Presentation is loading. Please wait.

Presentation is loading. Please wait.

Health Insurance Portability Accountability Act of 1996 HIPAA for Researchers: IRB Related Issues HSC USC IRB.

Published byKara Weary Modified over 9 years ago

Similar presentations

Presentation on theme: "Health Insurance Portability Accountability Act of 1996 HIPAA for Researchers: IRB Related Issues HSC USC IRB."— Presentation transcript:

1 Health Insurance Portability Accountability Act of 1996 HIPAA for Researchers: IRB Related Issues HSC USC IRB

2 HIPAA Background Health Insurance Portability and Accountability Act of 1996 mandated: – National uniform standards for electronic transactions in health care – Creation of “privacy rule” to safeguard personal health information  Concern that increase in electronic transactions could lead to unauthorized disclosures of personal health information Final Privacy Rule published December 28, 2000 Effective Date – April 14, 2001 [two year implementation period] Final Implementation Date – April 14, 2003

3 What is Required?  Health care providers, health plans and clearinghouses prohibited from using or disclosing “protected health information” (PHI) without patient authorization, except when specifically required or permitted under the regulations  “Protected health information” includes any identifiable health information relating to the health of an individual, the care provided or payment for care  PHI includes information in any form or medium (electronic, paper, oral, etc.)  Providers must transmit health information electronically to be covered under the Rule

4 What is required to use PHI? FOR: Treatment, Payment or Healthcare Operations (e.g., quality assurance, compliance reviews, resident training)  USC to make good faith effort to obtain Patient acknowledgement of receipt of Notice of Privacy Practices  Notice describes all possible uses and disclosures of protected health information by USC  USC to document good faith efforts, if unable to obtain acknowledgement

5 Health Insurance Portability and Accountability Act of 1996 “HIPAA Privacy Rule” Implementation Date: April 14, 2003 IRB related issues to be discussed: – Informed Consent – HIPAA Education Program – HIPAA Authorization Exceptions – Waiver of HIPAA Authorization

6 HIPAA –IRB Related Issues Informed Consent Investigators must attach a HIPAA authorization addendum to their Informed Consents for new subjects who will be accrued after April 14, 2003. Templates are available at: www.usc.edu/compliance or www.usc.edu/medicine/irb When you submit Informed Consent(s) [either new submissions or revisions] to the IRB after 4/14/03, the HIPAA authorization addendum should be attached to the Informed Consent(s).

7 HIPAA – IRB Related Issues HIPAA Education All personnel who use identifiable health information (individual’s past, present or future physical or mental health condition, or payment for health care) must take the education course and be certified by the HIPAA education program. This includes researchers and staff in the following categories: -Principal Investigator(s) -Co-Investigator(s) -Individuals authorized to obtain Informed Consent -Individuals involved in data collection -Etc. The PI/Co-PIsare responsibleall The PI/Co-PIs are responsible for ensuring that all study personnel have completed the HIPAA education certificate program. USC’s web-based HIPAA education program: www.usc.edu/compliance

8 HIPAA – IRB Related Issues USC HIPAA Privacy Education Program Chapter 1: Privacy of Health Information Chapter 2: Privacy Rule – General Information Chapter 3: How the USC Family is Organized Chapter 4: The Privacy Rule in the Practitioner Office Setting Chapter 5: Special Situation Chapter 6: Patient Rights Under HIPAA Chapter 7: Enforcement and Sanctions Chapter 8: Reporting Non-Compliance Those taking the course will be able to print out Certification upon successful completion of eight chapters.

9 Special Research Requirements Research Use/Disclosure without Authorization – De-Identification [requires removal of 19 potential identifiers to satisfy criteria] – Limited Data Sets [removal of facial identifiers only] – Waiver by Institutional Review Board (IRB) – PHI use/disclosure solely to prepare research protocol – PHI use/disclosure solely for research on the PHI of decedents

10 De-identification requires that identifiers of an individual or of relatives, employers or household members are removed, including: – Demographic information – Locating information – Elements of dates (birth date, admission date, discharge, date of death, etc.) If health information de-identified, information can be used without an authorization from the patient for research or other uses De-Identification

11 Limited Data Sets Permits use of limited data sets for research, public health and health care operations purposes without authorization – Requires removal of directly identifiable information Name, address, medical record number, etc. – Requires data use agreement between Covered Entity and user of information Recipient must agree to limit the use of the data set for the purposes for which it was given, and to ensure the security of the data, as well as not to identify the information or use it to contact any individual

