Presentation is loading. Please wait.

Presentation is loading. Please wait.

Human Subjects Update E. Wethington, Chair, UCHS.

Published byWinifred Casey Modified over 8 years ago

Similar presentations

Presentation on theme: "Human Subjects Update E. Wethington, Chair, UCHS."— Presentation transcript:

1 Human Subjects Update E. Wethington, Chair, UCHS

2 Health Insurance Portability and Accountability Act, 1996 Not administered by the Office of Human Research Protection, but by the U.S. Office of Civil Rights and the U.S. Department of Justice Sets standards for privacy and confidentiality that differ from those in federal human subjects regulations (aka. The Common Rule)

3 Privacy requirements, in effect 4.14.2003 HIPAA privacy requirements apply to all research involving the use or disclosure of “Protected Health Information” by “Covered Entities,” regardless of the funding source for the research. Therefore, even privately-sponsored research, conducted by private physicians in their private offices, is subject to the Privacy Rule, as long as the physicians are considered “Covered Entities.” (The regulatory definition includes almost all providers of healthcare services.)

4 What Does the HIPAA Privacy Rule Do? Gives people more control over their health information Establishes safeguards to protect the privacy of health information Sets rules for the use and release of health information and records Creates civil and criminal penalties for violations of privacy standards

5 Rights of Research Subjects and Patients Restricts the use and disclosure of their health information to particular situations, except as specifically authorized by the subject-patient Limits the use and disclosure of their health information to the minimum reasonably needed Provides for an accounting of how their health information has been used and disclosed Proves the right to examine and obtain a copy of their health records and request corrections

6 Impact on Research Investigators Requires either an Authorization from the patient-subject or a waiver by an Institutional Review Board (IRB) or a Privacy Board to use of disclose Protected Health Information Requires methodical tracking of disclosures of Protected Information (“Covered entities” are required to furnish a “Notice of Privacy Practices” to all research subjects.)

7 Research consents acquired prior to April 14, 2003 Protected Health Information may continue to be used, received or disclosed for research after 4.14.2003 if one of the following has been obtained prior to the 4/13/03 deadline: Express legal permission or authorization from the individual to use PHI for research purposes Informed consent of the individual to take part in research Approval by the relevant IRB of a waiver of informed consent requirements (DHHS 45 CFR 46)

8 The Penalties Are Substantial Civil penalties $100 per violation, up to $25,000 per patient/subject, per year for each requirement or prohibition violated Criminal penalties, e.g. “knowingly obtaining protected health information in violation of the law” Up to $100,000 and up to 5 years in prison if the offenses are committed under “false pretenses”

9 If you obtain individually identifiable health information from a “covered entity” you will be affected by HIPAA Signed contracts on data security Signed contracts restricting data analyses and uses If you obtain anonymized health information from a “covered entity” you are probably okay You should register it with UCHS You should practice strong data security habits

10 Cornell Procedures Cornell-Ithaca is not a “Covered Entity.” Cornell Medical College is a hybrid entity. UCHS is the HIPAA “Privacy Board” for CU-Ithaca Cornell Medical College Privacy Manual is being adapted for use here at CU-Ithaca UCHS and the IRB at Cornell Medical will coordinate on PHI transfer between institutions UCHS must review all incoming projects involving Protected Health Information We must see documentation of authorizations; any other reviews done by an IRB or Privacy Board at a “covered entity.” We must review the importation of “limited datasets” containing protected health information released to CU researchers. (Security guidelines must be followed.) Projects will qualify for “exemption” or “expedited” review.

11 More Useful Information NIH has recently posted guidelines on addressing the HIPAA Privacy Rule in grant applications NIH will follow the Common Rule HIPAA applies only to domestic (U.S.) research No one knows how this is going to work out… Some institutional IRBs are adopting HIPAA standards for other types of research

Download ppt "Human Subjects Update E. Wethington, Chair, UCHS."

Similar presentations

SIMPLIFYING PRIVACY: HIPAA PRIVACY STANDARDS AND RESEARCH Angela M. Vieira General Counsel Childrens Hospital and Health Center June 5, 2004.

