UCSF faculty members are required to conduct research and manage the financial aspects of research in compliance with University policy, federal and state laws, and sponsor requirements. Principal Investigators must ensure that they, their fellow investigators, students and staff meet compliance requirements, including any necessary training.
Common Compliance Areas
Animal Subjects
The Institutional Animal Care and Use Committee (IACUC) oversees all UCSF research and instruction that involves vertebrate animals. The IACUC ensures that the highest ethical and animal welfare standards are met.
Awards requiring these types of approvals may be processed before the IACUC has issued an approval number. However, in such cases, research is restricted to activities not involving animal subjects. Research activities involving animal subjects may only proceed after IACUC has given a final approval and number. In order for the approval to be valid the Sponsor (or funding source), and personnel must be listed on the applications. Learn about creating, editing and submitting IACUC protocols.
Biospecimens
The Biospecimen Services Program and the Department of Pathology provides all research biospecimen collection from non-exempt clinical tissue requiring gross evaluation. By March 24, 2022 all existing and future pathologist collaborations must be communicated to the Biospecimen Services Program through the Pathologist Collaborator Form. (Office of Research/Department of Pathology Research Acquisition Policy)
Conflict of Commitment (COC) and Conflict of Interest (COI)
Conflict of Commitment (COC)
University of California faculty must report time and earnings from certain outside professional activities involving foreign entities (e.g., consulting for a foreign entity that is outside the scope of their professional responsibilities) on an annual basis, and certain categories of outside activities require prior approval. UCSF faculty enter their outside activities and income in the Outside Activities Tracking System (OATS).
Faculty should consult with their Department Chair.
Conflict of Interest (COI)
Researchers may have financial interests in research sponsors and/or entities with business interests closely related to their research. These interests must be disclosed. Before an award can be setup and transmitted to CGA, it must be released by the Conflict of Interest Division (COI).
OSR requests this release either at the Just-in-Time stage, or during Award Set-Up. This release can only occur after the PI makes the proper disclosures and COI approves them. If required, the type of grant or contract will determine the kind of disclosure necessary.
Cost Sharing
Cost sharing is a financial commitment to an external sponsor to augment its sponsored project budget. Cost sharing is tracked by CGA.
Coverage Analysis
Coverage analysis is the independent review of a human research study to determine which patient care costs are billable to insurance and which are not.
Awards involving human subjects’ research require coverage analysis and budget review. Email [email protected] to initiate Coverage Analysis.
Data and IT Security
Federal regulations and UC Policies require researchers to protect the privacy of subjects and to maintain the confidentiality of sensitive data. A contract or grant may mandate specific security compliance requirements for our information systems to ensure data security when collecting research data. Requirements for each compliance regulation vary.
UC IS-3 Electronic Information Security Policy requires security risk assessments to be completed for all information systems that create, store, process, or transmit UCSF data when they are initially introduced into the UCSF infrastructure. A security risk assessment must be completed if the researcher is purchasing or developing a new software product or a cloud service that creates, stores, processes, or transmits UCSF data. If you are not sure if a vendor or UCSF cloud computing environment or UCSF IT Security meets a sponsor’s IT security requirements, request an IT Security Risk Assessment.
Facts addressing of these concerns:
-
UCSF Box implementation of Secure Box does not currently meet the requirements to comply with:
- Federal Risk and Authorization Management Program (FedRAMP) a government-wide program that provides a standardized approach to security assessment, authorization, and continuous monitoring of cloud products and services, and
- The National Institute of Standards publication 800-53 (NIST 800-53) recommended security controls for Federal information systems, except those designed for national security.
The local network share drive would have to support the project instead, or an alternate cloud computing resource assessed for compliance.
- UCSF IT uses Federal Information Processing Standard Publication 140-2 (FIPS PUB 140-2) compliant encryption on desktops/laptops. FIPS PUB 140-2 is a U.S. government computer security standard used to approve cryptographic modules.