12 Preparatory to Research No authorization or waiver required if: – Use/disclosure sought solely to prepare a research protocol or for similar purposes preparatory to research – Researcher will not remove PHI from the Covered Entity’s premises – PHI for which use or access is sought is necessary for the research purpose – Only de-identified PHI is recorded by the researchers Entity must obtain representation from researcher that the above requirements are met

13 Waiver of HIPAA Authorization Recruiting/Screening Only – Subjects at the LAC+USC Healthcare Network facilities, USC University Hospital, or USC Norris Hospital – Assessing potential eligibility before approaching potential subjects to enter the study – A limited waiver to review medical records information

14 Waiver of HIPAA Authorization Accessing, using or obtaining research subject’s identifiable health information: -HIPAA Authorization from the subject Or -Waiver of HIPAA authorization from the IRB

15 Waiver by IRB requires review and documentation of certain criteria, similar to the Common Rule requirements for waiver of informed consent Waiver of Authorization

16 HIPAA – IRB Related Issues Waiver Requirements:  Research could not practicably be conducted without the waiver.  Research could not practicably be conducted without access to and use of the PHI (Protected Health Information). privacy risk  Disclosure involves no more than minimal privacy risk to the individuals. -Adequate plan to protect the PHI -Plan to destroy the identifiers -Adequate written assurance from the investigator that the PHI would not be reused or disclosed.

17 A waiver of patient authorization is not a waiver of the requirements of informed consent for the project. IRBs must review a request to waive informed consent separately, according to the Common Rule Waiver of Authorization

18 HIPAA – IRB Related Issues New Study: New Study: To be reviewed on or after 4/14/03 a) Use revised Sections I & II of the IRB application: -A check box for “Identifiable Health Information” -An additional PI responsibility statement: “I certify that all study personnel have completed the HIPAA education program and are certified.” -Item 33 “Waiver of HIPAA authorization” needs to be explained if the Section I Waiver of HIPAA authorization is checked. b) PI/Co-Investigators’ completion of the HIPAA education program: -Include copies of the certificates with the IRB application c) Informed Consent with HIPAA authorization addendum

19 Continuing Review: Continuing Review: On or after 4/14/03 a) PI/Co-Investigators’ completion of the HIPAA education program -Include the certificates with the continuing review form b) Informed Consent with the HIPAA authorization addendum which has a revision date of 4/08/03

20 HIPAA – IRB Related Issues After 4/14/03: The IRB will not review your new proposals until the IRB receives verification of the PI/Co-Investigators’ completion of the HIPAA education program. For continuing reviews, the IRB will not grant its full approval until the IRB receives verification of the PI/Co-Investigators’ completion of the HIPAA education program.

21 Special Research Requirements Challenges:  Investigator access to 3 rd Party Protected Health Information May Be Denied or Delayed (e.g., Norris, USCUH, other clinics and hospitals)  Additional Institutional Review Board workload  analysis regarding privacy issues  increase in submission of retrospective reviews  Research Transition provisions  Certain research practices may be inhibited (e.g., patient recruitment)

Download ppt "Health Insurance Portability Accountability Act of 1996 HIPAA for Researchers: IRB Related Issues HSC USC IRB."

Similar presentations

SIMPLIFYING PRIVACY: HIPAA PRIVACY STANDARDS AND RESEARCH Angela M. Vieira General Counsel Childrens Hospital and Health Center June 5, 2004.

SIMPLIFYING PRIVACY: HIPAA PRIVACY STANDARDS AND RESEARCH Angela M. Vieira General Counsel Childrens Hospital and Health Center June 5, 2004.
HIPAA Privacy Rule “Standards for Privacy of Individually Identifiable Health Information” 45 CFR 160 and 164* *http://www.hhs.gov/ocr/combinedregtext.pdf.

HIPAA Privacy Rule “Standards for Privacy of Individually Identifiable Health Information” 45 CFR 160 and 164* *
1 The HIPAA Privacy Rule and Research This presentation will probably involve audience discussion, which will create action items. Use PowerPoint to keep.

1 The HIPAA Privacy Rule and Research This presentation will probably involve audience discussion, which will create action items. Use PowerPoint to keep.
HIPAA: Privacy, Security, and HITECH, Oh My! Presented by Stephanie L. Ganucheau, Special Assistant Attorney General.

