LifeBridge Health HIPAA Policy 4. Uses of Protected Health Information for Research
|
|
- Jeremy Lester
- 6 years ago
- Views:
Transcription
1 LifeBridge Health HIPAA Policy 4 Uses of Protected Health Information for Research This Policy contains the following Sections: I. Policy II. III. IV. Definitions Applicability Procedures A. Individual Authorization B. Waiver of Authorization with IRB Approval C. Other Uses Without Patient Authorization D. Use of De-identified Information E. Limited Data Sets and Data Use Agreements F. Accounting for Disclosures G. Transition H. Access to Databases created for Non-research Purposes I. Compliance V. Forms - Appendix A. HIPAA Authorization Form Instructions B. Request for Waiver of Authorization C. Request for Access to PHI Preparatory to Research D. Request for Access to PHI of Decedents
2 I. POLICY LifeBridge Health protects the confidentiality and privacy of protected health information ( PHI ) used in research by following federal regulations, professional ethics, and Institutional Review Board (IRB) policies and procedures. The Federal Privacy Rules (45 CFR 160 and 164) are intended to build on existing Federal regulations that address research, including the Common Rule and Food and Drug Administration (FDA) regulations. The Privacy Rules allow research participants to have more information about how their health information may be used for research than currently allowed by existing laws. The rules apply to any protected health information (PHI) obtained for research purposes and does not make a distinction between research that involves treatment and research that does not involve treatment. II. DEFINITIONS INSTITUTIONAL REVIEW BOARD (IRB): An oversight board appointed by LifeBridge Health to protect the rights and welfare of human subjects who take part in research and to ensure that all research activities are conducted in compliance with federal regulations and organizational policies. PROTECTED HEALTH INFORMATION: Individually identifiable health information transmitted or maintained in any form or medium, including oral, written, and electronic. Individually identifiable health information relates to an individual s health status or condition, furnishing health services to an individual or paying or administering health care benefits to an individual. Information is considered protected health information where there is a reasonable basis to believe the information can be used to identify an individual. THE COMMON RULE: Code of Federal Regulations for Protection of Human Subjects (45 CFR Part 46 Subpart A). III. APPLICABILITY A. Use and Disclosure of Protected Health Information In order to use or disclose individually identifiable information on subjects or prospective subjects in a research study, all researchers who intend to conduct clinical research at or within LifeBridge Health or a LifeBridge Health entity ( LifeBridge Health ) or request access to protected health information held by LifeBridge Health for research purposes, or who use a LifeBridge Health entity to carry out orders for services or procedures that are required under a research protocol, are required to either: 1. Obtain individual authorization for use or disclosure of such PHI (per the provisions of 45 CFR ), or 2
3 2. Obtain a waiver of authorization granted by the LIFEBRIDGE HEALTH IRB (as provided for in 45 CFR (i)(1)(i)), or 3. Use de-identified information (as per 45 CFR (d) or (a-c)), or 4. Use information from a limited data set under a data use agreement with LifeBridge Health. IV. PROCEDURES A. Individual Authorization 1. Any researcher who proposes to conduct a clinical research study within LifeBridge Health is required to prepare (and to individualize for the particular study) an Individual Authorization Form (see HIPAA Authorization Form Instructions and accompanying forms on LifeBridge Health HIPAA intranet site, under IRB/ Research Materials) for all prospective research subjects to sign. 2. The Individual Authorization form may be used as a stand-alone form (for example, for a records review study), or as a supplement to the standard patient consent form for participation in the study (for example, for a prospective clinical trial). 3. Obtaining the HIPAA research authorizations shall be in addition to obtaining the written informed consent of research subjects using the IRB-approved informed consent document. 4. The researcher is directly responsible for assuring that the appropriate relevant information is provided to the subjects in his/her study. 5. The LifeBridge Health template form is provided to the Principal Investigator (PI) by the IRB for use in assuring HIPAA compliance. The PI is responsible for customizing this template for the individual study and, just as obtaining informed consent for participation in research is a process, so is obtaining individual authorization for the use or disclosure of PHI. The PI is responsible for explaining the content of the PHI use/disclosure authorization form to all prospective research subjects before or at the time of study enrollment. 6. It is the investigator s responsibility to include in the Authorization Form all elements required by the regulations. The LifeBridge Health IRB will, as a courtesy to investigators, review sample Individual Authorization Forms for each new or ongoing research protocols to check that the elements required by the regulations are included. IRB approval is NOT required before Authorization Forms can be used. 7. The Individual Authorization may be inserted into the informed consent document for participation in the research study, at the investigator or sponsor s 3
4 discretion. IRB review and approval IS required prior to use of consent forms containing the Privacy Authorization, as per standard IRB procedures for review of informed consent documents.. 8. If a research subject refuses to sign the Individual Authorization Form for Use or Disclosure of PHI, the individual may not be enrolled in the clinical study. 9 The Individual Authorization form may have an indefinite term, or may expire at termination of the study. 10. The PI must maintain the signed Individual Authorization Form for a period of no less than six years (or longer if required by applicable law or LifeBridge Health policy), and must make a copy available to authorities upon request. B. Waiver of Authorization with IRB Approval 1. In limited circumstances, the LifeBridge Health IRB may grant to the PI a Waiver of Authorization (for example, for a records review study when it is not possible to either obtain individual authorization or to use de-identified information). A PI should submit a Request for Waiver of Authorization form to the LifeBridge Health IRB. For a waiver to be granted, all of the following three criteria must be satisfied: The use or disclosure of the information would pose no more than a minimal risk to the individual s privacy. This requires the PI to provide: o A plan to protect the individuals from improper use or disclosure of the PHI, o A plan to destroy the identifiers at the earliest possible opportunity, and o Written assurance that the PHI will not be reused or disclosed except as required by law, Evidence that the research could not practicably be conducted without the waiver, and Evidence that the research could not practicably be conducted without access to and use of the PHI. 2. The LifeBridge Health IRB approval may be granted through a normal or an expedited review process, and requires the signature of the Chairperson or designee. 3. When a waiver of authorization is granted, the LifeBridge Health IRB will issue a letter describing the specific PHI to be used or disclosed, documenting the date of approval and noting whether an expedited or regular review was performed, and 4
