beneficiary numbers;
Account numbers;
Certificate/license numbers;
Vehicle identifiers and serial numbers, including license plate numbers;
Device identifiers and serial numbers;
Web Universal Resource Locators (URLs);
Internet Protocol (IP) address numbers;
Biometric identifiers, including finger- and voice-prints;
Full face photographic images and any comparable images; and
Any other unique identifying number, characteristic, or code (not including the unique code assigned by the investigator to code the data).
"Human Subject" means a living individual about whom a researcher obtains data through intervention or interaction with the individual or individual private information.
"Identifiable Health Facility" means any health facility that is specified by name or precise geographical location or other precise characteristics in the data sets or analyses.
"Indirect Identifiers" means elements in documents and records that increase the likelihood of identifying an individual, but do not involve direct identifiers. The indirect identifiers included in files or documents may vary based on whether the indirect identifier serves to increase the likelihood of identifying the individual and whether the privacy interests outweigh the public interest in releasing the indirect identifier.
"Individually Identifiable Health Data" means any health data that can be used to identify the individual supplying or described in the health data. Specifically included are data elements, alone or in combination with other elements in the health data, containing unique patient or individual provider identifiers. Any health data pertaining to fewer than six individual providers at any single identifiable health facility constitutes individually identifiable health data.
"Individually Identifiable Health Information" means information that:
is a subset of individually identifiable health data that is created or received by the Department;
relates to the past, present or future physical or mental health or condition of an individual, the provision of health care to an individual, or the past, present or future payment for the provision of health care to an individual; and
identifies the individual or there is a reasonable basis to believe the information can be used to identify the individual.
"Individual Provider" means any physician, dentist, podiatrist, chiropractic physician or other individual licensed or otherwise authorized in this State to furnish health care services.
"Institutional Review Board" or "IRB" means a body established in accordance with applicable federal regulations for human research protections as set forth in 45 CFR 46. The IRB chairperson may act on behalf of the IRB as specified in 45 CFR 46.
"Limited Health Data Sets" means confidential information that excludes specific direct identifiers of the individual, or of relatives, employers or household members of the individual, as described in federal regulations (45 CFR 46), that may be disclosed for research, public health or operations purposes, at the discretion of the Department, if approved by the Department's IRB as authorized under Section 1005.120. Indirect identifiers in limited health data sets may include, but are not limited to: admission, discharge, service, or incident dates; dates of birth or death, ages in years, months or days or hours; and five digit or more zip code or any other geographic subdivision, except for street name and number, four digit zip code extension, latitude and longitude, or census block.
"Patient" means an individual who receives health care from an individual provider or who receives care while in a health facility; this includes residents of licensed long-term care facilities.
"Privacy Rule" means the Health Insurance Portability and Accountability Act regulations.
"Public Use Health Data File" means a Department health data file designated as de-identified by the IRB that is available to anyone. Health data elements are limited and health data values are aggregated in the files so that the proportion of unique records is below thresholds as determined by the IRB and consistent with common practice for developing the files.
"Safe Harbor De-identification Method" means a method of de-identification so that the Department staff member who discloses the de-identified information does not have actual knowledge that the information could be used alone or in combination with other information to identify an individual who is the subject of the information, and that the 18 HIPAA identifiers of the individual, or of relatives, employers or household members, are removed.
"Statistical De-identification" means that, upon the request of the Department, a qualified statistician using accepted analytic techniques concludes that the risk is very small that the individual level health data could be used alone or in combination with other reasonably available information to identify the subject of the health data. For the purposes of this procedure, a qualified statistician shall be a member of the Department's staff who is identified by the IRB for this purpose.
(Source: Amended at 38 Ill. Reg. 19251, effective September 10, 2014)
Section 1005.15 Incorporated and Referenced Materials
a) The following federal regulations are incorporated by reference in this Part:
1) 45 CFR 46 − Protection of Human Subjects (2009)
2) 21 CFR 50 − Protection of Human Subjects (2011)
3) 21 CFR 56 − Institutional Review Boards (2009)
4) 45 CFR 160, 162 and Subparts A and E of 164 − HIPAA Privacy Rule (2006)
b) The following Illinois statutes are referenced in this Part:
1) Illinois Health Statistics Act [410 ILCS 520]
2) Open Meetings Act [5 ILCS 120]
3) Freedom of Information Act [5 ILCS 140]
c) All incorporations by reference of federal regulations or guidelines refer to the regulations or guidelines on the date specified and do not include any amendments or editions subsequent to the date specified.
