Office of Research Integrity
Transforming tomorrow by Promoting Ethical Research

Electronic Informed Consent (E-consent)

E-consent refers to the use of electronic systems and processes that may employ multiple electronic media, including text, graphics, audio, video, podcasts, passive and interactive websites, biological recognition devices, and card readers, to convey information related to the study and to obtain and document informed consent.

Electronic Informed Consent (E-consent)

E-Consent Document

  • E-consent may be used for an in-person or remote process (see remote consent section for guidance).
  • Standard rules apply for presenting language that is understandable and presenting in a format that is easy to navigate forward or backward.
  • Common rule and HIPAA regulations permit electronic signatures if legally valid within jurisdiction. However, FDA-regulated research is held to a higher standard under FDA 21 CFR Part 11. The 21 CFR11.100(c) regulation requires specific system controls, identity verification, and certification that the electronic signatures in the system are intended to be the legally binding equivalent of traditional handwritten signatures. FDA does not mandate a specific method of identity verification or E-signature (digital, signature pad, voice, or fingerprint & date). See Electronic Platforms below for options.  
  • The IRB should see final format and all materials that subject would see. Upload a representation of the full document into E-IRB.  Unless signatures are waived, show representation of electronic signature and date fields for subject and if applicable, a legally authorized representative. If process includes a verbal discussion, include a field or drop-down to indicate the name of study personnel obtaining consent.
  • Upload the consent as an Informed Consent “Document Type” so that the E-IRB system will assign a stamp, designating it as the IRB approved document.  Traditionally, this is the version that should be used to enroll subjects, however, if the electronic system does not accommodate the IRB approval stamp, the electronic version without the stamp may be used to enroll subjects. 
  • System archiving – The UK E-IRB system maintains an audit trail with all IRB-approved versions available.
  • Consent revisions: It is very important that only the documents you wish to have approved by the IRB are attached; DELETE OUTDATED FILES -- previously approved versions will still be available in Protocol History.  

E-Consent Process

  • Process description should include enhancements (interactive, multimedia, quizzes) and standard process issues such as who, what, when, location (at site or remote). If the e-consent process is remote, indicate how you will verify identity to ensure the person signing is the intended subject.
  • Describes steps to facilitate subject understanding – diagrams, images, graphics, video technology, embedded definitions or teach-back questions, or narration.
  • The consent or permission document must be produced in hard copy for review by the subject upon request.
  • If process is remote, electronic communication (messaging, phone call, videoconferencing, live chat) is permitted so long as communication is secure, and privacy protected.
  • Whether or not a consent discussion is involved, subjects should have ability to ask questions.
  • If significant new findings during the study warrant re-consent, subjects must have an opportunity and way to ask questions (see re-consent guidance)
  • The IRB recommends the copy provided to the subject be the signed/dated version in format that can be retained (paper or E-copy is fine but warn subject about confidentiality limitations of E-copy since may be housed indefinitely on subject’s personal computer).
  • Electronic Combined Consent/HIPAA Authorizations may be used. HIPAA requires the subject be given a copy of signed authorization.

Electronic Platforms

Not Food and Drug Administration (FDA) 21 CFR Part 11 compliant:

  • Qualtrics - HIPAA Compliant platform, includes options for providing subjects with a copy of the signed document. See Instructions for Building a Consent Form. [HTML]
  • REDCap - HIPAA-compliant electronic system, used to create your e-consent, verify identity and collect signatures for research with automatic email of copies sent to both the subject and the investigator.

    REDCap is housed and maintained by CCTS (For additional information, view the REDCap consent feature webinar or CCTS Biobank video demo [YouTube video]).

FDA-regulated Research:

  • Software systems must be compliant with all requirements under FDA 21 CFR Part 11 (e.g., restricted access, administrative controls, training, identity verification, etc.). Generally, there is no “out of the box” software solution as the customer is responsible for setting features, demonstrating compliance, providing/documenting training, and administering operational policies and procedures. Detailed 21 CFR Part 11 elements are outlined for  DocuSign Part 11 [HTML] and Adobe Sign Part 11 [PDF]. 
  • To request an FDA Part 11 compliant version of Adobe Sign, submit a UKHC IT Service Management System request.
  • External or industry sponsors may provide a 21 CFR Part 11 compliant electronic consent. You may request a statement from the sponsor or vendor of the electronic system used for obtaining the electronic signature that the system meets the relevant requirements contained in 21 CFR Part 11 and maintain documentation that your site has fulfilled applicable customer requirements such as training, password controls, etc.

E-Signatures

To have a valid signature, your e-consent process should have:

  • The ability to prove that the actual signer is the intended signer;
  • The inability of the signer to deny the signature; and
  • An assurance that neither the record nor the signature has been altered since the moment of signing. To achieve this, the electronic signature and date should be linked to the document so that it cannot be modified or tampered with. (Having the individual type their name on a word document or other format that allows the signature to be tampered with is not valid.)

FDA 21 CFR Part 11 describes two types of signatures:

  • Electronic signature - a computer data compilation of any symbol(s) executed, adopted, or authorized by an individual to be a legally binding equivalent of the individual’s handwritten signature.
    • Methods include computer-readable ID cards, biometrics, digital (cryptographic) signatures, and user/password combinations.
    • Electronic signatures must comply with 21 CFR 11.5 & 11.7 signature requirements: § The printed name of the signer;
      • Date and time when the signature was executed;
      • Meaning (i.e., consent); and
      • Linked to their respective electronic records to ensure that they cannot be excised, copied, or otherwise transferred (i.e., tampered with).
  • Handwritten signatures executed to electronic records - hand-scripted signatures executed to electronic records by signing with a stylus, finger, or cursor drawing.
    • These may be used in a hybrid process where the only electronic component is the documentation (signature) of informed consent.
    • Handwritten signatures executed to electronic records must comply with 21 CFR 11.7:
      • Linked to their respective electronic records to ensure that it cannot be excised, copied, or otherwise transferred (i.e., tampered with). 
    • In situations where electronic signatures cannot be placed in a specified signature block, a statement of testament (e.g., “I consent to participate”) should be placed elsewhere in the document to state the meaning of the signature and link the signature to the electronic informed consent.

Back to Informed
Consent Main Page 

 

Guidance [HTML]

Policies

Informed Consent SOP [C3.0050] [PDF]

University of Kentucky Impaired Consent Capacity Policy [PDF]

Office of Research Integrity/Institutional Review Board SOPs [HTML]
Resources

ORI Remote Informed Consent Guidance [D154.0000] [PDF]

UK Telehealth [HTML]

UK HIPAA compliant Zoom [HTML]

FAQs on Telehealth and HIPAA during the COVID-19 nationwide public health emergency [HTML]

FDA Guidance on Conduct of Clinical Trials During COVID-19 Public Health Emergency [HTML]

Office for Human Research Protections (OHRP) Guidance on COVID-19 [HTML]

UK CCTS Clinical Research Update October 2020 session on Remote Informed Consent [YouTube video]

CCTS biobank consent video demo on REDCap consent for isolation patients [YouTube video]

Perficient Ultimate Guide to FDA CFR Part 11 [PDF]

TrialHub Article listing commercial vendors which may offer discounts during COVID-19 pandemic [HTML]

DocuSign Part 11 Module [HTML]

Adobe Sign 21 CFR Part 11 manual [PDF]

Validating Adobe Signatures [HTML]

Contact ORI

(p) 859-257-9428
(e) IRBSubmission@uky.edu