Sponsor-Investigator Responsibilities
The sponsoring institution provides a standard operating procedure (SOP), or suite of SOPs, that describes the Sponsor-Investigator's responsibilities (and how they are achieved) for managing non-compliance, including serious breaches.
Download the serious breach site PI responsibility workflow

The Sponsor-Investigator responsibilities include:
- Implement monitoring procedures to identify any departures from the protocol and Good Clinical Practice (GCP).
- Provide site teams with process for reporting protocol deviations and suspected serious breaches, ie template non-compliance report form and instructions for recording in the Case Report Form (CRF).
- Review suspected breach reports from sites and third parties to establish if they meet the definition of a serious breach.
- Review serious breaches that have occurred as a result of their own quality systems, eg failure to follow own SOPs that impacts the safety/rights of participants or integrity of the data.
- Capture all serious breaches using a central deviation log maintained in the Trial Master File (TMF).
- Ongoing review (frequency tailored to trial and complexity of the protocol, nature of the intervention) of all deviations to monitor for trends, eg recurrence of protocol deviation that leads to a serious breach, need for training.
- Management of root cause analysis and Corrective and Preventative Action Plans (CAPAs).
- Report to stakeholders.
- Management of essential documents relating to serious breaches, including justification for determining when a suspected breach does not meet the definition of a serious breach, in the TMF.
Review of suspected breaches
Factors to consider during the review include:
- Is the deviation isolated/systemic?
- Impact on safety and rights of participants (may require consultation with reviewing HREC).
- Impact on data taking into consideration:
- Design of the trial
- Type and extent of data affected by the breach
- Overall contribution of the data to key analysis parameters
- Impact of excluding the data from the analysis
Reporting to stakeholders and timeframes
"It is my job to ensure breaches get reported within 72 hours and it ensure it does not happen again." - Researcher
- HRECs only need to be notified of deviations that meet the definition of a serious breach.
Report serious breaches directly to reviewing HREC within seven calendar days of confirming a serious breach has occurred using the Serious Breach Report Form provided by the relevant state department of health. For example, in Victoria, forms are completed and submitted within Ethical Review Manager (ERM).
- Site Principle Investigators (PIs) only need to be notified of confirmed serious breaches that occurred at their site. Notify the Site PI within seven calendar days of confirming a serious breach occurred. This includes providing a copy of the Serious Breach Report provided to the reviewing HREC.
- Notify the TGA and the reviewing HREC if the serious breach leads to closure of a site (CTN/CTX trials only).
- Notify the TGA or the Marketing Authorisation Holder/manufacturer (who would report to the TGA) of any serious breach that involves a defective product that may have wider implications for the supply chain of that marketed product.