Presentation is loading. Please wait.

Presentation is loading. Please wait.

©2014 Trinity Health. All Rights Reserved. 1 HIPAA Considerations in Research Monica Lareau, MS, CHPC Director, HIPAA Compliance/Privacy Official Integrity.

Published byPaul Payne Modified over 7 years ago

Similar presentations

Presentation on theme: "©2014 Trinity Health. All Rights Reserved. 1 HIPAA Considerations in Research Monica Lareau, MS, CHPC Director, HIPAA Compliance/Privacy Official Integrity."— Presentation transcript:

1 ©2014 Trinity Health. All Rights Reserved. 1 HIPAA Considerations in Research Monica Lareau, MS, CHPC Director, HIPAA Compliance/Privacy Official Integrity & Audit Services Dawn Pedinelli, RN, MBA, CCRC, CHRC Director of Research Unified Clinical Organization

2 ©2014 Trinity Health. All Rights Reserved. 2 HIPAA Considerations in Research Monica Lareau, MS, CHPC Director, HIPAA Compliance/Privacy Official Integrity & Audit Services Dawn Pedinelli, RN, MBA, CCRC, CHRC Director of Research Unified Clinical Organization

3 ©2014 Trinity Health. All Rights Reserved. 3 Agenda Overview: HIPAA & the Common Rule Authorization to use and disclose PHI Waiver of authorization Reviews preparatory to research De-identified data Limited data sets Accounting of disclosures Data protection Data Governance Case Studies 3

4 ©2014 Trinity Health. All Rights Reserved. 4 ©2016 Trinity Health - Livonia, Mich. 4 Employed Physicians 3,900 Affiliated Physicians 23,900 of all babies in America are delivered at Trinity Health facilities 1.7 % *Owned, managed or in JOAs or JVs. **Operations are organized into Regional Health Ministries ("RHMs"), each an operating division which maintains a governing body with managerial oversight subject to authorities. ***Includes multiple locations for Trinity Home Health Services, Trinity Senior Living Communities and PACE facilities. Home Care & Hospice Locations Serving 116 Counties 47 Continuing Care Facilities 59 PACE Center Locations 14 Our 21-State Diversified Network Hospitals* in 21 Regional Health Ministries** 90 Mission Health Ministries 4 National Health Ministries*** 3++

5 ©2014 Trinity Health. All Rights Reserved. 5 Trinity’s Research Enterprise 25 local IRB’s in existence Broad range of scope and size Community hospital based Academic medical center with University based IRB Numerous partnerships with external organizations Historically a decentralized, locally driven operational model Greater emphasis on sharing best practices and standard work flows 5

6 ©2014 Trinity Health. All Rights Reserved. 6 Overview: HIPAA & the Common Rule

7 ©2014 Trinity Health. All Rights Reserved. 7 HIPAA Privacy Rule Designed to protect confidentiality of patient information Medical records Billing records Gives patients significant rights with respect to their health information Governs how protected health information may be used or disclosed by covered entities for research purposes 7

8 ©2014 Trinity Health. All Rights Reserved. 8 “Common Rule” Most research involving human subjects operates under federal regulations known as the Common Rule (45 CFR Part 46, Subpart A) Additional FDA regulations (21 CFR Parts 50 & 56) also protect the rights of human subjects in clinical trials These regulations: Apply to most Federally funded and some privately funded research studies Include protections to help ensure the privacy of subjects and the confidentiality of their information 8

9 ©2014 Trinity Health. All Rights Reserved. 9 The Common Rule & HIPAA HIPAA builds upon protections provided by the Common Rule HIPAA’s Privacy Rule creates equal standards of privacy protection for research: Governed by federal human subject regulations Not governed by human subject regulations 9

10 ©2014 Trinity Health. All Rights Reserved. 10 The Common Rule & HIPAA Common Rule will continue to provide protections for subjects participating in clinical trials Privacy Rule provides additional protections for health information Record reviews to prepare research proposals Record reviews for research projects 10

