In this section
You only need to make HRECs aware of the small sub-set of deviations that have a significant impact on:
These are what we call 'serious breaches'. The investigator should also report a serious breach at their site to their institution. This is because the breach could impact on medico-legal risk, the responsible conduct of research, or adherence to contractual obligations.
For more information on deviations and breaches, see the NHMRC document Reporting of Serious Breaches of Good Clinical Practice (GCP) or the Protocol for Trials Involving Therapeutic Goods. This guidance applies to both commercial and non-commercial clinical trials involving therapeutic goods. For local requirements please refer to the CRDO Launching Pad for the management and reporting of protocol deviations and serious breaches.
Protocol deviation: any breach, divergence or departure from the requirements of Good Clinical Practice or the clinical trial protocol.
Serious breach: a breach of Good Clinical Practice or the protocol that is likely to affect to a significant degree: a) The safety or rights of a trial participant, or b) The reliability and robustness of the data generated in the clinical trial.
Note: this guidance's definition of serious breach differs from the definition in the Australian Code for the Responsible Conduct of Research and is about deviations from the requirements of Good Clinical Practice or the clinical trials protocol.
Suspected breach: a report that is judged by the reporter as a possible serious breach but has yet to be formally confirmed as a serious breach by the sponsor.
Data Breach: any actual or suspected unauthorised access or use, misuse, damage or destruction of data by any person. It can be any incident in which data is compromised, disclosed, copied, communicated, accessed, removed, destroyed, stolen, lost or used by unauthorised individuals, whether by accident or intentional.
Protocol Deviations do not need to be notified to the HREC, unless they meet the definition of a serious breach. This is because they do not affect participant safety or autonomy, or the ethical acceptability of the trial
OR, Protocol Deviations do not need to be notified to the HREC if the deviation does not affect participant safety or autonomy, or the ethical acceptability of the trial.
Serious and suspected breaches must be notified to the HREC in a timely manner.
Serious Breach Report Form (Sponsor) and
Suspected Breach Report Form (Third Party) which must provide a detailed description of what occurred and the steps taken to resolve/address the issue or prevent future occurrences . The report should be completed via
as soon as practicable.
Data Breaches must be reported to MCRI's
Data Breach Response Team (DBRT), please see the
Data Breach policy
for more information and guidance on handling data breaches. Please see the
Data Breach Response Plan. Please provide a completed
Data Breach Reporting Form to
email@example.com as soon as practicable.