- Media disposal is in accordance with National Institute of Standards Special Publication 800-88 (NIST SP 800-88) – Guidelines for Media Sanitization.
- Research Analysis Environment (RAE), formerly MyResearch, provides compute, storage, and tools in a secure, NIST 800-171 compliant platform across three product tiers (monthly fee applies to Premium and Cloud). If NIST 800-171 is required, please inform the PI to initiate a ServiceNow ticket to request a consultation with the RAE team early while reviewing RFPs and prior to preparing a proposal or discussing/putting together a data sharing plan.
- Go to MyAccess and select ServiceNow or go to Help.ucsf.edu
- Select Accounts, Access & Email
- Select RAE - Research Analysis Environment Request (formerly MyResearch)
- Document IT Security requirements under Comments
If an RFP requires NIST 800-53 / FISMA / HIPAA / ISO 270XX / FERPA / GDPR / FedRamp, please guide the PI to initiate a ServiceNow ticket for an IT Consultation:
- Go to MyAccess and select ServiceNow or go to Help.ucsf.edu
- Select Request Specific Services (red shopping cart)
- Select Consulting & Development
- Select and submit an IT Consultation Request - please have the following information available to complete the request:
- Project Name – short name used to identify your request
- Timing – provide a desired deadline, indicated if flexible or firm
- Project Description – general summary of request include primary objective, problem being solved, anticipated benefits, and outcome if request is not completed.
- Stakeholders – all individuals, departments/groups that may be involved in the request
- Attachment – attach the RFP or document with the IT security requirement
Please direct data security inquiries to [email protected].
UCSF Buying Software and Cloud Computing guidance requires purchases of all cloud computing services and certain software to be completed through UCSF BearBuy to engage Supply Chain Management. This is necessary to ensure that agreement terms are compliant with regulations, UC policies, etc.
NIH Data Management and Sharing
NIH requires researchers proposing research that results in the generation of scientific data, to prospectively plan for how scientific data will be preserved and shared through submission of a Data Management and Sharing Plan (Plan). Upon NIH approval of a Plan, NIH expects researchers and institutions to implement data management and sharing practices as described in the Plan and the Plan will become a term and condition of the award. (NOT-OD-21-013).
In an effort to reduce the burden of duplicative reporting expectations, NIH is establishing a single Plan submission requirement for research subject to both the NIH Genomic Data Sharing Policy (GDS Policy) and the NIH Policy for Data Management and Sharing (DMS Policy).
- The NIH Genomic Data Sharing Policy ensures the broad and responsible sharing of genomic research data and applies to all NIH-funded research that generates or uses large-scale human or non-human genomic data as well as these data for subsequent research. Large-scale data include genome-wide association studies (GWAS), single nucleotide polymorphisms (SNP) arrays, and genome sequence, transcriptomic, metagenomic, epigenomic, and gene expression data.
The UCSF Library webpage for the 2023 NIH Data Management and Sharing Policy has more details and resources for investigators, including UCSF Budget Guidance - how to plan for data management costs.
Harassment and Discrimination Protections
In accordance with Title IX of the Education Amendments of 1972, Federally-supported research and training must occur in a civil, safe, and respectful environment, free from discrimination and unlawful harassment, sexual or otherwise. Harassment of any kind including sexual harassment is not tolerated at institutions that receive Federal funding or anywhere that Federally-funded activities are conducted.
UCSF has principles and policies that align with the Federal requirements.
