Mary Greyard


  • Changes to the federal rule governing human research (Common Rule) were announced on January 18, 2017. Many of the Common Rule changes go into effect January 21, 2019. 
  • The changes to the Common Rule do not apply to FDA-regulated studies. 
  • ORIC is working to roll out these changes at ECU. The announcements section of the ORIC > UMCIRB webpage and the ePIRATE homepage will be your main source for information and updates about the revised Common Rule roll out. 
  • Studies submitted on or after January 21, 2019 will be reviewed under the revised Common Rule. Currently approved studies will continue to fall under the pre-2018 Common Rule requirements. 
East Carolina University is co-sponsoring an OHRP (Office for Human Research Protections) Research Community Forum titled "Community Engagement: Current Challenges and New Directions". The Forum will be held September 25-26, 2018 in Greenville, NC. The workshop day will feature interactive presentations on applying the HHS regulations, with a focus on the revised Common Rule. The conference day will focus on thought-provoking topics related to community engagement, and include breakout sessions on research with vulnerable populations and the role of patient advocates. Check out the agenda and view the full program!

You can find the agenda and more information about registration here
The National Institutes of Health (NIH) Policy on the use of a single Institutional Review Board (sIRB) of record for multi-site research became effective January 25, 2018. This policy establishes the expectation that all sites participating in multi-site studies involving non-exempt human subjects research funded by the NIH will use a single Institutional Review Board (sIRB) to conduct the ethical review required by the Department of Health and Human Services regulations for the Protection of Human Subjects. This policy applies to the domestic sites of NIH-funded, multi-site studies where each site will conduct the same protocol involving non-exempt human subjects research whether supported through grants, cooperative agreements, contracts, or the NIH Intramural Research Program. It does not apply to career development, research training or fellowship awards. 

This policy applies to domestic awardees and participating domestic sites. Foreign sites participating in NIH-funded, multi-site studies will not be expected to follow this policy. 

Investigators are encouraged to consult with the Office of Research Integrity and Compliance (ORIC) prior to including an sIRB plan in their application if they have questions about whether or not ECU should cede IRB review to another IRB or assume the responsibility of being the IRB of record (Reviewing IRB). 

You may review the NIH posting regarding sIRB review by clicking here

If you have questions about the sIRB review process or IRB reliance agreements, please call ORIC at 252-744-2914, or email your questions to 
The following UMCIRB informed consent templates have been revised:
Consent Letter for Expedited Survey Research v. 02.05.18
Consent for More than Minimal Risk Research v. 02.16.18
Consent for No More than Minimal Risk Research v. 02.05.18
Genetic Testing Addendum v. 02.05.18
Language for Use in a Sponsor's Consent Template v. 02.05.18
Parent Permission Form Template: No More than Minimal Risk Research v. 02.05.18

Please begin using these templates immediately and discard any old templates you may have stored on your desktop. 

The revisions involve primarily changes to Vidant Health contact information and minor grammatical/editorial changes as needed. These revised templates can be found on our website as well as in ePIRATE. 
  • The revisions to the Common Rule go into effect January 21, 2019 and UMCIRB will begin reviewing new studies under the revised Common Rule on that date. 
  • New document templates will be posted on both the UMCIRB website and within ePIRATE. Be sure to use these new templates for any new research studies submitted on or after 01.21.19. 
  • Revised SOPs will be posted on the UMCIRB website.
  • Existing expedited studies approved prior to January 21, 2019 will continue to follow pre-2018 requirements including required renewal at least annually. Upon request by the investigator and after discussion with ORIC, an existing study may be revised to meet the new federal requirements. An amendment would need to be submitted and approved within the electronic IRB submission system to document this transition.
  • Keep our website and the ePIRATE homepage checked for continuing and updated information. 
  • Remember, the revised Common Rule does not apply to FDA-regulated studies. 

Welcome to the ORIC - Research HIPAA Compliance

The HIPAA Privacy Rule provides federal protections for personal health information held by covered entities and gives patients an array of rights with respect to that information. At the same time, the Privacy Rule is balanced so that it permits the disclosure of protected health information (PHI) needed for patient care and other important purposes.

The purpose in this site is to help researchers know the limitations here at ECU when conducting research using PHI. This will explain the required length of storage of data as well as how to store it securely while having the proper authorization to do so.

*For non-research HIPAA compliance questions please refer to:

Required Research HIPAA Training

Login to Cornerstone for HIPAA training using your pirateID and search for:

ECU HIPAA/Security Training for Researchers click on request and the training will be assigned to you.

Research HIPAA FAQs

What is PHI?

PHI stands for Protected Health Information.

The HIPAA Privacy Rule provides federal protections for personal health information held by covered entities and gives patients an array of rights with respect to that information. At the same time, the Privacy Rule is balanced so that it permits the disclosure of personal health information needed for patient care and other important purposes.

How to know if PHI is involved?

  1. Are you recruiting patients as participants from a healthcare component?
  2. Are you accessing the medical record to retrieve data?
  3. Is a healthcare component referring patients to you to recruit?
  4. Are you conducting your research within a healthcare component?

If you answer yes to any of the 4 questions above then PHI is involved in your research.

HIPAA Forms and Documents

Other ECU Links Relevant to Research HIPAA Compliance

Identity Theft Protection Committee (ITPC) - In order to implement and ensure compliance with legal  requirements governing SSNs and PII, ECU established the Identity Theft Protection Committee (ITPC) to oversee ECU's compliance with this regulation in regard to the collection, segregation, disclosure and security of SSNs and PII and the development of related policies/regulations.

The ITPC is also responsible for approving the collection and use of SSNs and PII.

Questions concerning the requirements of this regulation should be directed to the Identity Theft Protection Committee (ITPC) at

Clinical Information Steering Committee - The Clinical Information Steering (CIS) Committee oversees the adoption and use of healthcare-related information technologies. CIS's partnership with ITCS provides a uniform process for the Brody School of Medicine, ECU School of Dental Medicine, ECU Allied Health, ECU College of Nursing and ECU Physicians to request and receive guidance in the selection, development and implementation of hardware, software systems, databases and third party IT services that support clinical research and operations for the purposes of assuring compatibility with existing East Carolina University and Vidant Health healthcare-related information technology systems, promoting operational efficiency, limiting storage of patient information outside of the university's designated Electronic Health Record (EHR) system(s), and ensuring both patient and university data are protected within the scope of applicable university policies, government regulations and state laws.