11 ©2014 Trinity Health. All Rights Reserved. 11 Question Does the HIPAA Privacy Rule Modify the Common Rule? 11

12 ©2014 Trinity Health. All Rights Reserved. 12 Question Does the HIPAA Privacy Rule Modify the Common Rule? No. If both the Privacy Rule and the Common Rule apply, both must be followed. The Privacy Rule only regulates the use and disclosure of PHI for research purposes. It does not address other aspects of research, such as informed consent Source: OCR FAQ #308 12

13 ©2014 Trinity Health. All Rights Reserved. 13 IRBs and Privacy Boards Under the Common Rule, human subject research must be approved by an Institutional Review Board (IRB) The approving IRB may be a part of the institution where the research will be done; or It may be a regional IRB that reviews research for many institutions Recognizing that many small organizations do not have access to an IRB, the Privacy Rule also allows for Privacy Boards to review the use or disclosure of PHI for research purposes 13

14 ©2014 Trinity Health. All Rights Reserved. 14 IRBs and Privacy Boards A covered entity (CE) is not required to have a Privacy Board A research project reviewed by an IRB does not need review by a Privacy Board A Privacy Board is an alternative if an IRB is not available 14

15 ©2014 Trinity Health. All Rights Reserved. 15 Proposed Modifications to the Common Rule A Notice of Proposed Rulemaking (NPRM) was published in the Federal Register on September 8, 2015. Proposed changes: Informed Consent Rules – Clarity Biospecimens Exclusions http://www.hhs.gov/ohrp/humansubjects/regulations/nprm2015summary.html# 15

16 ©2014 Trinity Health. All Rights Reserved. 16 Education related to Proposed Changes Office for Human Research Protections (OHRP) Webinar Series on the Common Rule NPRM 6 key topics covered by the webinars: Overview of the NPRM (approx. 34 mins.), Jerry Menikoff, Director, OHRP Exclusions and Exemptions (approx. 30 mins.), Jerry Menikoff, Director, OHRP Informed Consent (approx. 28 mins.), Jerry Menikoff, Director, OHRP IRB Review and Operations (approx. 18 mins.), Julia Gorey, Policy Analyst, Division of Policy and Assurances, OHRP Research with Biospecimens (approx. 22 mins.), Julie Kaneshiro, Deputy Director, OHRP Secondary Research Use of Data (approx. 21 mins.), Ivor Pritchard, Senior Advisor to the Director, OHRP http://www.hhs.gov/ohrp/education/training/nprmwebinars.html 16

17 ©2014 Trinity Health. All Rights Reserved. 17 Authorization to Use & Disclose PHI

18 ©2014 Trinity Health. All Rights Reserved. 18 Privacy Regulations CEs may use and disclose protected health information for research: With the subject’s authorization; or Without the subject’s authorization under limited circumstances 18

19 ©2014 Trinity Health. All Rights Reserved. 19 What is Authorization? Written permission from the subject or legally authorized representative to use and disclose protected health information Authorization is in addition to informed consent required for participation in a clinical trial Required elements 19

20 ©2014 Trinity Health. All Rights Reserved. 20 Combined Authorizations For research, the authorization to use and disclose protected health information may be combined with the informed consent CEs may: Develop a separate authorization form for researchers to use, or Incorporate authorization requirements into their standard informed consent form 20

21 ©2014 Trinity Health. All Rights Reserved. 21 Question May researchers condition participation in a clinical trial on an authorization? 21

22 ©2014 Trinity Health. All Rights Reserved. 22 Question May researchers condition participation in a clinical trial on an authorization? Yes. The Privacy Rule does not prohibit researchers from conditioning enrollment in a research study on the subject providing authorization for the use of pre-existing health information. Source: OCR FAQ #304 22

23 ©2014 Trinity Health. All Rights Reserved. 23 Question May researchers use a research subject’s protected health information if he revokes his authorization? 23