SIMPLIFYING PRIVACY: HIPAA PRIVACY STANDARDS AND RESEARCH Angela M. Vieira General Counsel Childrens Hospital and Health Center June 5, 2004.
HIPAA AWARENESS TRAINING

HIPAA AWARENESS TRAINING
1 The Health Insurance Portability and Accountability Act (HIPAA) A guided tutorial for GVSU employees.

1 The Health Insurance Portability and Accountability Act (HIPAA) A guided tutorial for GVSU employees.
1 The HIPAA Privacy Rule and Research This presentation will probably involve audience discussion, which will create action items. Use PowerPoint to keep.

1 The HIPAA Privacy Rule and Research This presentation will probably involve audience discussion, which will create action items. Use PowerPoint to keep.
HIPAA and Public Health 2007 Epi Rapid Response Team Conference.

HIPAA and Public Health 2007 Epi Rapid Response Team Conference.
Confidentiality and HIPAA

Confidentiality and HIPAA
Copyright Eastern PA EMS Council February 2003 Health Information Portability and Accountability Act It’s the law.

Copyright Eastern PA EMS Council February 2003 Health Information Portability and Accountability Act It’s the law.
COBB/DOUGLAS COMMUNITY SERVICES BOARD Confidentiality and Privacy of Consumer Information.

COBB/DOUGLAS COMMUNITY SERVICES BOARD Confidentiality and Privacy of Consumer Information.
HIPAA Privacy Training Your Name Here. © 2004 MHM Resources Inc.2 HIPAA Background Health Insurance Portability and Accountability Act of 1996.

HIPAA Privacy Training Your Name Here. © 2004 MHM Resources Inc.2 HIPAA Background Health Insurance Portability and Accountability Act of 1996.
HIPAA – Privacy Rule and Research USCRF Research Educational Series March 19, 2003.

HIPAA – Privacy Rule and Research USCRF Research Educational Series March 19, 2003.
Increasing public concern about loss of privacy Broad availability of information stored and exchanged in electronic format Concerns about genetic information.

Increasing public concern about loss of privacy Broad availability of information stored and exchanged in electronic format Concerns about genetic information.
HIPAA PRIVACY REQUIREMENTS Dana L. Thrasher Constangy, Brooks & Smith, LLC (205) 252-9321; Victoria Nemerson.

HIPAA PRIVACY REQUIREMENTS Dana L. Thrasher Constangy, Brooks & Smith, LLC (205) ; Victoria Nemerson.
1 HIPAA and Research and YOU. 2 INTRODUCTION Rule #1:Don’t Panic Rule #2:Bottom Line for Researchers: HIPAA is Manageable thru Education/Awareness and.

1 HIPAA and Research and YOU. 2 INTRODUCTION Rule #1:Don’t Panic Rule #2:Bottom Line for Researchers: HIPAA is Manageable thru Education/Awareness and.
HIPAA Health Insurance Portability and Accountability Act.

HIPAA Health Insurance Portability and Accountability Act.
What is HIPAA? This presentation was created by The University of Arizona Privacy Office, The Office for the Responsible Conduct of Research on March 5,

What is HIPAA? This presentation was created by The University of Arizona Privacy Office, The Office for the Responsible Conduct of Research on March 5,
Managing Access to Student Health Information per Federal HIPAA Guidelines Joan M. Kiel, Ph.D., CHPS Duquesne University Pittsburgh, Penna 412-396-4419.

Managing Access to Student Health Information per Federal HIPAA Guidelines Joan M. Kiel, Ph.D., CHPS Duquesne University Pittsburgh, Penna
NAU HIPAA Awareness Training

NAU HIPAA Awareness Training
TM The HIPAA Privacy Rule: Safeguarding Health Information in Research and Public Health Practice Centers for Disease Control and Prevention Beverly A.

TM The HIPAA Privacy Rule: Safeguarding Health Information in Research and Public Health Practice Centers for Disease Control and Prevention Beverly A.
HIPAA Privacy Rule Compliance Training for YSU April 9, 2014.

HIPAA Privacy Rule Compliance Training for YSU April 9, 2014.
HIPAA THE PRIVACY RULE Reviewed December 2012 2 HISTORY In 2000, many patients that were newly diagnosed with depression received free samples of anti-

HIPAA THE PRIVACY RULE Reviewed December HISTORY In 2000, many patients that were newly diagnosed with depression received free samples of anti-

Similar presentations

Ads by Google