5 documenting that the above criteria were satisfied, signed by the LifeBridge Health IRB Chairperson or designee. 4. The IRB Approval Letter must be presented to the Medical Records Custodian by the investigator or designee prior to beginning any review of the medical records for the study. C. Other Uses Without Patient Authorization LifeBridge Health may use or disclose PHI for research without authorization of the patient in either of the following circumstances: 1. Preparatory to Research: A LifeBridge Health medical records custodian may grant a researcher access to obtain PHI from medical records that is solely to be used for the purpose of planning a research study, or assessing the feasibility of a research study. Examples would include retrospective reviews of medical records for generation of a hypothesis for a prospective research study, or to evaluate whether a large enough sample of patients with a particular condition are seen in an investigator s practice to warrant a prospective study. A letter (See form Request for Access to PHI Preparatory to Research ) must be submitted to the respective medical records custodian prior to embarking upon activities that are preparatory to research. The letter must include the following elements: a. The purpose of the proposed review of medical records b. The specific PHI that are necessary to be used in performing the records review (i.e. patient names, address or zip code, age, gender, diagnosis, results of diagnostic tests or physical exams, etc.), and c. Each of the following attestations: 1. No PHI shall be recorded for the purpose of research during this preparatory review; 2. No PHI shall be removed from the provider entity (medical records department) 3. The PHI for which access is sought is necessary for the research purpose, (i.e. the research preparation cannot be performed without use of the PHI), and 4. The PHI being reviewed shall be limited to the minimum necessary for the research preparations (i.e. if phone numbers and SSN are not necessary for the research preparations, that information should not be used). 2. Research on Decedents. A LifeBridge Health medical records custodian may grant a researcher access to obtain PHI from medical records that is solely to be used 5
6 for the purpose of research on the protected health information of decedents. A letter (See form Request for Access to PHI of Decedents ) must be submitted to the respective medical records custodian prior to the review of any medical records for the research. The letter must include the following elements: a Representation that the use or disclosure sought is solely for research on the protected health information of decedents; b. Documentation, if requested, of the death of such individuals; and, c. Representation that the protected health information is necessary for the research purposes. D. Use of De-identified Information 1. For research studies that involve only the collection and analysis of existing PHI held by a LifeBridge Health entity (e.g. retrospective medical records review only), a PI may access such information for research purposes without either the authorization of the patient or a waiver from the IRB if the PHI has been de-identified by the medical records custodian prior to use by the investigator. 2. De-identification (in accord with 45 CFR (d) and (a-c) of the Privacy Rule) means that the research subjects cannot be identified (by the researcher or others) directly or indirectly through identifiers linked to the subjects. a. Identifiers that must be removed include: Names; Address, including street address, city, county, zip code; Names of relatives and employers; All element of dates (except year), including date of birth, admission date, discharge date, date of death; and all ages over 89 and all elements of dates including year indicative of such age except that such ages and elements may be aggregated into a single category of age 90 or older; Telephone numbers; Fax numbers; addresses; Social Security Number (SSN); Medical record number; Health beneficiary plan number; Account numbers; Certificate/License Number; Vehicle identifiers, including license plate numbers; Medical device ID and serial number; 6
7 Uniform Resource Locator (URL); Identifier Protocol (IP) addresses; Biometric identifiers (such as fingerprints, retinal scans, etc.); Full face photographic images and other comparable images; Any other unique identifying number characteristic or code. 3. The respective LifeBridge Health medical records custodian shall be responsible for de-identifying PHI, subject to LifeBridge health policies, prior to providing such information to the PI. 4. Use of de-identified information by the PI is not subject to the Privacy Regulations and does not require the approval of the IRB. E. Limited Data Sets and Data Use Agreements LifeBridge Health may use a limited data set of patient health information and enter into a data use agreement with recipients of the limited data set to protect the confidentiality of the individual and to allow LifeBridge Health to use or disclose such information for research, public health, or health care operations without the individual s authorization. Any disclosure or request for a limited data set must adhere to the minimum necessary requirements of the federal privacy regulations. A limited data set may include the following identifiable information: Admission, discharge and service dates; of death; Age (including age 90 or over); Five digit zip code or any other geographic subdivision such as state, county, city, precinct, and their equivalent geocodes; or, of birth. A limited data set must exclude: Names; Postal address information, other than town or city, state and zip code; Telephone numbers; Fax numbers; Electronic mail addresses; Social Security numbers; Medical record numbers; Health plan beneficiary numbers; Account numbers; Certificate/license numbers; Vehicle identifiers and serial numbers, including license plate numbers; Medical device identifiers and serial numbers; 7
8 Web Universal Resource Locators (URLs); Internet Protocol (IP) address numbers; Biometric identifiers, including finger and voice prints; and, Full face photographic images and any comparable images. LifeBridge Health may use or disclose a limited data set only if it obtains satisfactory assurance, in the form of a data use agreement, that the limited data set recipient will only use or disclose the PHI for limited purposes. Those researchers wishing to enter a data use agreement with LifeBridge Health should contact the LifeBridge Health HIPAA Privacy Officer ( ). The data use agreement will: 1. Establish the permitted uses and disclosures of the information, which may include only research, public health, health care operations, or as otherwise required by law, and does not authorize the limited data set recipient to further disclose the information in a manner that would violate the federal privacy regulations if performed by LifeBridge Health; 2. Provide that the limited data set recipient will: a. Not use or further disclose the information other than as permitted by the data use agreement or as otherwise required by law; b. Use appropriate safeguards to prevent use of disclosure of the information other than as provided for by the data use agreement; c. Report to LifeBridge Health any use or disclosure of the information not provided for by its data agreement of which it becomes aware; d. Request the minimum amount of information necessary to fulfill the requirement of the request; e. Ensure that any agents, including a subcontractor, to whom it provides the limited data set agrees to the same restrictions and conditions that apply to the limited data set recipient with respect to such information; and, f. Not identify the information or contact the individuals. F. Accounting for Disclosures When LifeBridge Health releases PHI for research purposes, each patient whose PHI is released has the right to request and receive from LifeBridge Health an accounting of the disclosures made. Such an accounting must include all research-related disclosures, 8