24 ©2014 Trinity Health. All Rights Reserved. 24 Question May researchers use a research subject’s protected health information if he revokes his authorization? Yes, the researcher may continue to use PHI obtained before the subject revoked his authorization for purposes needed to maintain the integrity of the research study, including Accounting for subject’s withdrawal from the study If needed to incorporate into FDA marketing application To report adverse events A CE cannot continue to disclose PHI to a researcher after the date of the revocation Source: OCR FAQ #316 24

25 ©2014 Trinity Health. All Rights Reserved. 25 Waiver of Authorization

26 ©2014 Trinity Health. All Rights Reserved. 26 Waiver Criteria--#1 IRB or Privacy Board may waive requirement for authorization if: Use or disclosure of PHI involves no more than minimal risk to privacy of the subject and there is An adequate plan to protect identifiers from improper use or disclosure An adequate plan to destroy identifiers Written assurance that PHI will not be reused or disclosed except as required by law, for oversight of the study, or other permitted research 26

27 ©2014 Trinity Health. All Rights Reserved. 27 Waiver Criteria--#2 IRB or Privacy Board may waive requirement for authorization if: Research could not be practicably conducted without the waiver or alteration 27

28 ©2014 Trinity Health. All Rights Reserved. 28 Waiver Criteria--#3 IRB or Privacy Board may waive requirement for authorization if: Research could not be practicably conducted without access to and use of protected health information 28

29 ©2014 Trinity Health. All Rights Reserved. 29 Research not Requiring an Authorization or a Waiver

30 ©2014 Trinity Health. All Rights Reserved. 30 Research Not Requiring Authorization or Waiver There are some situations in which neither an authorization nor a waiver is required for research using PHI Reviews preparatory to research Research on decedents Research using de-identified data Research using a limited data set 30

31 ©2014 Trinity Health. All Rights Reserved. 31 Reviews Preparatory to Research Review of PHI that is needed to: Design a research study, or Assess the feasibility of conducting a study Authorization is not required A waiver from an IRB or Privacy Board is not required 31

32 ©2014 Trinity Health. All Rights Reserved. 32 Question Does “reviews preparatory to research” include contacting patients to recruit them for a research study? 32

33 ©2014 Trinity Health. All Rights Reserved. 33 Question Do “reviews preparatory to research” include contacting patients to recruit them for a research study? Yes, but information may not be removed from the CE’s premises. A researcher who is part of the CE’s workforce could use PHI to contact patients for study recruitment. But, an outside researcher would need to get a partial waiver of authorization from the IRB in order to contact patients. Source: OCR FAQ #317 33

34 ©2014 Trinity Health. All Rights Reserved. 34 Research on PHI of Decedents For research conducted solely on PHI of deceased individuals Authorization is not required A waiver from an IRB or Privacy Board is not required Research is conducted solely on PHI of deceased individuals, and 34

35 ©2014 Trinity Health. All Rights Reserved. 35 Research on PHI of Decedents Researcher must provide a statement that: Research is conducted solely on PHI of deceased individuals PHI sought is necessary for the research, and Researcher will provide documentation of subjects’ deaths, if requested by the CE 35

36 ©2014 Trinity Health. All Rights Reserved. 36 De-Identified Data

37 ©2014 Trinity Health. All Rights Reserved. 37 De-Identified Data Data that is de-identified loses its protections under HIPAA May be freely used or disclosed for research and other purposes 37

38 ©2014 Trinity Health. All Rights Reserved. 38 De-Identified Data To be considered “de-identified,” data cannot contain any of 18 specific identifiers of an individual and his/her relatives, employers, or household members If any remain, a qualified statistician can determine if risk of re-identification is very small 38

39 ©2014 Trinity Health. All Rights Reserved. 39 Patient Identifiers Names Geographic subdivisions smaller than a state Street address, city, county, precinct, zip code May use first three digits of zip code if geographic unit contains more than 20,000 people All elements of dates (except year) for birth, death, admission, discharge, and other services All ages over 89 including year Telephone numbers 39