Additional NIH Requirements
- NIH Training Grant Applications require an additional institutional Letter of Support (flatten before uploading) ensuring that the University has proper policies, procedures, oversight, and practices in place to prevent discriminatory harassment and other discriminatory practices, and ensuring that the institution has adopted procedures to request prior approval of a change in the status of the PD/PI or other senior/key personnel if administrative or disciplinary action is taken that impacts their ability to continue in their role on the NIH award as described in the application. (NOT-OD-19-029, UCOP)
- NIH recipients must comply with Federal civil rights laws that prohibit discrimination on the basis of race, color, national origin, age, sex (which includes discrimination on the basis of gender identity, sexual orientation, and pregnancy), and disability. Ensuring that meaningful steps are taken to provide access to persons with limited English proficiency and ensuring effective communication with persons with disabilities. (NOT-OD-23-047)
- NIH-supported conferences and scientific meetings are expected to take steps to maintain a safe and respectful environment for all attendees by providing an environment free from discrimination and harassment. Just-In-Time materials for conference awards will include requirement of a “safety plan” that will be communicated to all conference/meeting attendees. (NOT-OD-22-074, Safety Plan and letter to conference participants templates)
- NIH requires notification when the Program Director/Principal Investigator (PD/PI) or Senior Key Personnel named on the NIH Notice of Award (NoA) is removed or otherwise disciplined due to concerns about harassment, bullying, retaliation, or hostile working conditions. (NOT-OD-22-129)
UCSF Reporting Procedures: Immediately upon knowledge of removal or disciplinary action involving the PD/PI or Senior Key Personnel named on the NIH NoA, email the UCSF Point of Contact (POC) for NIH reporting. The UCSF POC will complete and submit the report and coordinate any resulting administrative requirements.
- NIH expects prior approval requests for change in status and change of recipient organization include mention as to whether the change is related to concerns about safety and/or work environments (e.g. due to concerns about harassment, bullying, retaliation, or hostile working conditions). (NOT-OD-20-124)
UCSF Reporting Procedures: Immediately upon knowledge of removal or disciplinary action involving the PD/PI or Senior Key Personnel named on the NIH NoA, email the UCSF Point of Contact (POC) for NIH reporting. The UCSF POC will complete and submit the report and coordinate any resulting administrative requirements.
Human Fetal Tissue (HFT) Research (NIH Requirement)
On July 26, 2019, NIH modified the policy on Human Fetal Tissue Research (NIH GPS 4.1.14) to include the HHS requirements and review considerations for NIH research applications (e.g. grants, cooperative agreements, and R&D contracts) that involve the proposed use of human fetal tissue obtained from elective abortions (HFT). See Human Fetal Tissue Research, Human Fetal Tissue from Elective Abortions (NIH GPS 4.1.14.2).
These requirements apply to competing grant applications submitted for due dates on or after September 25, 2019 and in response to R&D contract solicitations published on or after September 25, 2019 and grant and cooperative agreement awards with HFT or that add HFT made on or after September 25, 2019.
Refer to the General Application Guide for specific instructions when preparing competing applications proposing research involving HFT. In the SF424 (R&R) Version F, HFT are called-out in the Cover Letter (Section G.200), Cover Page Supplement Form (G.210), Detailed Budget and Justification (Section G.300), and Research Plan (Section G.400). Page limits will not be increased to accommodate these requirements. The Modular Budget Form cannot be used (Section G.320). For R&D contract proposals, please refer to the specific solicitation for proposal instructions.
Human Subjects
The UCSF Human Research Protection Program (HRPP) is responsible for ensuring the ethical and equitable treatment of human research subjects, as well as ensuring compliance with Federal Regulations, State Statues and Guidance.
The Institutional Review Board (IRB) - formerly known as the Committee on Human Research (CHR) - reviews and makes decisions on all research involving human subjects performed by UCSF faculty, staff and students, regardless of funding source or the location of the research.
Awards requiring these types of approvals may be processed before the IRB has issued an approval number. However, in such cases, research is restricted to activities not involving human subjects. Research activities involving human subjects may only proceed after IRB has given a final approval and number. In order for the approval to be valid the Sponsor (or funding source), and Key Personnel must be listed on the IRB applications.
Instructions to add a funding source or Key Personnel.
The revised Common Rule (2018 Requirements) requires at 45 CFR 46.114(b) that all institutions located in the United States that are engaged in cooperative research that involves more than one institution, conducted or supported by a Federal department or agency, rely upon approval by a single IRB for the portion of the research that is conducted in the United States.