9 except those instances when the patient authorized the release or the information was provided was either de-identified or in a limited data set. Each LifeBridge Health medical record custodian is responsible for tracking such disclosures on the LifeBridge Health Accounting for Disclosures of PHI form, and for providing the accountings when requested by patients. If research involves more than 50 patients. If, during the period covered by the accounting, LifeBridge Health has made disclosures of PHI for a particular research purpose for 50 or more individuals, the Privacy Rules provide for a simplified accounting. Contact the LifeBridge HIPAA Privacy officer to discuss this further. G. Transition All research that begins after the compliance date, April 14, 2003, is required to obtain Individual Authorization for the Use or Disclosure of PHI from all participants, or to follow one of the other procedures described in this policy, as applicable. Research studies started prior to the compliance date are able to continue after the compliance date, but the investigator is required to obtain Individual Authorization for the Use or Disclosure of PHI from all participants enrolled after April 14, without obtaining additional consent. Specifically, LifeBridge Health may use or disclose protected health information for research that is created or received either before or after the compliance date for the Privacy Rules (April 14, 2003), provided that there is no agreed-to restriction, and the PI obtained, prior to the compliance date, from each participant either: 1. An authorization or other express legal permission from an individual to use or disclose protected health information for the research; 2. The informed consent of the individual to participate in the research; or, 3. An IRB waiver of informed consent for the research in accordance with the Common Rule. H. Access to Databases created for Non-research Purposes LifeBridge health recognizes that there are databases containing PHI that reside on personal computers and servers in the various locations in which PIs and other researchers work and see patients. These database files serve a variety of purposes including pure research, pure treatment, or a mixture of both. Databases that are exclusively used for patient treatment are not covered by the HIPAA regulations that relate to research and/or IRB compliance. The PHI in these databases shall not be used for research purposes unless the use is compliant with all of the HIPAA and IRB requirements as previously stated in this policy. 9
10 I. Compliance If LifeBridge Health knows of a pattern of activity or practice of PI or other researcher that constitutes a material breach or violation of these policies or of the Privacy Rules under HIPAA, LifeBridge Health must take reasonable steps to cure the breach or end the violation, as applicable, and, if such steps are unsuccessful: 1. Discontinue disclosure of protected health information to the recipient; and, 2. Report the problem to LifeBridge Health s Privacy Officer, who will determine if such offense should be reported to the Secretary of the Department of Health and Human Services. 10
11 Instructions for Individual Authorization Form for Use or Disclosure of Protected Health Information (PHI) for Research Purposes Instructions to Investigators and staff: To use or disclose protected health information with authorization by the research participant, the investigator must obtain an authorization that satisfies the requirements of 45 CFR (c)(2). The Privacy Rule includes a general set of authorization requirements that apply to all uses and disclosures, including those for research purposes. Those are listed below. The Authorization may be used as a stand-alone document, or may be inserted into the standard informed consent document for the study. Three templates are provided for your use, as follows: Template for Investigator Sponsored Research: Individual Authorization Form for Use or Disclosure of PHI Template for Outside Sponsored Research: Individual Authorization Form for Use or Disclosure of PHI Authorization Section for Use in Standard Informed Consent Document for Research Studies The LBH IRB must review PHI Authorization sections of standard patient consent forms and approve the changes before use of the revised form can be implemented. Submission of Individual Authorization forms is requested by the IRB, but is not required for Authorization Forms prior to use. Individual Authorization forms will be reviewed by the IRB to insure that all required elements are satisfactorily included.. Instructions on the forms appear in italics, and areas to be completed are highlighted. Electronic copies can be obtained from Patty Lohinski at plohinsk@lifebridgehealth.org. Please remove highlighting and complete the information requested in the blanks as applicable to the study. Required Elements for Individual Authorization and Consent Forms All Individual Authorizations and Consent Form sections for Use or Disclosure of Protected Health Information must include all of the following elements: 1 A description of the personal health information to be collected in the study that is to be used or disclosed. 2 Identification of the individual(s) or organizations involved in the study or in activities related to the study who are authorized to use or disclose the information.
12 3 Identification of individuals organizations involved in the study or in activities related to the study who may receive the information. 4 Description of each purpose of the requested use or disclosure. 5 Signature of the individual and date, or signature of an authorized personal representative. When a personal representative is to sign, a description of the representative s authorization must be attached. 6 Notice to the individual that authorization to use PHI may be revoked or withdrawn at any time by a request made in writing. 7 The potential for information disclosed pursuant to this authorization to be subject to redisclosure by the recipients and no longer may be protected by the Federal Privacy Act. 8 The authorization must be written in plain language. The following two special provisions also apply to research authorizations, as distinct from authorizations for other purposes: 9 Unlike other authorizations, an authorization for a research purpose may state that the authorization does not expire, that there is no expiration date or event, or that the authorization continues until the end of the research study; and 10 An authorization for the use or disclosure of protected health information for research may be combined with a consent to participate in the research, or with any other legal permission related to the research study.
13 Application for Waiver of Individual Authorization for Use or Disclosure of Protected Health Information (PHI) in a Research Study Please complete and submit this form to the IRB office with a summary of your research proposal at least 2 weeks in advance of the date the research is to begin. You may not initiate the research until you receive a signed IRB approval of the waiver request. Study Title and Number: Principal LBH Investigator: Sub-Investigators: Outside Sponsor or Funding Source (if any): Purpose for Which Waiver is Requested: (i.e. screening by study nurse, or records review by PI) of Application: Please include in the research summary: the type and design of the study, the number of subjects to be enrolled or records to be reviewed, the number of sites, list the objectives or endpoints, all methods or procedures to be used, and list all data to be collected in the study. Please document all of the following (remove and replace highlighted text prior to completion): 1. The proposed uses and disclosures of information involve no more than minimal risk to the individual s privacy, based on the following: An adequate plan to protect the individual from improper use and disclosure of PHI; Insert here what methods will be used to safeguard the PHI from unauthorized access or improper use or disclosure. (Files kept under lock/key or in a restricted area, limited access to investigators/study personnel; personnel trained in Privacy practices). An adequate plan to destroy the identifiers at the earliest opportunity consistent with conduct of the research, unless there is a health or research justification for retaining the identifiers or retention is otherwise required by law; Insert here how and when all patient identifiers will be destroyed or cite the applicable justification for retention. (Such as removal of identifiers at end of data collection phase or end of study.)