40 ©2014 Trinity Health. All Rights Reserved. 40 Patient Identifiers, continued Fax numbers E-mail addresses Social Security Numbers Medical record numbers Health plan beneficiary numbers Account numbers Device identifiers Biometric identifiers, including finger and voice prints Full face photographs 40

41 ©2014 Trinity Health. All Rights Reserved. 41 Re-Identification Codes Privacy Rule permits re- identification codes to be assigned to de-identified data, however Code may not be generated using any individually identifiable health information Keyed hash message authentication code (HMAC) is not acceptable because it is derived from individually identified information 41

42 ©2014 Trinity Health. All Rights Reserved. 42 Limited Data Sets

43 ©2014 Trinity Health. All Rights Reserved. 43 Limited Data Sets New concept introduced in August, 2002, modifications to the Privacy Rule Attempts to overcome limitations of de-identified data May only be used for: Research Public health Healthcare operations of a CE 43

44 ©2014 Trinity Health. All Rights Reserved. 44 Limited Data Sets Allows some PHI identifiers to be kept with the data: Dates of admission, discharge, and other services Date of birth Date of death 5-digit zip code 44

45 ©2014 Trinity Health. All Rights Reserved. 45 Limited Data Sets Requires user to have written data use agreement with CE to protect the data User agrees to Not use or further disclose information Use appropriate safeguards to protect PHI Report any misuse or inappropriate disclosure Not identify information or contact individuals 45

46 ©2014 Trinity Health. All Rights Reserved. 46 Accounting of Disclosures

47 ©2014 Trinity Health. All Rights Reserved. 47 Accounting of Disclosures Patients have the right to obtain an accounting of certain disclosures of their health information for up to 3 years after the disclosure was made Research disclosures are included unless The patient authorized use of his PHI The data was de-identified The data was part of a limited data set 47

48 ©2014 Trinity Health. All Rights Reserved. 48 Accounting of Disclosures Accounting must include: Date of disclosure Person to whom information was disclosed Brief description of information disclosed Copy of request for disclosure 48

49 ©2014 Trinity Health. All Rights Reserved. 49 Accounting of Disclosures If a research project involves fewer than 50 patient records: Must track access to each patient’s record “Simplified” accounting for research projects involving 50 or more records: May give patient a list of all protocols for which his records may have been reviewed, including: Name and description of study Timeframe of disclosures Name & contact information for researcher 49

50 ©2014 Trinity Health. All Rights Reserved. 50 Practice Issue Often, HIM Department receives a record “pull list” but does not know why records are being requested Disclosures for treatment, payment, and healthcare operations do not have to be included in an accounting of disclosures, but-- Some research disclosures do need to be tracked for an accounting of disclosures 50

51 ©2014 Trinity Health. All Rights Reserved. 51 Solution It’s reasonable to: Ask requesters the purpose of their request Ask researchers to provide documentation of IRB approval 51

52 ©2014 Trinity Health. All Rights Reserved. 52 Data Protection

53 ©2014 Trinity Health. All Rights Reserved. 53 Do Your IRB’s Discuss Data Protection? Improper disclosure of research participants’ protected health information results in $3.9 million HIPAA settlement Feinstein Institute for Medical Research (FIMR) A biomedical research institute in New York not-for-profit arm of Northwell Health, Inc., (formerly known as North Shore Long Island Jewish Health System) a large health system in New York that is comprised of twenty one hospitals and over 450 patient facilities and physician practices. 2012- laptop containing the electronic protected health information (ePHI) of approximately 13,000 patients and research participants was stolen from an employee’s car. 3 year Corrective Action Plan http://www.hhs.gov/sites/default/files/FIMR%20Resolution%20Agreement%20and%20Corrective%20A ction%20Plan.pdf 53