(Source: Added at 38 Ill. Reg. 19251, effective September 10, 2014)
Section 1005.20 Department Functions
The Department will:
a) Publish, make available and disseminate health statistics on as wide a basis as practicable;
b) Coordinate its efforts with all public and private agencies and their representative co-operative groups to effect sharing of health data;
c) Participate with public and private agencies in the design and implementation of cooperative health data systems;
d) Undertake and support research, development, demonstrations and evaluations in regard to the cooperative system, with particular emphasis on health data consortium activities in Illinois; and
e) Evaluate confidentiality requirements and concerns when making determinations regarding release of health data.
(Source: Amended at 38 Ill. Reg. 19251, effective September 10, 2014)
Section 1005.25 Requests for
Release of Health Data by Researchers and Other Individuals
a) Requests to the Department for health data shall be submitted in a standard format specified by the Department. All requests for data shall contain the following information:
1) The specific purpose for which the health data is requested,
including testable research hypotheses;
2) The justification for requested health data elements;
3) The
particular file format desired;
4) The time period within which the health data is desired;
5) For health data to be supplied more than once, the frequency with which health data is to be supplied; and
6) Any other information the Department may reasonably require, including, but not limited to, an explanation of how the study design can be reasonably expected to answer the proposed hypotheses.
b) Requests for non-individually identifiable data and limited health data sets shall contain an assurance that no attempt will be made to identify any specific individuals, physicians or individual providers of services about whom health data is supplied, unless approved by the Department.
c) Any applicant who includes specific individual provider identification numbers in the request for health data shall furnish, as part of the application, proof of notification of the request to all individual providers, if the request requires IRB approval. Any individual provider shall have the right to submit comments to the Department. Comments shall be included with any health data pertaining to the individual provider that is disclosed to the applicant.
(Source: Added at 38 Ill. Reg. 19251, effective September 10, 2014)
Section 1005.30 Department Procedures for Health Data Release
a) The Department will review all requests for health data to determine whether the request is technically feasible in terms of the ability of the Department to provide the required health data:
1) From a known data base; and
2) Under statutes, rules and agreements by which the health data came into the Department's possession.
b) In addition to technical feasibility, the Department will perform an administrative review of all requests for health data as required by laws and regulations specific to the data being requested, based on factors including an assessment of the potential benefit and public health utility to be derived from the proposed analysis as described in 45 CFR 46; the necessity for identifiable health data, if requested; feasibility of the study design; the applicability of the requested health data to the stated purposes; and the ability of Department staff to provide the requested health data, including an estimation of the staff time and costs involved.
c) All requests for data that are denied will be returned to the applicant within 90 days with a statement containing the reason why the request is being denied.
d) All requests for data that are approved will be processed within 120 days after approval by the Department's IRB and execution of a health data use agreement.
e) Any health data pertaining to fewer than six individual providers at any single identifiable health facility or serving a specified or identifiable geographic area constitutes individual identifiable health data. This health data shall not be disseminated except pursuant to Section 1005.35(a).
f) The Department and the IRB will each review requests for health data containing direct identifiers and requests for limited health data sets that have not been previously released. After the review by the Department and the IRB, and upon making the determination that the request is not approved, the person making the request shall be instructed to modify the request.
g) The Department will not approve any release of health data unless all provisions of Section 5 of the Act, this Section, and applicable requirements of 45 CFR 46 have been complied with.