14 Insert here I certify that the PHI will not be reused or disclosed to any other person or entity, except as required by law, for authorized oversight of the research study, or for other research for which the use or disclosure of PHI would be permitted and cite the applicable provision, if any. 2. The research could not practicably be conducted without the waiver Insert an explanation of why it is not practicable to obtain individual authorization or to use deidentified information or a limited data set for this research. 3. The research could not practicably be conducted without access to and use of the PHI. Insert an explanation of why access to PHI is necessary for this research. 4. Insert here I acknowledge that it is my duty under Maryland State law not to redisclose patient-identifying PHI that is obtained for research without individual consent, and that such PHI will be used only for purposes of research and will be subject to all other applicable requirements of the IRB. PI Signature Attending Signature (if different from PI) Chief of Service Signature
15 Request for Use or Disclosure of Protected Health Information (PHI) Preparatory to Research Please complete and submit this form to the LifeBridge Health medical records custodian in those cases where you are requesting access to PHI solely for purposes preparatory to research, pursuant to 45 CFR (I)(1)(ii). This form must be filed with the medical records custodian prior to any PHI being made available to you. Study Title and Number (if known): Principal Investigator: Sub-Investigators: Outside Sponsor or Funding Source (if any): Purpose for Which Access is Requested: (i.e. screening by study nurse, or records review by PI) of Application: Description of Records/ PHI requested: I hereby certify and attest to the following: No PHI shall be recorded for the purpose of research during this preparatory review No PHI shall be removed from the LifeBridge Health entity (medical records department or other physical location of the PHI) The PHI for which access is sought is necessary for the research purpose, (i.e. the research preparation cannot be performed without use of the PHI), and The PHI being reviewed shall be limited to the minimum necessary for the research preparations (i.e. if phone numbers and SSN are not necessary for the research preparations, that information will not be used). I acknowledge that it is my duty under Maryland State law not to re-disclose patient-identifying PHI that is obtained for research without individual consent, and that such PHI will be used only for purposes of research and will be subject to all other applicable requirements of the IRB. I understand that if the PHI accessed under this certification is to be used for other than preparatory to research, the requirements for individual patient authorization, use of de-identified information, a limited data set, or waiver of authorization will apply, as per the LifeBridge Health HIPAA Policies. PI Signature Attending Signature (if different from PI) Chief of Service Signature
16 Request for Use or Disclosure of Protected Health Information (PHI) of Decedents Please complete and submit this form to the LifeBridge Health medical records custodian in those cases where you are requesting access to PHI solely for research on decedents, pursuant to 45 CFR (I)(1)(iii). This form must be filed with the medical records custodian prior to any PHI being made available to you. Study Title and Number (if known): Principal Investigator: Sub-Investigators: Outside Sponsor or Funding Source (if any): Purpose for Which Access is Requested: (i.e. screening by study nurse, or records review by PI) of Application: Description of Records/ PHI requested: I hereby certify and attest to the following: The PHI requested by me is solely for the research on the PHI of decedents; The PHI being sought is necessary for the research to be conducted, and At the request of LifeBridge Health, I will provide documentation of the death of the individuals about whom information is being sought. I acknowledge that it is my duty under Maryland State law not to re-disclose patient-identifying PHI that is obtained for research without individual consent, and that such PHI will be used only for purposes of research and will be subject to all other applicable requirements of the IRB. PI Signature Attending Signature (if different from PI) Chief of Service Signature
INSTITUTIONAL REVIEW BOARD Investigator Guidance Series HIPAA PRIVACY RULE & AUTHORIZATION THE UNIVERSITY OF UTAH. Definitions.
HIPAA PRIVACY RULE & AUTHORIZATION Definitions Breach. The term breach means the unauthorized acquisition, access, use, or disclosure of protected health information which compromises the security or privacy
More informationYALE UNIVERSITY THE RESEARCHERS GUIDE TO HIPAA. Health Insurance Portability and Accountability Act of 1996
YALE UNIVERSITY THE RESEARCHERS GUIDE TO HIPAA Health Insurance Portability and Accountability Act of 1996 Handbook Table of Contents I. Introduction What is HIPAA? What is PHI? What is a Covered Entity
More informationThe Queen s Medical Center HIPAA Training Packet for Researchers
The Queen s Medical Center HIPAA Training Packet for Researchers 1 The Queen s Medical Center HIPAA Training Packet for Researchers Table of Contents Overview of HIPAA and Research 3 Penalties for violations
More informationThe Impact of The HIPAA Privacy Rule on Research
The Impact of The HIPAA Privacy Rule on Research This is simplification? Upstate Medical University WHAT HASN T CHANGED All research involving human subjects must be reviewed and approved by the IRB. The
More informationHIPAA Privacy Regulations Governing Research
HIPAA Privacy Regulations Governing Research HIPAA Health Insurance Portability and Accountability Act In a Nutshell The Privacy Regulations govern a provider s use and disclosure of health information
More informationThe HIPAA privacy rule and long-term care : a quick guide for researchers
Scripps Gerontology Center Scripps Gerontology Center Publications Miami University Year 2005 The HIPAA privacy rule and long-term care : a quick guide for researchers Jane Straker Patricia Faust Miami
More informationHIPAA COMPLIANCE APPLICATION
1 HIPAA COMPLIANCE APPLICATION PROJECT TITLE: PRINCIPAL INVESTIGATOR Name (Last, First): Please complete this form if you intend to use/disclose protected health information (PHI) in your research. An
More informationNew HIPAA Privacy Regulations Governing Research. Karen Blackwell, MS Director, HIPAA Compliance
New HIPAA Privacy Regulations Governing Research Karen Blackwell, MS Director, HIPAA Compliance kblackwe@kumc.edu 913-588 588-0942 HIPAA Health Insurance Portability and Accountability Act In a Nutshell
More informationDE-IDENTIFICATION OF PROTECTED HEALTH INFORMATION (PHI)
PRIVACY 8.0 DE-IDENTIFICATION OF PROTECTED HEALTH INFORMATION (PHI) Scope: Purpose: All workforce members (employees and non-employees), including employed medical staff, management, and others who have
More informationNavigating HIPAA Regulations. Michelle C. Stickler, DEd Director, Research Subjects Protections
Navigating HIPAA Regulations Michelle C. Stickler, DEd Director, Research Subjects Protections mcstickler@vcu.edu 828-0131 Key Definitions Covered Entity: Organization that handles identifiable health
More informationTHE JOURNEY FROM PHI TO RHI: USING CLINICAL DATA IN RESEARCH
THE JOURNEY FROM PHI TO RHI: USING CLINICAL DATA IN RESEARCH Helenemarie Blake, Esq. Chief Privacy Officer, Interim Office of HIPAA & Privacy Security August 2016 SCENARIO You are putting a study together
More informationPrivacy Rule Overview
Privacy Rule Overview Protected Health Information (PHI) is private information that is subject to special treatment under the HIPAA Privacy Regulations. PHI can only be used or disclosed in research if
More informationUse And Disclosure Of Protected Health Information (PHI) For Research
Current Status: Pending PolicyStat ID: 2558954 Origination: Last Approved: Last Revised: Next Review: Owner: Policy Area: References: Applicability: N/A N/A N/A 1 year after approval PAIGE ENGLISH: ASSOCIATE
More informationSystem-wide Policy: Use and Disclosure of Protected Health Information for Research
System-wide Policy: Use and Disclosure of Protected Health Information for Research Origination Date: May 2016 Next Review Date: May 2019 Effective Date: May 2016 Reference #: SYS ADMIN-RA-005 Approval
More informationHIPAA & Research Overview for the Privacy Board March 22, UAMS HIPAA Office Vera M. Chenault, JD
HIPAA & Research Overview for the Privacy Board March 22, 2011 UAMS HIPAA Office Vera M. Chenault, JD The Privacy Board - YOU HIPAA Privacy Rule establishes the requirements for membership and role of
More informationHIPAA Policies and Procedures Manual
UNIVERSITY of NORTH CAROLINA at CHAPEL HILL SCHOOL of NURSING HIPAA Policies and Procedures Manual November 2015 1 Table of Contents I. INTRODUCTION... 3 A. GENERAL POLICY... 3 B. SCOPE... 3 II. DEFINITIONS...