54 ©2014 Trinity Health. All Rights Reserved. 54 OCR Violations FIMR impermissibly disclosed the ePHI of 13,000 individuals when an FIMR- owned laptop computer containing ePHI was left unsecured in the back seat of an employee’s car. See 45 C.F.R. § 164.502(a). (ii) FIMR failed to conduct an accurate and thorough risk analysis of the potential risks and vulnerabilities to the confidentiality, integrity, and availability of all of the ePHI held by FIMR,. See 45 C.F.R. § 164.308(a)(1)(ii)(A). (iii) FIMR failed to implement policies and procedures for granting access to ePHI by its workforce members. See 45 C.F.R. § 164.308(a)(4)(ii)(B). FIMR failed to implement physical safeguards for a laptop that contained ePHI to restrict access to unauthorized users. See 45 C.F.R. § 164.310(c). (v) FIMR failed to implement policies and procedures that govern receipt and removal of hardware and electronic media that contain ePHI into and out of a facility, and the movement of these items within the facility. See 45 C.F.R. § 163.310(d). (vi) FIMR failed to implement a mechanism to encrypt ePHI or, alternatively, document why encryption was not reasonable and appropriate and implement an equivalent alternative measure to encryption to safeguard ePHI. See 45 C.F.R. § 164.312(a)(2)(iv).. 54

55 ©2014 Trinity Health. All Rights Reserved. 55 $1.55M settlement - North Memorial Health North Memorial is a not-for-profit health care system in Minnesota that serves the Twin Cities north, central, and west communities. North Memorial reported July 25, 2011, an unencrypted laptop that contained the electronic protected health information of approximately 2,800 individuals (later amended to include an additional 6,697 individuals) who received care from North Memorial was stolen from an Accretive Health (“Accretive”) workforce member’s locked vehicle. North Memorial noted that Accretive was its business associate. 2 year Corrective Action Plan http://www.hhs.gov/sites/default/files/North%20Memorial%20RA%20and%20CAP%20March%202016 %20%28508%29.pdf 55

56 ©2014 Trinity Health. All Rights Reserved. 56 OCR Violations North Memorial provided Accretive with access to North Memorial’s protected health information (PHI) without obtaining a written business associate agreement. North Memorial began providing Accretive with access to North Memorial’s PHI on March 21, 2011, and did not enter into a written business associate agreement with Accretive until October 14, 2011. See 45 C.F.R. § 164.308(b) and 45 C.F.R § 164.502(e). From March 21, 2011 to October 14, 2011, North Memorial impermissibly disclosed the PHI of at least 289,904 individuals to Accretive when North Memorial provided Accretive with access to PHI without obtaining Accretive’s satisfactory assurances, in the form of a written business associate agreement, that Accretive would appropriately safeguard the PHI. See 45 C.F.R. § 164.502(a). North Memorial failed to conduct an accurate and thorough risk analysis that incorporated all of North Memorial’s information technology equipment, applications, and data systems using electronic PHI. See 45 C.F.R. § 164.308(a)(1)(ii)(A). 56

57 ©2014 Trinity Health. All Rights Reserved. 57 Research Data Protection Safeguards Confidentiality Agreements No unencrypted data storage No removable media (ideally) Citrix Share File or remote access is recommended No PHI in emails Procedures for lost data Data retention/destruction disclosure standards Data Access Standards 57

58 ©2014 Trinity Health. All Rights Reserved. 58 Data Governance

59 ©2014 Trinity Health. All Rights Reserved. 59 Data Governance Considerations Are there any governance structures outside of the IRB to coordinate: Source data requests HIPAA incident response Legal/Compliance issues Reporting of IRB business and outcomes Information Security protocols for data transfers Comprehensive Data Protection component of research agreement 59

60 ©2014 Trinity Health. All Rights Reserved. 60 Structure Considerations The structure will be determined by the size, scope and complexity of the facility/program Smaller Facilities may want to integrate into existing structures on an ad hoc basis Larger Facilities should have a dedicated research governance structure 60