(Source: Amended at 38 Ill. Reg. 19251, effective September 10, 2014)
Section 1005.35 Department Standards for Health Data
Release
a) Disclosure of Individually Identifiable Health Data
1) The Department may make no disclosure of any item, collection or grouping of health data that makes the individual supplying or described in the health data identifiable unless:
A) The individual described in the health data, or the parent or legal guardian if the individual is a minor or mentally incompetent or a person holding a power of attorney covering the matters on behalf of the individual, has consented to the disclosure;
B) The disclosure is to a governmental entity in this State or in another state or to the federal government, provided that:
i) The health data will be used for a purpose for which the health data was collected by the Department;
ii) The recipient of the health data has entered into a written agreement, satisfactory to the Department, that it will protect the health data in accordance with the requirements of the Act and this Part and will not permit further disclosure without prior approval of the Department (Section 5(a)(2) of the Act);
C) The disclosure is to an individual or organization, for a specified time period as set forth in the written agreement and as determined by the Department, solely for bona fide research or statistical purposes, as determined in accordance with guidelines and procedures adopted by the Department, and the Department determines that:
i) the disclosure of the health data to the requesting individual or organization is required for the research or statistical purposes proposed;
ii) the requesting individual or organization has entered into a written agreement satisfactory to the Department that it will protect the health data in accordance with the requirements of the Act and this Part and will not permit further disclosure without prior approval of the Department. In no event, however, may the name, address, social security number, recipient number, or other unique personal identifier of an individual supplying the health data to the Department or described in it be disclosed under this Part to the requesting individual or organization, unless a Department-approved Institutional Review Board or its equivalent on the protection of human subjects in research has reviewed and approved the health data request. (Section 5(a)(3) of the Act); and
iii) The applicant is qualified to undertake the intended activity or study, as determined by the Department, based upon the IRB's assessment. In making its determination, the Department will consider, but is not limited to, the applicant's credentials and experience; and complexity of the health data request;
D) The disclosure is to a governmental entity for the purpose of conducting an audit, evaluation or investigation of the Department and the governmental entity agrees not to use the health data for making any determination to whom the health data relates (Section 5(a)(4) of the Act);
E) The disclosure is of specific medical or epidemiological information to authorized personnel in this or another state or the federal government, or agencies responsible to enforce quarantine, when necessary to continue patient services or to undertake public health efforts to control communicable, infectious, acute, chronic, or any other disease or health hazard that the Department considers to be dangerous or important or that may affect public health;
F) The disclosure is of specific medical or epidemiologic information to a health care provider, health care personnel, or public health personnel who has a legitimate need to have access to the information in order to assist the patient or protect the patient. This does not create a duty to warn third parties; or
G) The disclosure is necessary to obtain payment from an insurer or other third party payor in order for the Department to obtain payment or coordinate benefits for a patient.
b) Any disclosure provided for in subsection (a) of this Section shall be made at the discretion of the Department except that the disclosure provided for in subsection (a)(1)(D) of this Section must be made when the requirements of that subsection have been met. (Section 5(b) of the Act)
c) No identifiable health data obtained in the course of activities undertaken or supported under the Act or this Part shall be subject to subpoena, or similar compulsory process in any civil or criminal, judicial, administrative or legislative proceeding, nor shall any individual or organization with lawful access to identifiable health data under the provisions of the Act or this Part be compelled to testify with regard to the health data, except that data pertaining to a party in litigation may be subject to subpoena or similar compulsory process in an action brought by or on behalf of the individual to enforce any liability arising under the Act or this Part. (Section 5(c) of the Act)
d) Standards for Disclosure of De-Identified Health Data
1) De-identification Standard: Individual health data is sufficiently de- identified and does not constitute confidential information if a statistical or a safe harbor de-identification method is used. Public use data files approved for publication by the Department also meet the de- identification standard.
2) Re-identification of De-identified Health Data: The Department may assign a code or other means of health data identification to allow information that has been de-identified to be re-identified, provided that the Department does not disclose the code or other means of health data identification for any other purpose and does not disclose the mechanism for re-identification of the individual, and that the code or other means of data identification is not derived from or related to information about the individual and cannot otherwise be translated to identify the individual.
e) Standards for Disclosure of Aggregate Health Data
1) Any disclosure of aggregate health data shall ensure that there is no reasonable basis to believe that the identity of an individual could be derived from disclosure of aggregate health data, unless the Director determines that the public health benefit of the disclosure is warranted or that conditions specified in subsection (a) are met.