More informationAPPLICATION FOR RESEARCH REQUESTING AN IRB WAIVER OF CONSENT AND HIPAA AUTHORIZATION
FORM W/H-01 APPLICATION FOR RESEARCH REQUESTING AN IRB WAIVER OF CONSENT AND HIPAA AUTHORIZATION Research for which this form is appropriate generally involves only existing patient records or specimens.
More informationSCHOOL OF PUBLIC HEALTH. HIPAA Privacy Training
SCHOOL OF PUBLIC HEALTH HIPAA Privacy Training Public Health and HIPAA This presentation will address the HIPAA Privacy regulations as they effect the activities of the School of Public Health. It is imperative
More informationModule: Research and HIPAA Privacy Protections ( )
Module: Research and HIPAA Privacy Protections (7-18-11) HIPAA's protections focus on individually identifiable health information HIPAA defines identifiable health information as (1) any form or medium"
More informationIRB 101. Rachel Langhofer Joan Rankin Shapiro Research Administration UA College of Medicine - Phoenix
IRB 101 Rachel Langhofer Joan Rankin Shapiro Research Administration UA College of Medicine - Phoenix Contents Brief discussion of regulations IRB Structure Levels of Approval Informed Consent HIPAA/HITECH
More informationSan Francisco Department of Public Health Policy Title: HIPAA Compliance Privacy and the Conduct of Research Page 1 of 10
Page 1 of 10 TITLE: HIPAA COMPLIANCE: PRIVACY AND THE CONDUCT OF RESEARCH POLICY It is the policy of the San Francisco Department of Public Health (DPH) to maintain the privacy of Protected Health Information
More informationThe HIPAA Privacy Rule and Research: An Overview
The HIPAA Privacy Rule and Research: An Overview Joy Pritts, JD Research Associate Professor Health Policy Institute Georgetown University jlp@georgetown.edu 1 Topics HIPAA Background Overview of Privacy
More informationNew Study Submissions to the IRB
New Study Submissions to the IRB Tufts-New England Medical Center Tufts University Health Sciences IRB Education Series 2006 Presentation may only be reused or reprinted with written permission from the
More informationPrivacy Board Standard Operating Procedures
Privacy Board Standard Operating Procedures Page 1 of 12 I. Background The Health Insurance Portability and Accountability Act ( HIPAA ) generally requires specific compliance reviews and documentation
More informationUNIVERSITY OF ILLINOIS HIPAA PRIVACY AND SECURITY DIRECTIVE
May 19, 2016 UNIVERSITY OF ILLINOIS HIPAA PRIVACY AND SECURITY DIRECTIVE UNIVERSITY OF ILLINOIS HIPAA PRIVACY AND SECURITY DIRECTIVE Table of Contents DIRECTIVE INFORMATION... 4 BACKGROUND... 4 APPLICABILITY...
More informationAccess to Patient Information for Research Purposes: Demystifying the Process!
Access to Patient Information for Research Purposes: Demystifying the Process! Cynthia Nappa Institutional Privacy Administrator State University of New York Upstate Medical University 1 Administrative
More informationHIPAA PRIVACY TRAINING
HIPAA PRIVACY TRAINING HIPAA Privacy Training Objective Present a general overview of HIPAA and define important terms Understand the purpose of HIPAA and the Privacy Rule Understand the term Protected
More informationSaint Joseph Mercy Health System Institutional Review Board
Saint Joseph Mercy Health System Institutional Review Board NEW PROJECT APPLICATION At Saint Joseph Mercy Health System, which includes Ann Arbor, Livingston, Saline, St. Mary s Livonia, Chelsea and Port
More informationPennsylvania Hospital & Surgery Center ADMINISTRATIVE POLICY MANUAL
Page 1 Issued: POLICY: Committee Approval: HIPAA Administrative Policy Review Committee: April 2003 April 2005 April 2006 April 2007 April 2008 Attachment(s): For purposes of this policy, Pennsylvania
More informationWHAT IS AN IRB? WHAT IS AN IRB? 3/25/2015. Presentation Outline
Education &Training WHAT IS AN IRB? Introduction to the UofL Institutional Review Boards & Human Subjects Protection Program IRB Review Process Post Approval Monitoring March 2015 1 Presentation Outline
More informationHEALTH INSURANCE PORTABILITY AND ACCOUNTABILITY ACT
HEALTH INSURANCE PORTABILITY AND ACCOUNTABILITY ACT INSTRUCTIONS Read through this presentation. Submit completed post test to the Portage County MRC Coordinator. Estimated completion time: 1 hour Learning
More informationCLINICIAN S GUIDE TO HIPAA PRIVACY
CLINICIAN S GUIDE TO HIPAA PRIVACY Introduction... 2 What is HIPAA?... 2 Health Information Privacy... 2 Protected Health Information... 3 Identifiers... 3 HIPAA s Impact on Clinical Practice, Treatment,
More informationREQUEST TO ACCESS EXISTING MEDICAL RECORDS, CHARTS OR DATABASES FOR RESEARCH
Steering Committee approved 10/17/11 1. POLICY The Aurora IRB, acting as the HIPAA Privacy Board, is required to review any request for access to medical records, charts or databases maintained by any
More informationRoles & Responsibilities of Investigator & IRB
Roles & Responsibilities of Investigator & IRB Jaranit Kaewkungwal Mahidol University Regulatory & Guidelines Regulatory & Guidelines GCP & Computer / Database Management Systems International Conference
More information[Enter Organization Logo] CONSENT TO DISCLOSE HEALTH INFORMATION UNDER MINNESOTA LAW. Policy Number: [Enter] Effective Date: [Enter]
CONSENT TO DISCLOSE HEALTH INFORMATION UNDER MINNESOTA LAW I. Policy: Policy Number: [Enter] Effective Date: [Enter] A. Purpose This policy establishes consent requirements for the disclosure of health
More informationPatient-Level Data. February 4, Webinar Series Goals. First Fridays Webinar Series: Medical Education Group (MEG)
First Fridays Webinar Series: Medical Education Group (MEG) Patient-Level Data February 4, 2011 Provide Insights into MEG Operations Share Up-To-Date Information Webinar Series Goals Share Best Practices
More informationGeisinger IRB Member Orientation Session 2. Debra L. Henninger, MHS RN CCRC Associate Director, Research Compliance
Geisinger IRB Member Orientation Session 2 Debra L. Henninger, MHS RN CCRC Associate Director, Research Compliance 1 How does the IRB make decisions? Guiding Ethical Principles Regulatory Considerations
