Academic Institutions and Regulatory Compliance in the Labs: Why it Matters

Posted on Lab Compliance. 27 February, 2017

Partnering and the Challenge of Research Compliance

Major research institutions and academic centers operate in an increasingly complex global network of scientific collaborators.  In recent years, there has been a rising number of partnerships between non-profit research institutes and pharma, driven by cuts to academic research budgets, waning pipelines, and the pharma industry’s emphasis on open innovation. In mid-2015, for example, GSK teamed up with the University of North Carolina at Chapel Hill to form a research institute and a company dedicated to finding a cure for HIV and AIDS.  GSK will contribute over $4 million annually over the next five years to launch the research center on Chapel Hill’s campus.  According to a 2012 Burrill & Company reporti, the amount of money being earmarked for partnerships with biotechs had fallen from $22.7 billion in 2011 to $18.9 billion — a loss Burrill attributed to the increasing frequency of academic partnerships.

Despite the rise in number of collaborations, there are a number of challenges pharma and academia face when establishing their alliances, in particular aligning on opposing goals. For pharma, these partnerships are about gaining access targets, molecules, and academic investigators that can help get cures to the clinic.  Academia is driven by the “publish or perish” culture – which can also cause some IP concerns for pharma.  Similarly, rather than focusing solely on the clinic as the end goal for a molecule, academia’s efforts are often directed toward determining how and why a drug did or didn’t work.  These often-cited challenges, though significant, do not tell the whole story.  Research regulatory compliance is emerging as a major factor in public-private collaborations.  To win major partnerships and sustain operations in an increasingly competitive research funding environment, research compliance must be on your list of organizational priorities.  No longer an insular activity, research in a complex partner ecosystem with increasingly complex regulations requires serious on-going attention, whether from an outside party or internal compliance function or both.  From data management to animal use and the requirements surrounding human subjects, assessing your compliance risk even in exploratory research environments is no longer a nice-to-have.  Unfortunately, many traditional academic centers face a lack of institutional infrastructure and resource to deal with compliance.

The research administration environment grows increasingly complex with changing regulations, inconsistencies among agencies, lack of information (meaningful and timely reports), thus generating more risk than institutions recognize.  There remains a vast disconnect between the award environment, (during which the funding agency and the PI focus primarily on the research itself) the degree of flexibility that is perceived to exist while the research is being conducted, and the audit environment that follows.  The current environment often places increased emphasis on accountability during a time when many institutions are faced with significant financial pressures and mandates to reduce staff.  Numerous research institutions have indicated that compliance costs have grown during the past decade.  More telling than the increases in associated research compliance costs are trends showing that these costs have increased more rapidly than the associated direct research expenditures, such as salaries, lab supplies, and research equipment.

Research compliance impacts:

  • Academic Medical Centers
  • Cancer Centers
  • Healthcare Systems with Research divisions
  • Research Institutes
  • Universities

In addition to increasingly complex regulations, the trend towards moving on-premise systems to cloud-based or hybrid environments adds further complications to the research compliance landscape.  While the move to the cloud contributes to organizational agility and efficiencies, cloud-based environments must be validated appropriately and are often managed differently from traditional on-premise solutions.

What are the Areas of Compliance Emphasis?

So, how do research institutions get a handle on the issues?  To start, let’s identify the current areas of compliance that should be addressed.  This widespread, yet non-exhaustive, list of regulatory compliance issues creates a complex charge for the research compliance program at an institution.

How do I Design a Comprehensive Compliance Program?

Before designing a program to address research compliance in your organization, you must first have a deep understanding of your processes, data management practices, infrastructure and IT systems that are impacted.  The first step and best practice is always to start with a thorough analysis of the current state, including in-scope business processes, systems, and procedures (such as current data management practices) to ensure quality compliance with governing regulations.  This can be performed by an internal audit or oversight function or pursued with an external third-party with the appropriate experience in system and process auditing, regulatory and compliance, risk management processes, laboratory informatics systems, and organizational quality management practices.

Issues to ConsiderAssessing Your Compliance Environment

  • History and culture of the institution, barriers to change, mission and vision
  • Commitment of institution’s leadership to invest in improvement and “champion” change initiatives
  • Effective mechanisms for internal controls across organizational units
  • Optimization of information flow within and between compliance, administration and operating units
  • Staffing levels, roles, responsibilities & delegated authorities
  • Revamping policies & procedures
  • Training & education for compliance
  • Current service level agreement requirements and maintaining an appropriate level of compliance

Once you have performed the analysis, turn your attention to developing a comprehensive compliance program designed to get you to where you want to be over time.  In 2005, the DHHS Office of the Inspector General (OIG) issued a draft Guidance with the following eight elements considered as necessary for a comprehensive compliance programii:

8 Elements of a Comprehensive Compliance Program

  • Compliance Leadership
  • Policies and Procedures
  • Training
  • Communication
  • Monitoring
  • Enforcement
  • Corrective Response
  • Roles and Responsibilities

Implementing the plan is time consuming and requires buy in across the organization, dedicated resources with defined roles, and enforcement mechanisms.  In general, a proactive approach to creating a compliance program will allow an institution to manage its compliance risk without imposing unnecessary constraints on the institution’s operations.  Strong compliance programs not only benefit research institutions by reducing the risk of significant non-compliance but also tend to increase accountability, clarity, and information flow across the enterprise.

i Available at
ii For research awards from the National Institutes of Health (NIH) and other agencies of the US Public Health Service (PHS)

About the Author

Dale Curtis Jr. is the President of Astrix Technology Group. For over 18 years, Mr. Curtis has built an impressive track record of leadership and success in high technology/scientific enterprise software sales, business development and service delivery. He has proven talent for driving innovative operational and marketing strategies, building successful teams, and rapidly developing new markets for start-up companies as well as multimillion-dollar global technology enterprises.   Mr. Curtis holds a B.S. in Chemical Engineering from the University of Virginia and an M.B.A. from the Drexel University LeBow College of Business.

A Selection of Current Customers