2) When releasing de-identified aggregate health data, Department programs will use accepted methods for de-identification of aggregate health data and will take into account whether values should be suppressed in situations in which numbers are too small to produce reliable statistics.
(Source: Added at 38 Ill. Reg. 19251, effective September 10, 2014)
Section 1005.40 Data Protection Review Board (DPRB) (Repealed)
(Source: Repealed at 38 Ill. Reg. 19251, effective September 10, 2014)
Section 1005.50 Access to Data (Repealed)
(Source: Repealed at 38 Ill. Reg. 19251, effective September 10, 2014)
Section 1005.60 Requests for Data (Repealed)
(Source: Repealed at 38 Ill. Reg. 19251, effective September 10, 2014)
SUBPART B: INSTITUTIONAL REVIEW BOARD
Section 1005.100 Institutional Review Board Authority, Role and Composition
a) The IRB is established by the authority of the Department to protect the health and lives of the people of the State and to fulfill its duty to comply with all applicable requirements of 45 CFR 46 and 21 CFR 50 and 56.
b) An IRB approved by the Director shall review requests for health data disclosure for which IRB review is required by statute or rule, and proposals for research involving human subjects that is conducted by the Department or individuals working on behalf of the Department.
c) The Director may require that proposals submitted to the Department that have been approved by another IRB be subject to review and approval of the Department's IRB.
d) The IRB shall be qualified through the experience, expertise and diversity of its members, including race, gender, cultural backgrounds and sensitivity to community perspectives. The IRB shall review proposed research in light of existing Department commitments, existing laws, regulations and guidelines, and standards of professional conduct and practice. The IRB will include persons with expertise in these areas.
e) The IRB chairperson will solicit recommendations for IRB membership from Department Deputy Directors, IRB members, and, as needed, from other Department staff, and professional and human services agencies and organizations. Individuals who wish to be considered for IRB membership shall indicate their interest by contacting the IRB chairperson. The Director will consider the candidates and make formal appointments to fulfill the specific requirements of the IRB composition as required in this Section and 45 CFR 46.
f) The Director will appoint the IRB members, alternate IRB members, IRB Chair, and IRB Vice-Chairs. The IRB will consist of at least five members with varying backgrounds. Composition of the IRB will reflect the anticipated scope and complexity of review activities, the types of populations involved, and the size and availability of Department resources.
g) IRB Membership
1) The IRB will not consist entirely of men or entirely of women.
2) The IRB will not consist solely of members of one profession.
3) The IRB will include at least one member whose primary concerns are in scientific areas.
4) The IRB will include at least one member who is a non-scientist.
5) The IRB will include at least one member who is not otherwise affiliated with, or part of the immediate family of, a person who is affiliated with the Department. The non-scientist and the member who is not affiliated with the Department may be the same individual.
6) An IRB member shall not participate in the initial or continuing review of any project in which the member has a conflict of interest, except to provide information requested by the IRB. The IRB Chair shall ensure that IRB members with a conflict of interest are not present during IRB votes subject to their conflict of interest.
7) The IRB may invite individuals with special expertise to assist in the review of issues requiring expertise beyond or in addition to that available on the IRB. These individuals may not vote with the IRB.
(Source: Added at 38 Ill. Reg. 19251, effective September 10, 2014)
Section 1005.110 Institutional Review Board Procedures
a) The IRB review of applications that are deemed not exempt or not eligible for expedited review will occur at convened meetings subject to the Open Meetings Act. IRB meetings will include a majority of IRB members who are present at the meeting in person or by electronic means, including at least one member whose expertise is in non-scientific areas.
b) The IRB has the authority to approve or disapprove, require modification to, or observe research, and to suspend or terminate approval (see Section 1005.130). Reliance on another institution's IRB or an independent IRB for review of research shall be documented by a written agreement that is available for review by federal Office of Human Research Protections upon request.
c) The IRB will provide written notification to researchers of approval or disapproval of, or required modifications to, proposed research.