61 ©2014 Trinity Health. All Rights Reserved. 61 IG Structure In Smaller facilities…. Research could participate as a member of: Medical Executive Committee Quality/Accreditation Committee In larger facilities and health systems…. Research could be a sub group of: Clinical Governance Compliance 61

62 ©2014 Trinity Health. All Rights Reserved. 62 Expanding Research Considerations The White House is unveiling final Privacy and Trust Principles for the Precision Medicine Initiative (PMI). The principles provide broad guidance for future PMI activities regarding: governance; transparency; participant empowerment; respect for participant preferences; data sharing, access, and use; and data quality and integrity. The principles articulate a set of core values and responsible strategies for sustaining public trust and maximizing the benefits of precision medicine. https://www.whitehouse.gov/precision-medicine 62

63 ©2014 Trinity Health. All Rights Reserved. 63 Case Studies

64 ©2014 Trinity Health. All Rights Reserved. 64 Research utilizing Hospital Data Local Hospital is conducting IRB approved research Research population extracted from surgical information system ~ 2000 Researcher carries data on a jump drive and accesses hospital records in physician lounge Jump drive lost Researcher looks for the jump drive for two weeks and then hangs a sign in the physician lounge asking for its return Reported at IRB meeting two months later Who is Responsible for investigation and reporting this incident? A.The researcher B.The hospital C.The IRB 64

65 ©2014 Trinity Health. All Rights Reserved. 65 Research Utilizing Hospital Data Who is responsible? The hospital The data was disclosed from the hospital data systems and the patients involved received care at the hospital. There were no data release/protection agreements in place. The data was lost inside of the hospital 65

66 ©2014 Trinity Health. All Rights Reserved. 66 Can we use this data? Proposed internal research-asking to use Medicare Shared Savings Plan (MSSP) ACO data 66

67 ©2014 Trinity Health. All Rights Reserved. 67 Can we use MSSP data for Research? Not without specific permission from CMS The MSSP data use agreement prohibits using the data for any use outside the Accountable Care Organization. There is a formal research application process that must be undertaken to use this data When in doubt, call Legal and Privacy 67

68 ©2014 Trinity Health. All Rights Reserved. 68 ©2014 Trinity Health - Livonia, MI 68 Monica Lareau, MS, CHPC Director, HIPPA Compliance /Privacy Official monica.lareau@trinity-health.org (734) 343-0037 Dawn Pedinelli, RN, MBA, CCRC, CHRC Director of Research dawn.pedinelli@trinity-health.org (734) 343-2695 Presenters Contact Information

69 ©2014 Trinity Health. All Rights Reserved. 69 AHIMA IG Sample Charter 69

70 ©2014 Trinity Health. All Rights Reserved. 70 Questions?? ©2014 Trinity Health - Livonia, MI 70

Download ppt "©2014 Trinity Health. All Rights Reserved. 1 HIPAA Considerations in Research Monica Lareau, MS, CHPC Director, HIPAA Compliance/Privacy Official Integrity."

Similar presentations

SIMPLIFYING PRIVACY: HIPAA PRIVACY STANDARDS AND RESEARCH Angela M. Vieira General Counsel Childrens Hospital and Health Center June 5, 2004.

SIMPLIFYING PRIVACY: HIPAA PRIVACY STANDARDS AND RESEARCH Angela M. Vieira General Counsel Childrens Hospital and Health Center June 5, 2004.
HIPAA Privacy Rule “Standards for Privacy of Individually Identifiable Health Information” 45 CFR 160 and 164* *http://www.hhs.gov/ocr/combinedregtext.pdf.

HIPAA Privacy Rule “Standards for Privacy of Individually Identifiable Health Information” 45 CFR 160 and 164* *
1 The HIPAA Privacy Rule and Research This presentation will probably involve audience discussion, which will create action items. Use PowerPoint to keep.

1 The HIPAA Privacy Rule and Research This presentation will probably involve audience discussion, which will create action items. Use PowerPoint to keep.
National Health Information Privacy and Security Week Understanding the HIPAA Privacy and Security Rule.

