Sponsor Visits

Updated May 6, 2022

Onsite sponsor/monitor visits are permitted in clinical and non-clinical areas. There continues to be no limit on the number of representatives that can visit, however, we encourage you to limit the visitors to the minimum number required. Sponsors visitors are still required to provide verbal attestation of vaccination, complete the symptom screening at the door, and must adhere to all mask requirements.

Please note that Investigational Drug Services continues to have specific requirements for on-site IDS monitoring:

  • Limit visit to 1 person who:
    • Must be able to attest that they do not have symptoms or a fever,
    • Must social distance while in the IDS pharmacy area.
  • Site visits will be scheduled through normal methods.
  • For monitors who are not vaccinated, visits will be conducted virtually.
  • IDS retains the option to restrict the number of visits scheduled in any one day to allow for appropriate distancing, etc.

Remote Monitoring

There are four options for sharing information with study sponsors.  All four have been approved for use with patient (subject) related activities. You are not required to redact the information you share using these tools.

EpicCare Link

Monitors can obtain a EpicCare Link account to obtain access to the Epic medical records for specific subjects/patients.

For more information, click here.


Team members can use Webex to conduct virtual meetings through video or conference line.

For more information, click here.

Secure E-Mail

Team members with a health system email account can send secured e-mails.

For more information, click here.

Although secure e-mail is an acceptable option, HIT security asked that it be used as a last resort.  They prefer that WebEx or Dropbox is used whenever possible when sharing information that is not accessible via EpicCare Link.


Team members can Dropbox, a secure cloud storage to store, sync, and share data files  Dropbox:

For more information, click here.

When using Dropbox for this purpose, you must set an expiration date and password.

Instructions: Using “Dropbox Transfer” to send PHI


Data Security Plan (During the pandemic)

We realize that you have not included all of these options in the Data Security Plan (DSP) approved for your studies.  HIT Security agreed that you may move forward with using these without first updating your DSP.  However, we must be able to provide them with a list of studies that utilize any of these tools.  The SOM CTO has agreed to maintain this list.  So, if you plan to utilize these options and they are not in the current approved DSP, please contact Patricia Moss and provide her with the following information:

  • IRB #
  • PI
  • Which tools you plan to utilize