More informationStudy Management PP STANDARD OPERATING PROCEDURE FOR Safeguarding Protected Health Information
PP-501.00 SOP For Safeguarding Protected Health Information Effective date of version: 01 April 2012 Study Management PP 501.00 STANDARD OPERATING PROCEDURE FOR Safeguarding Protected Health Information
More informationProfessional Compliance Program Grievance Report
Professional Compliance Program Grievance Report Please complete this form carefully. All material that you wish AAOS to consider must either accompany this form or be sent electronically and identified
More informationPrivacy and Security Orientation for Visiting Observers. DUHS Compliance Office
Privacy and Security Orientation for Visiting Observers DUHS Compliance Office 919-668-2573 compliance@dm.duke.edu Introduction This orientation is to provide new Visiting Observers with the HIPAA Privacy
More informationRecruiting subjects for clinical research outside the academic setting
Recruiting subjects for clinical research outside the academic setting Laura A. Siminoff, PhD Professor & Chair Department of Social & Behavioral Health Virginia Commonwealth University Why recruit outside
More informationCommission on Dental Accreditation Guidelines for Filing a Formal Complaint Against an Educational Program
Commission on Dental Accreditation Guidelines for Filing a Formal Complaint Against an Educational Program The Commission strongly encourages attempts at informal or formal resolution through the program's
More informationTRICARE Management Activity s Human Research Protection Program, Data Sharing Agreement Program, and the TMA Privacy Board
Human Protections Administrators Conference Fort Detrick August 29, 2012 s Human Research Protection Program, Data Sharing Agreement Program, and the TMA Privacy Board Overview (TMA) Privacy and Civil
More information(Type inside gray boxes, cells will expand) A. EIGHT POINT CRITERIA for IRB Review
Page 1 of 5 IRB Reviewers 8-Point Analysis Form Based on Federal Policy for the Protection of Human Subjects, Criteria for IRB Approval of Research (45 CFR 46.111) Protocol ID #/Title: Date of Review:
More informationUtilizing the NCI CIRB
Policy P15 Written By: B. Laurel Elder, Ph.D. Created: September 2, 2011 Edited Version P15.1 Utilizing the NCI CIRB PURPOSE - The purpose of this Standard Operating Procedure (SOP) is to outline the procedures
More informationHIPAA. Health Insurance Portability and Accountability Act. Presented by the UMMC Office of Integrity and Compliance
HIPAA Health Insurance Portability and Accountability Act Presented by the UMMC Office of Integrity and Compliance Rules and Regulations to ensure Privacy Set Federally recognized standards to ensure both
More informationCOMMISSION ON DENTAL ACCREDITATION REPORTING PROGRAM CHANGES IN ACCREDITED PROGRAMS
COMMISSION ON DENTAL ACCREDITATION REPORTING PROGRAM CHANGES IN ACCREDITED PROGRAMS The Commission on Dental Accreditation recognizes that education and accreditation are dynamic, not static, processes.
More informationPatient Privacy Requirements Beyond HIPAA
Patient Privacy Requirements Beyond HIPAA Jane Hyatt Thorpe, J.D. School of Public Health and Health Services George Washington University Carrie Bill, J.D. Feldesman Tucker Leifer Fidell LLP The George
More informationCompliance Policy C-FMS Clinical Research Project Approval Application
Internal Use Only: Business Unit: Fresenius Medical Services Region: RVP: Area Manager: Facility # Compliance Policy C-FMS-009.2 of Investigator or Study Coordinator completes the following: Facility Name
More informationAdvanced HIPAA Communications and University Relations
Advanced HIPAA Communications and University Relations accepts no liability of any use reliance placed on it, as it is warranty, express, or implied, or completeness of 1 the HIPAA Health Insurance Portability
More informationPRIVACY IMPACT ASSESSMENT (PIA) For the. Department of Defense Consolidated Cancer Registry (CCR) System. Defense Health Agency (DHA)
PRIVACY IMPACT ASSESSMENT (PIA) For the Department of Defense Consolidated Cancer Registry (CCR) System Defense Health Agency (DHA) SECTION 1: IS A PIA REQUIRED? a. Will this Department of Defense (DoD)
More informationPresented by the UAMS HIPAA Office August 2013 Anita B. Westbrook
HIPAA and Social Media and other PHI Safeguards Presented by the UAMS HIPAA Office August 2013 Anita B. Westbrook Social Networking Let s Talk Facebook More than 750 million users Average user has 130
More informationImplementing the Revised Common Rule Exemptions with Limited IRB Review
Implementing the Revised Common Rule Exemptions with Limited IRB Review Introduction: Four of the exempt categories in the revised Common Rule include a provision for limited IRB review. This resource
More informationFAFSA Completion Initiative Participation Agreement
Larry Hogan Governor Boyd K. Rutherford Lt. Governor Anwer Hasan Chairperson James D. Fielder, Jr., Ph. D. Secretary FAFSA Completion Initiative Participation Agreement This FAFSA Completion Initiative
More informationCOMMISSION ON DENTAL ACCREDITATION GUIDELINES FOR PREPARING REQUESTS FOR TRANSFER OF SPONSORSHIP
COMMISSION ON DENTAL ACCREDITATION GUIDELINES FOR PREPARING REQUESTS FOR TRANSFER OF SPONSORSHIP REQUESTS FOR TRANSFER OF SPONSORSHIP OF ACCREDITED PROGRAMS The sponsorship of an accredited program may
More informationHIPAA Compliancy Group, LLC. 2017
1 Meet Your Expert Proud Sponsor Visionary Contributor Endorsed Partner Marc Haskelson Compliancy Group, CEO Marc@compliancygroup.com CompTIA Channel Advisory Board Co Chair CompTIA Business Applications
More informationPFF Patient Registry Protocol Version 1.0 date 21 Jan 2016
PFF Patient Registry Protocol Version 1.0 date 21 Jan 2016 Contents SYNOPSIS...3 Background...4 Significance...4 OBJECTIVES & SPECIFIC AIMS...5 Objective...5 Specific Aims... 5 RESEARCH DESIGN AND METHODS...6
More informationHIPAA PRIVACY DIRECTIONS. HIPAA Privacy/Security Personal Privacy. What is HIPAA?
