COVID-19 Guidance for Research with Human Subjects

In-person Human Subjects Research Activities
Updated September 9, 2021

Given the current transmission of COVID-19, the CWRU IRB continues to recommend that there should be minimal contact with human subjects involved in research.  Contact with human subjects should be limited to remote methods (e.g. email, phone, Zoom, RedCap, Qualtrics) to the extent possible. 

In those instances, in which human subjects research activities cannot be performed remotely, it is recommended that the faculty member follow the process outlined on the University's COVID-19 page (under the Human Research section), which includes the completion and approval of a Safety Plan.

There is a Best Practice: Contingency Plans for COVID-19 Exposure that is associated with the Safety Plan and all study team members should read and save for reference.

Researchers who need to have physical interactions with human subjects in clinical trials should follow the guidance of the hospital IRB, who is the IRB of record.

If you have any questions, please contact Kim Volarcik at

When and How to Modify Protocols to Add Remote Research Procedures

Exempt Protocols:
  • Study procedures can be moved to remote data collection without submission of a Modification. 
  • If the data previously were collected without identifiers (e.g. in-person paper survey), then the online survey also must be collected without identifiers (including email and IP addresses). 
  • Use of Qualtrics and REDCap is recommended, with changes to the default settings to anonymize responses.


Expedited or Full Board Protocols:
  • Research protocols or any single component of a research protocol may be delayed/paused for COVID-19 concerns without submitting a Modification to the IRB.
  • If there are changes to research procedures, a Modification should be submitted to the IRB prior to implementing the changes. When revising the study protocol, indicate whether the changes will be permanent or temporary.  For temporary changes, label them by using a header such as “Temporary COVID-19 Related Procedures.”       

Remote Data Collection

  • Protocol should describe how you will be collecting data, and the remote platform being used.  Include any changes in additional data you might be collecting (audio or video recordings).
  • Be sure to follow current best practices issued by CWRU UTech for these remote platforms to ensure privacy and data security.  
  • Recommendations:
  • For surveys:  Qualtrics and CWRU REDCap
  • For interviews:  CWRU Zoom and phone                    

Informed Consent Process

  • If you will be obtaining verbal consent for new participants, you will need to request a waiver of documentation of consent.  Indicate in a Modification this request within the Consent Process section of your study protocol. 
  • Add a new verbal informed consent script. If you will be returning to written consent form at a future time, keep your previously approved consent document in the protocol (do not remove or overwrite).
  • For HIPAA or FERPA protected data, you will need to either delay authorization until you can get written consent, or set up REDCap to obtain an electronic signature and date.  If you will delay authorization, remove this language from the verbal/online consent.         

Notification/re-consent for currently enrolled participants

  • Participants who already have consented to participation should be notified of any data collection changes and should be asked whether they wish to continue participation in the study as part of the ongoing consent process. 
  • Indicate in the Modification summary that participants will be notified/re-consented regarding these changes, and upload a document with the notification/script that will be given to the participants.

Data Storage

  • Privacy and confidentiality provisions remain critically important at all times, even when working remotely. Please note, collection, transmission, or access to private identifiable data or protected health information, must comply with university and other policies for security of research data.
  • Remote interactions that will collect or transfer private identifiable information or protected health information should use technology that is IT secure or HIPAA compliant (e.g., CWRU REDCap, CWRU Box).
  • Do not store private identifiable information or protected health information on unsecure devices in order to work remotely. Use University-approved BOX services and VPN access while working at home instead of storing data directly on personal devices.
  • If making copies of physical research records or data (paper consent forms, case report forms, questionnaires/surveys, etc.), secure all paper locally following HIPAA principles and return to the IRB-approved location as soon as is practical.
  • If the data will be stored in a different storage location(s) than what is stated in the approved IRB protocol, indicate in a Modification where data will be stored.