The NIH Policy on Use of a Single Institutional Review Board (sIRB) of Record for Multi-Site Research establishes the expectation that all sites participating in NIH-funded, multi-site studies, involving non-exempt human subjects research, will use a sIRB to conduct the ethical review required by the Department of Health and Human Services (HHS) regulations for the Protection of Human Subjects at 45 CFR Part 46.
Human Research Administration
- Protecting Your Grant: Affirmative Action and Non-Discrimination: Hiring for grants at UCSF must follow laws regarding Affirmative Action and Equal Opportunity Employment.
- Personnel Policies for Staff Members
- A&PS and Staff Title and Pay Plans
International Collaborations
Federal and UC guidelines require reporting and monitoring of international collaborations. The following resources are available regarding International Collaborations.
- Learn more about improper foreign government influence, international travel, internal hires & visitors, international collaborations and more.
- Adding Foreign Component to sponsored project
- When and what to include in Other Support and Biosketches
- UC Global programs supports projects with international components
- Issue Subaward/Subcontract
OSR will confirm appropriate compliance requirements are disclosed in our proposal system (eProposal). If an application involves collaboration with a foreign organization or includes a foreign component, OSR staff will work with the PI of the application to ensure the following compliance questions are addressed:
-
Does the proposal include subawards?
-
Are any subrecipients foreign entities or do any include foreign components? If yes, identify countries.
-
Are UCSF personnel, consultants, or independent contractors performing work in a foreign country? If yes, identify countries where activity/activities will occur.
-
Does proposal include unfunded collaboration with person/entity in a foreign country? If yes, identify country where collaboration will take place.
-
Will proposed work require any type of a partner affiliation agreement?
-
Has the PI received resources (financial/non-financial) that are (related/not related to the project) from any foreign parties?
Additional review/actions may be required from other UCSF units (i.e. Export Control Office (ECO) or International Research Support Office (IRSO)) depending on compliance needs. All University personnel must identify when their activities may trigger export controls. If you think an activity may be subject to export control regulations, please escalate the question to Export Control Officer, at [email protected].
The PI’s must respond to ECO Compliance Assessment and any requests from other compliance offices at time of proposal or follow up at time of award, if advised to do so. If there are questions regarding operating in a foreign country, including but not limited to hiring and foreign government requirements, please contact Joe Novotny and Gladys Villacorta in IRSO.
View Roles and Responsibilties
Key Contacts
- Export Control Officer - [email protected]
- International Research Support Operations – Joe Novotny and Gladys Villacorta
- International Visitors – International Students and Scholars Office
Safety Committees
Safety Committees are campus committees that are mandated by regulatory and policy requirements.
- Chemical & Environmental Safety Committee
- Human Gamete, Embryo and Stem Cell Research Committee (GESCR)
- Institutional Biosafety Committee
- Radiation Safety Committee
- Radioactive Drug Research Committee
UCSF, UCOP and The Regents' Policies/Regulations
- UCSF
- Campus Administrative Policies - See Academic Administration (100), Financial Administration (300) and Contracts and Grants (400)
- Campus Code of Conduct
- Affirmative Action and Non-Discrimination
- Social Media Guidelines
- Export Control - In addition to actual shipment of a commodity out of the United States, export regulations also control the transfer, release or disclosure of technical data about controlled commodities to foreign persons in the United States.
- Integrity of Research - Along with the Integrity of Research campus policy (100-29), Academic Affairs offers further procedures on Integrity of Research.
- UCOP and The Regents'
Federal and County Policies/Regulations
- Federal Policies and Regulations
- Uniform Guidance
- OMB Circular A-21: Cost Principles
- OMB Circular A-110: Administrative Principles
- OMB Circular A-133: Audit Principles
- Code of Federal Regulations
- NIH - Grants and Funding
- Responsible Conduct of Research - NIH provides guidance and training resources in the Responsible Conduct of Research (RCR). RCR training is mandatory for the recipients of some NIH awards.
- Federal Register
- San Francisco and Bay Area Counties