National Health Information Privacy and Security Week Understanding the HIPAA Privacy and Security Rule.
HIPAA – Privacy Rule and Research USCRF Research Educational Series March 19, 2003.

HIPAA – Privacy Rule and Research USCRF Research Educational Series March 19, 2003.
Increasing public concern about loss of privacy Broad availability of information stored and exchanged in electronic format Concerns about genetic information.

Increasing public concern about loss of privacy Broad availability of information stored and exchanged in electronic format Concerns about genetic information.
1 HIPAA and Research and YOU. 2 INTRODUCTION Rule #1:Don’t Panic Rule #2:Bottom Line for Researchers: HIPAA is Manageable thru Education/Awareness and.

1 HIPAA and Research and YOU. 2 INTRODUCTION Rule #1:Don’t Panic Rule #2:Bottom Line for Researchers: HIPAA is Manageable thru Education/Awareness and.
What is HIPAA? This presentation was created by The University of Arizona Privacy Office, The Office for the Responsible Conduct of Research on March 5,

What is HIPAA? This presentation was created by The University of Arizona Privacy Office, The Office for the Responsible Conduct of Research on March 5,
HIPAA Requirements for Patient Oriented Research

HIPAA Requirements for Patient Oriented Research
TM The HIPAA Privacy Rule: Safeguarding Health Information in Research and Public Health Practice Centers for Disease Control and Prevention Beverly A.

TM The HIPAA Privacy Rule: Safeguarding Health Information in Research and Public Health Practice Centers for Disease Control and Prevention Beverly A.
Informed Consent.

Informed Consent.
HIPAA: FEDERAL REGULATIONS REGARDING PATIENT SECURITY.

HIPAA: FEDERAL REGULATIONS REGARDING PATIENT SECURITY.
HIPAA Training Presentation for New Employees How did we get here? HIPAA Police 1.

HIPAA Training Presentation for New Employees How did we get here? HIPAA Police 1.
Training In HIPAA Privacy Regulations for Researchers and Research Staff Adapted from a presentation prepared by Human Subjects Division, University of.

Training In HIPAA Privacy Regulations for Researchers and Research Staff Adapted from a presentation prepared by Human Subjects Division, University of.
Health Insurance Portability Accountability Act of 1996 HIPAA for Researchers: IRB Related Issues HSC USC IRB.

Health Insurance Portability Accountability Act of 1996 HIPAA for Researchers: IRB Related Issues HSC USC IRB.
Implementation of Privacy Board Reviews at PCMC Mary Thomason, Intermountain Healthcare Privacy Board Chair.

Implementation of Privacy Board Reviews at PCMC Mary Thomason, Intermountain Healthcare Privacy Board Chair.
What does this form mean? HIPAA Authorization means prior written permission for use and disclosure of protected health information (PHI) from the information’s.

What does this form mean? HIPAA Authorization means prior written permission for use and disclosure of protected health information (PHI) from the information’s.
University of Miami1 HIPAA Survival Skills An Introduction to HIPAA and Research University of Miami Human Subjects Research Office October 31, 2006 Evelyne.

University of Miami1 HIPAA Survival Skills An Introduction to HIPAA and Research University of Miami Human Subjects Research Office October 31, 2006 Evelyne.
Recently Issued OHRP Documents: Guidance on Subject Withdrawal and Draft Revised FWA Secretary’s Advisory Committee on Human Research Protections October.

Recently Issued OHRP Documents: Guidance on Subject Withdrawal and Draft Revised FWA Secretary’s Advisory Committee on Human Research Protections October.
1 HIPAA, Researchers and the IRB: Part Two Alan Homans, IRB Chair and Nancy Stalnaker, IRB Administrator.

1 HIPAA, Researchers and the IRB: Part Two Alan Homans, IRB Chair and Nancy Stalnaker, IRB Administrator.

Similar presentations

Ads by Google