DIRECTIONS HIPAA Privacy/Security Personal Privacy 1. Read through entire online training presentation 2. Close the presentation and click on Online Trainings on the Intranet home page 3. Click on the
More informationWhat is HIPAA? Purpose. Health Insurance Portability and Accountability Act of 1996
Patient Privacy and HIPAA/HITECH What is HIPAA? Health Insurance Portability and Accountability Act of 1996 Implemented in 2003 Title II Administrative Simplification It s a federal law HIPAA is mandatory,
More informationThe SOP applies to all human subject research falling under the purview of the University of Missouri Institutional Review Board.
Institutional Review Board.... University of Missouri-Columbia.. Standard Operating Procedure Informed Consent Types and Elements Informed Consent Types and Elements Effective Date: December 12, 2005 Original
More informationStudent Orientation: HIPAA Health Insurance Portability & Accountability Act
_ Student Orientation: HIPAA Health Insurance Portability & Accountability Act HIPAA: National Privacy Law History of HIPAA What was once an ethical responsibility to protect a patient s privacy is now
More informationGuidelines for Requesting an Increase in Enrollment in a Predoctoral Dental Education Program
Guidelines for Requesting an Increase in Enrollment in a Predoctoral Dental Education Program TIMING OF REQUESTS AND RESPONSE: Approval of an increase in enrollment in predoctoral dental education programs
More informationHCCA PRIVACY COMPLIANCE FOCUS GROUP
HCCA PRIVACY COMPLIANCE FOCUS GROUP Industry Immersion Session 2005 Annual Institute New Orleans April 2005 1 DISCUSSION LEADERS Betsy Hall Jodi Innocent Marti Arvin April 2005 2 AGENDA 1:45 to 3:15 HIPAA
More informationSCREENING PROCEDURES: WHAT IS COVERED BY A
SCREENING PROCEDURES: WHAT IS COVERED BY A PARTIAL HIPAA WAIVER AND WHAT IS NOT? IRB Webinar March 12, 2015 BEFORE WE START Currently there is a lot of discussion at Emory on HIPAA and recruitment practices.
More informationNATIONAL ASSOCIATION FOR STATE CONTROLLED SUBSTANCES AUTHORITIES (NASCSA) MODEL PRESCRIPTION MONITORING PROGRAM (PMP) ACT (2016) COMMENT
1 NATIONAL ASSOCIATION FOR STATE CONTROLLED SUBSTANCES AUTHORITIES (NASCSA) MODEL PRESCRIPTION MONITORING PROGRAM (PMP) ACT (2016) SECTION 1. SHORT TITLE. This Act shall be known and may be cited as the
More informationCOMMISSION ON DENTAL ACCREDITATION POLICY ON REPORTING AND APPROVAL OF SITES WHERE EDUCATIONAL ACTIVITY OCCURS
COMMISSION ON DENTAL ACCREDITATION POLICY ON REPORTING AND APPROVAL OF SITES WHERE EDUCATIONAL ACTIVITY OCCURS The Commission on Dental Accreditation recognizes that students/residents may gain educational
More informationGuidelines for Requesting an Increase in Authorized Enrollment in Orthodontics and Dentofacial Orthopedics Residency and Fellowship Programs
Guidelines for Requesting an Increase in Authorized Enrollment in Orthodontics and Dentofacial Orthopedics Residency and Fellowship Programs POLICY ON ENROLLMENT INCREASES IN ADVANCED DENTAL SPECIALTY
More informationTechnology Standards of Practice
2016 Technology Standards of Practice Used with permission from the Association of Social Work Boards (2016) Table of Contents Technology Standards of Practice 2 Definitions 2 Section 1 Practitioner Competence
More informationSignature (Patient or Legal Guardian): Date:
X-Ray Patient Information: [ ] Male [ ] Female Patient Name: Date of Birth: / / SS#: Mailing Address: City: State: Zip: Phone # s: (Home) (Work) (Cell) Referring Physician: Phone #: /Fax#: Additional Physician:
More information2018 ABOS Part II Oral Examination
2018 ABOS Part II Oral Examination Information Packet: Preparing Your Case List Page 1 of 20 2018 American Board of Orthopaedic Surgery (ABOS) Part II Oral Examination Dear ABOS Part II Oral Candidate:
More informationHIPAA Privacy Training for Non-Clinical Workforce
Office of Compliance Programs HIPAA Privacy Training for Non-Clinical Workforce Revised: January 24, 2017 HIPAA Privacy Workforce Training The Health Insurance Portability & Accountability Act (HIPAA)
More informationRelease of Medical Records in Ohio OHIMA. Ohio Revised Code (ORC) HIPAA
Release of Medical Records in Ohio OHIMA March, 2010 Ann Hubbuch, JD, RHIA Vice President Corporate Compliance Licking Memorial Health Systems Ohio Revised Code (ORC) One part of the puzzle What controls.hipaa
More informationFAQs March 12, 2012 FREQUENTLY ASKED QUESTIONS
FREQUENTLY ASKED QUESTIONS Table of Contents (Click to follow links) The National Cancer Institute s Central IRB (NCI CIRB)... 2 Standalone HIPAA Authorizations... 3 Retroactive CRADO Waivers... 4 Implementation
More informationSouthwest Acupuncture College /PWFNCFS
Southwest Acupuncture College /PWFNCFS This replaces policies in the catalogue and any other documents to date. Boulder Santa Fe TABLE OF CONTENTS STATEMENT OF PURPOSE... 1 I. RIGHT TO A NOTICE OF PRIVACY
More informationETHICAL AND REGULATORY CONSIDERATIONS
CONSIDERATIONS Office for Office for Human Research Protections The Office for Office for Human Research Protections (OHRP) is an administrative subdivision within the U.S. Department of Health and Human
More informationAn Introduction to the HIPAA Privacy Rule. Prepared for
An Introduction to the HIPAA Privacy Rule Prepared for January 2005 An Introduction to the HIPAA Privacy Rule Prepared for Covering Kids & Families National Program Office Southern Institute on Children
More information(PLEASE PRINT) Sex M F Age Birthdate Single Married Widowed Separated Divorced. Business Address Business Phone Cell Phone
(PLEASE PRINT) Emma Warner, MSW, LCSW, ACSW Tulsa, OK 74105 (918) 749-6935 Personal Information Name Address Last Name First Name Initial Home Phone Soc. Sec. # City State Zip Sex M F Age Birthdate Single
More informationORA Closeout Process for NIH Awards
Office of Research Administration ORA Closeout Process for NIH Awards ORA CLOSEOUT GUIDELINES ORA is responsible for making sure that necessary closeout documents are submitted to NIH within 90 days of
More informationSAINT AGNES MEDICAL CENTER CLINICAL RESEARCH CENTER Fresno, California. STANDARD OPERATING PROCEDURES Institutional Review Board
SAINT AGNES MEDICAL CENTER CLINICAL RESEARCH CENTER Fresno, California STANDARD OPERATING PROCEDURES Institutional Review Board Date Effective: April 26, 2001 Index No. R 1217 Date Last Revised: 0 Date
More informationHIPAA Privacy & Security Training
HIPAA Privacy & Security Training for Nonclinicians Introduction As a Duke Medicine workforce member you may have access to patients and patient information and you have a legal and ethical obligation
More informationIt defines basic terms and lists basic principles that all LSUHSC-NO faculty, staff, residents and students must understand and follow.