HIPAA: Privacy, Security, and HITECH, Oh My! Presented by Stephanie L. Ganucheau, Special Assistant Attorney General.
NATIONAL FORUM ON YOUTH VIOLENCE PREVENTION: HIPAA PRIVACY RULE CONSIDERATIONS November 1, 2011 Iliana L. Peters, JD, LLM HHS Office for Civil Rights.

NATIONAL FORUM ON YOUTH VIOLENCE PREVENTION: HIPAA PRIVACY RULE CONSIDERATIONS November 1, 2011 Iliana L. Peters, JD, LLM HHS Office for Civil Rights.
HIPAA – Privacy Rule and Research USCRF Research Educational Series March 19, 2003.

HIPAA – Privacy Rule and Research USCRF Research Educational Series March 19, 2003.
Increasing public concern about loss of privacy Broad availability of information stored and exchanged in electronic format Concerns about genetic information.

Increasing public concern about loss of privacy Broad availability of information stored and exchanged in electronic format Concerns about genetic information.
1 HIPAA and Research and YOU. 2 INTRODUCTION Rule #1:Don’t Panic Rule #2:Bottom Line for Researchers: HIPAA is Manageable thru Education/Awareness and.

1 HIPAA and Research and YOU. 2 INTRODUCTION Rule #1:Don’t Panic Rule #2:Bottom Line for Researchers: HIPAA is Manageable thru Education/Awareness and.
What is HIPAA? This presentation was created by The University of Arizona Privacy Office, The Office for the Responsible Conduct of Research on March 5,

What is HIPAA? This presentation was created by The University of Arizona Privacy Office, The Office for the Responsible Conduct of Research on March 5,
HIPAA Requirements for Patient Oriented Research

HIPAA Requirements for Patient Oriented Research
TM The HIPAA Privacy Rule: Safeguarding Health Information in Research and Public Health Practice Centers for Disease Control and Prevention Beverly A.

TM The HIPAA Privacy Rule: Safeguarding Health Information in Research and Public Health Practice Centers for Disease Control and Prevention Beverly A.
Are you ready for HIPPO??? Welcome to HIPAA

Are you ready for HIPPO??? Welcome to HIPAA
Training In HIPAA Privacy Regulations for Researchers and Research Staff Adapted from a presentation prepared by Human Subjects Division, University of.

Training In HIPAA Privacy Regulations for Researchers and Research Staff Adapted from a presentation prepared by Human Subjects Division, University of.
Implementation of Privacy Board Reviews at PCMC Mary Thomason, Intermountain Healthcare Privacy Board Chair.

Implementation of Privacy Board Reviews at PCMC Mary Thomason, Intermountain Healthcare Privacy Board Chair.
August 10, 2001 NESNIP PRIVACY WORKGROUP HIPAA’s Minimum Necessary Standard Presented by: Mildred L. Johnson, J.D.

August 10, 2001 NESNIP PRIVACY WORKGROUP HIPAA’s Minimum Necessary Standard Presented by: Mildred L. Johnson, J.D.
University of Miami1 HIPAA Survival Skills An Introduction to HIPAA and Research University of Miami Human Subjects Research Office October 31, 2006 Evelyne.

University of Miami1 HIPAA Survival Skills An Introduction to HIPAA and Research University of Miami Human Subjects Research Office October 31, 2006 Evelyne.
1 HIPAA, Researchers and the IRB: Part Two Alan Homans, IRB Chair and Nancy Stalnaker, IRB Administrator.

1 HIPAA, Researchers and the IRB: Part Two Alan Homans, IRB Chair and Nancy Stalnaker, IRB Administrator.
HIPAA, Researchers and the IRB Alan Homans, IRB Chair and Nancy Stalnaker, IRB Administrator.

HIPAA, Researchers and the IRB Alan Homans, IRB Chair and Nancy Stalnaker, IRB Administrator.
Informed Consent and HIPAA Tim Noe Coordinating Center.

Informed Consent and HIPAA Tim Noe Coordinating Center.
1 Developed by: U-MIC To start the presentation, click on this button in the lower right corner of your screen. The presentation will begin after the.

1 Developed by: U-MIC To start the presentation, click on this button in the lower right corner of your screen. The presentation will begin after the.

Similar presentations

Ads by Google