d) The IRB Chair will review all research applications involving human subjects to determine whether the application involves exempt research.
e) The IRB has the authority to allow repeat release of designated limited data sets that are not from a HIPAA covered program without individualized IRB review.
f) Requests for approval of disclosure of health data and approval of research that involves no more than minimal risk to human subjects and their privacy and confidentiality are eligible for an expedited review procedure. Research projects that are eligible for expedited review include those projects found in the list of research categories published as eligible for expedited review by the Department of Health and Human Services (45 CFR 46) and previously approved projects for which minor changes are proposed during the period for which the IRB has already given approval, when those projects or changes involve minimal risk.
g) If a request is eligible for an expedited review procedure, the review may be carried out by the IRB Chair or by one or more experienced reviewers designated by the Chair from among members of the IRB.
h) In reviewing the request under an expedited review procedure, the reviewers may approve, but not disapprove, the research application. A research application may be disapproved only after review in accordance with the non-expedited review procedure. Research applications that have been reviewed under, but not approved through, the expedited review procedure will be subject to further IRB review at a convened meeting.
i) Prior to approval, the IRB will determine that all of the following requirements are satisfied:
1) Risks to subjects shall be minimized; researchers shall use procedures that are consistent with sound research design and do not unnecessarily expose subjects to risk;
2) Risks to subjects shall be reasonable in relation to the expected benefits to subjects and the knowledge that may reasonably be expected to result from the research;
3) The selection of subjects shall be equitable;
4) Unless otherwise authorized or permitted by law or regulation, informed consent shall be obtained and appropriately documented from each participating subject or the subject's legally authorized representative. When the IRB determines that the research project must include procedures for obtaining informed consent, the IRB shall ensure that informed consent is to be obtained under circumstances and through procedures that adhere to all applicable laws and regulations, and minimize any coercion or undue influence upon the subject or representative. Unless otherwise authorized or permitted by law or regulation, the following elements of informed consent shall be provided to each human subject:
A) An explanation of the purposes of, and procedures involved in, the research and the expected duration of the subject's participation;
B) A description of any reasonably foreseeable risks or discomforts to the subject;
C) A description of any benefits to the subject or to others that may reasonably be expected from the research;
D) A statement describing how the confidentiality of records identifying the subject will be maintained;
E) Information regarding who should be contacted for answers to questions about the research and research subjects' rights and in the event of a research-related injury to the subject;
F) A statement that participation is voluntary, refusal to participate will involve no penalty or loss of benefits to which the subject is otherwise entitled, and the subject may discontinue participation at any time without penalty or loss of those benefits; and
G) Any additional information that the IRB determines would further protect the rights and welfare of the subject;
5) The research shall make any necessary provisions for data monitoring to ensure the safety of subjects;
6) The privacy of subjects and confidentiality of data shall be assured;
7) When the research involves subjects likely to be vulnerable to coercion or undue influence, additional safeguards shall be included to protect the rights and welfare of these subjects.
j) The IRB may deny requests to conduct the research for reasons including, but not limited to, that the risks posed to human subjects are too great and for noncompliance with applicable laws and regulations. A notice of disapproval shall include the reasons for denial in sufficient detail that allows the researcher to respond. The researcher will be given the opportunity to respond to the denial in person or in writing to the IRB.
k) Any research proposal approved by the IRB shall include a provision that any subject who is participating or has participated in the research project who has a complaint shall be referred to the IRB to determine whether a protocol has been violated.
l) The IRB will review and approve changes to previously approved research projects and requests to continue projects beyond the expiration date of the current IRB approval. Changes shall not be initiated without IRB review and approval except when necessary to eliminate apparent immediate hazards to the subjects.
m) The IRB will perform continuing, periodic reviews at intervals commensurate with the degree of risk the research poses.
n) The IRB will require a report for each approved research project at its conclusion.
o) For research to be approved at a convened meeting, a majority of members present at the meeting must vote in favor.
p) For reviews under expedited review authority, the majority also prevails, if expedited review is performed by more than one individual.
q) A
quorum must be present at IRB meetings to do business.
r) A quorum is a simple majority of full members of the IRB, except that at least one member whose primary concerns are in non-scientific areas must be present.