Office of Compliance Programs Revised: July 18, 2017 HIPAA Privacy HIPAA Privacy Workforce Training The Health Insurance Portability & Accountability Act (HIPAA) requires that the University train all
More informationChanges to the Common Rule
Changes to the Common Rule November 21, 2017 S Joseph Austin, JD, LL.M Corey Zolondek, PhD, CIP Introduction: NOTE: Relative to the Common Rule changes, this presentation does not address requirements
More informationHIPAA Privacy & Security Training
HIPAA Privacy & Security Training for Clinicians Introduction As a clinician at Duke Medicine, you have direct access to patients and patient information and a legal and ethical obligation to protect patient
More informationMemorial Hermann Information Exchange. MHiE POLICIES & PROCEDURES MANUAL
Memorial Hermann Information Exchange MHiE POLICIES & PROCEDURES MANUAL TABLE OF CONTENTS 1. Definitions 3 2. Hardware/Software Supported Platform Requirements 4 3. Anti-virus Software Requirement 4 4.
More information[Enter Organization Logo] USE AND DISCLOSURE OF MENTAL HEALTH RECORDS. Policy Number: [Enter] Effective Date: [Enter]
USE AND DISCLOSURE OF MENTAL HEALTH RECORDS Policy Number: [Enter] Effective Date: [Enter] I. Policy: A. Purpose This policy establishes guidelines to be followed by [Organization] s workforce when using
More informationFEDERAL AND STATE BREACH NOTIFICATION LAWS FOR CALIFORNIA
FEDERAL AND STATE BREACH NOTIFICATION LAWS FOR CALIFORNIA LEGAL CITATION California Civil Code Section 1798.82 California Health and Safety (H&S) Code Section 1280.15 42 U.S.C. Section 17932; 45 C.F.R.
More informationPOLICY ON ENROLLMENT INCREASES IN ADVANCED DENTAL SPECIALTY PROGRAMS
Guidelines for Requesting an Increase in Authorized Enrollment in Oral and Maxillofacial Surgery Residency and Fellowship Programs POLICY ON ENROLLMENT INCREASES IN ADVANCED DENTAL SPECIALTY PROGRAMS A
More informationExempt & Expedited Reviews. February 2017 IRB Member Training
Exempt & Expedited Reviews February 2017 IRB Member Training Introduction Studies that are minimal risk Meet certain criteria ( categories ) Extensive screening by ORA staff Reviewed by a designated member
More informationREQUEST FOR PROPOSALS. For: As needed Plan Check and Building Inspection Services
Date: June 15, 2017 REQUEST FOR PROPOSALS For: As needed Plan Check and Building Inspection Services Submit Responses to: Building and Planning Department 1600 Floribunda Avenue Hillsborough, California
More informationSignature Date Date First Effective: Signature Date Revision Date:
University of Kentucky Office of Research Integrity and Institutional Review Board Standard Operating Procedures Revision #7 TITLE: NCI CIRB Review Page 1 of 15 C3.0400 Approved By: ORI Director Signature
More information.. Policy and Procedure Policy name: HIPAA: Privacy Notice Policy Policy number: 180-00-05 Proponent: Director of Quality and Compliance Mind Springs Asset Management, Company: LLC West Springs Hospital,
More informationResearch Audits PGR. Effective: 12/04/2013 Reviewed: 12/04/2015. Name of Associated Policy: Palmetto Health Administrative Research Review
Effective: 12/04/2013 Reviewed: 12/04/2015 Name of Associated Policy: Palmetto Health Administrative Research Review Definitions Responsible Positions Equipment Needed Procedure Steps, Guidelines, Rules,
More informationReport of the Information & Privacy Commissioner/Ontario. Review of the Cardiac Care Network of Ontario (CCN):
Information and Privacy Commissioner / Ontario Report of the Information & Privacy Commissioner/Ontario Review of the Cardiac Care Network of Ontario (CCN): A Prescribed Person under the Personal Health
More informationSafeguarding PHI Nutrition Services. UAMS HIPAA Office May 2015
Safeguarding PHI Nutrition Services UAMS HIPAA Office May 2015 HIPAA (not HIPPA) What is HIPAA? The Health Insurance Portability and Accountability Act is a federal law that protects the privacy and security
More informationPATIENT INFORMATION. In Case of Emergency Notification
PATIENT INFORMATION Patient Name Date Nickname DOB Age Sex Race/Ethnicity Language(s) spoken at home Person completing form Relation to Patient Patient Address City State Zip Phone # Other Phone Medical
More informationKansas Department for Aging and Disability Services
Agency 26 Kansas Department for Aging and Disability Services Editor s Note: Pursuant to Executive Reorganization Order (ERO) No. 41, the Kansas Department on Aging was renamed the Kansas Department for
More informationENTERPRISE INCOME VERIFICATION (EIV) SECURITY POLICY
ENTERPRISE INCOME VERIFICATION (EIV) SECURITY POLICY Rev. October 2011 EIV Security Policy Acknowledgment Form By signing this form I acknowledge my receipt of the EIV System Security Policy approved by
More informationAAHRPP Accreditation Procedures Approved April 22, Copyright AAHRPP. All rights reserved.
AAHRPP Accreditation Procedures Approved April 22, 2014 Copyright 2014-2002 AAHRPP. All rights reserved. TABLE OF CONTENTS The AAHRPP Accreditation Program... 3 Reaccreditation Procedures... 4 Accreditable
More informationOffice of Human Research Office of Human Research Policy and Procedure Manual. Version: 4/4/18
Version: 4/4/18 Signatures on File for the Approval of Revisions to the Policy and Procedures Table of Contents 100 General Administration (GA)... 5 Policy GA 101: The Authority and Purpose of the Institutional
More informationPART 512 RESEARCH. Subpart B Research. 28 CFR Ch. V ( Edition)
Pt. 512 Whenever possible, the Warden or designee shall make the determination as to whether an arrest should occur. PART 512 RESEARCH Subpart B Research Sec. 512.10 Purpose and scope. 512.11 Requirements
More information