s) Alternate members of the IRB are counted in the quorum when they are attending all or part of a convened meeting on behalf of full members.
t) Members who are eligible to vote but abstain from voting are counted toward the quorum.
u) Members who must recuse themselves from consideration of a proposal due to conflict of interest shall leave the room during consideration of the proposal and are not counted in the quorum.
v) The researcher has the right to appeal IRB decisions, including disapprovals, terminations of approval, restrictions on study design or study procedures, and approval conditions. Appeals shall be submitted in writing to the IRB within 60 days after the written notice to the researchers of the IRB's decision. Appeals shall provide a rationale for why the researcher believes that the IRB's decision is in error. All written appeals, including those of decisions made through the expedited review process, will be placed on the agenda of the next convened meeting of the IRB.
(Source: Added at 38 Ill. Reg. 19251, effective September 10, 2014)
Section 1005.120 Administrative Review and Approval
a) In accordance with 45 CFR 46, research proposals and requests for health data that have been approved by the IRB are also subject to administrative review and approval by the Department.
b) After administrative review of the administrative impact, technical feasibility and human subject protection as described in 45 CFR 46, the Director may disapprove research that has been approved by the IRB; however, the Director will not approve a request if it has not been approved by the IRB.
(Source: Added at 38 Ill. Reg. 19251, effective September 10, 2014)
Section 1005.130 Suspension or Termination of Institutional Review Board Approval
a) The IRB chairperson has the authority to suspend or terminate approval of activities that are not being conducted in accordance with the IRB's requirements or that have been associated with unexpected serious harm to subjects.
b) Any suspension or termination of approval will include a statement of the reasons for the IRB's action and will be reported promptly to the investigator and the Director.
(Source: Added at 38 Ill. Reg. 19251, effective September 10, 2014)
Section 1005.140 Documentation of Institutional
Review Board Activities
a) Documentation of IRB activities will be prepared and maintained and will include the following:
1) Copies of all research proposals reviewed, scientific evaluations that may accompany the proposals, approved sample consent documents, progress reports submitted by researchers, and reports of injuries to participants;
2) Minutes of IRB meetings, which will be in sufficient detail to show attendance at the meetings; actions taken by the IRB; the vote on these actions, including the number of members voting for, against and abstaining; the basis for requiring changes in or disapproving research; and a written summary of the discussion of controversial issues and their resolution;
3) Records of continuing review activities;
4) Copies of all correspondence between the IRB and investigators;
5) A list of IRB members; and
6) Statements of significant new findings provided to IRB members.
b) A log of approved human research projects will be made public on the Department's website unless otherwise exempt from disclosure under the Freedom of Information Act.
(Source: Added at 38 Ill. Reg. 19251, effective September 10, 2014)
Section 1005.150 Institutional Review Board Applications
a) Applications for IRB review shall be submitted to the Department electronically unless otherwise requested by the IRB.
b) Applications involving human subjects research shall include the following documentation:
1) A proposal including, but not limited to, the following:
A) The names and curriculum vitae of the principal investigator and co-principal investigators;
B) An abstract of the project;
C) A full description of the project's purpose, methodology, protocol and duration;
D) The number of subjects, the amount of time required for each subject's participation, and a detailed description of the interaction with the subjects;
E) The procedures for obtaining informed consent and the informed consent forms;
F) The questionnaires, testing and measurement instruments;
G) Letters, scripts, posters, notices, flyers, written materials and advertisements to be used for subject recruitment;
H) A duly executed unaffiliated investigator agreement for each investigator who is not an employee or who is not working on behalf of the Department;
I) Proof that each investigator has completed required training in the protection of human research subjects; and
J) The Department resources to be used;
2) Identification of funding resources for the research proposal;
3) Any certifications and assurances regarding the protection of human research subjects, privacy and confidentiality that are required by law or regulation; and
4) Any other information necessary to the IRB review procedure.
c) The IRB will review the application, in accordance with Section
1005.110 and 45 CFR 46.
(Source: Added at 38 Ill. Reg. 19251, effective September 10, 2014)