HIPAA & Research Overview for the Privacy Board March 22, UAMS HIPAA Office Vera M. Chenault, JD

Similar documents
Module: Research and HIPAA Privacy Protections ( )

Privacy Rule Overview

Recruiting subjects for clinical research outside the academic setting

LifeBridge Health HIPAA Policy 4. Uses of Protected Health Information for Research

HIPAA COMPLIANCE APPLICATION

Use And Disclosure Of Protected Health Information (PHI) For Research

INSTITUTIONAL REVIEW BOARD Investigator Guidance Series HIPAA PRIVACY RULE & AUTHORIZATION THE UNIVERSITY OF UTAH. Definitions.

The HIPAA privacy rule and long-term care : a quick guide for researchers

The Impact of The HIPAA Privacy Rule on Research

The Queen s Medical Center HIPAA Training Packet for Researchers

YALE UNIVERSITY THE RESEARCHERS GUIDE TO HIPAA. Health Insurance Portability and Accountability Act of 1996

Navigating HIPAA Regulations. Michelle C. Stickler, DEd Director, Research Subjects Protections

HIPAA Policies and Procedures Manual

San Francisco Department of Public Health Policy Title: HIPAA Compliance Privacy and the Conduct of Research Page 1 of 10

PRIVACY IMPACT ASSESSMENT (PIA) For the. Department of Defense Consolidated Cancer Registry (CCR) System. Defense Health Agency (DHA)

TRICARE Management Activity s Human Research Protection Program, Data Sharing Agreement Program, and the TMA Privacy Board

Compliance Policy C-FMS Clinical Research Project Approval Application

HIPAA Privacy Regulations Governing Research

The HIPAA Privacy Rule and Research: An Overview

New HIPAA Privacy Regulations Governing Research. Karen Blackwell, MS Director, HIPAA Compliance

Privacy Board Standard Operating Procedures

HIPAA PRIVACY TRAINING

CCSS: HIPAA-Compliant Recruitment. Dennis Deapen, DrPH CCSS Annual Investigators Meeting Memphis, TN October 9-11, 2005

REQUEST TO ACCESS EXISTING MEDICAL RECORDS, CHARTS OR DATABASES FOR RESEARCH

System-wide Policy: Use and Disclosure of Protected Health Information for Research

[Enter Organization Logo] CONSENT TO DISCLOSE HEALTH INFORMATION UNDER MINNESOTA LAW. Policy Number: [Enter] Effective Date: [Enter]

THE JOURNEY FROM PHI TO RHI: USING CLINICAL DATA IN RESEARCH

******************************************************************** Policy Expectation:

UNIVERSITY OF ILLINOIS HIPAA PRIVACY AND SECURITY DIRECTIVE

SUNY DOWNSTATE MEDICAL CENTER POLICY AND PROCEDURE

NOTICE OF PRIVACY PRACTICES

Access to Patient Information for Research Purposes: Demystifying the Process!

INFORMED CONSENT DOCUMENT. Project Title: The Contraceptive Choice Center: an innovative health services delivery and payment model

SCREENING PROCEDURES: WHAT IS COVERED BY A

Breach Reporting and Safeguarding PHI Outpatient Services August, UAMS HIPAA Office Anita Westbrook

(PLEASE PRINT) Sex M F Age Birthdate Single Married Widowed Separated Divorced. Business Address Business Phone Cell Phone

Managing Privacy Risk in Your Research and Development Enterprise. Sujata Dayal, Abbott Justin McCarthy, Pfizer

Authorization and Waiver Frequently Asked Questions

(Type inside gray boxes, cells will expand) A. EIGHT POINT CRITERIA for IRB Review

CLINICIAN S GUIDE TO HIPAA PRIVACY

Consent Form Requirements for Multicenter studies when CHOP Relies on an external IRB

DE-IDENTIFICATION OF PROTECTED HEALTH INFORMATION (PHI)

Study Management PP STANDARD OPERATING PROCEDURE FOR Safeguarding Protected Health Information

12057 Jefferson Blvd LA, CA (323)

APPLICATION FOR RESEARCH REQUESTING AN IRB WAIVER OF CONSENT AND HIPAA AUTHORIZATION

NOTICE OF PRIVACY PRACTICES

1303A West Campus Drive

Release of Medical Records in Ohio OHIMA. Ohio Revised Code (ORC) HIPAA

FAQs March 12, 2012 FREQUENTLY ASKED QUESTIONS

IRB 101. Rachel Langhofer Joan Rankin Shapiro Research Administration UA College of Medicine - Phoenix

Presented by the UAMS HIPAA Office August 2013 Anita B. Westbrook

Southwest Acupuncture College /PWFNCFS

HCCA PRIVACY COMPLIANCE FOCUS GROUP

SCHOOL OF PUBLIC HEALTH. HIPAA Privacy Training

FERPA 101. December 4, Michael Hawes Director of Student Privacy Policy U.S. Department of Education

Patient Privacy Requirements Beyond HIPAA


1. Contacts and Title

Office of Human Research Office of Human Research Policy and Procedure Manual. Version: 4/4/18

UA New Common Rule Implementation

Regulatory Issues Facing Student Health Centers Presented by: Richard T. Yarmel and Edward H. Townsend

Failure to comply may result in WU being liable for civil and criminal penalties under the HIPAA regulations.

Parental Consent For Minors to Receive Services

Associates in ear, nose, throat/ Head & Neck surgery, pllc

Exempt & Expedited Reviews. February 2017 IRB Member Training

HIPAA IMPLICATIONS: Patient Rights Under HIPAA

HIPAA. The. Privacy Regulations. The Fetal and Infant Mortality Review Process:

Pablo Tebas, M.D. Joseph Quinn, RN, BSN Yan Jiang, RN, BSN, MSN

Saint Joseph Mercy Health System Institutional Review Board

NYU Langone Health Notice of Privacy Practices

WHAT IS AN IRB? WHAT IS AN IRB? 3/25/2015. Presentation Outline

HIPAA P12 CMS Data Use Agreements & Data Management Plans

Geisinger IRB Member Orientation Session 2. Debra L. Henninger, MHS RN CCRC Associate Director, Research Compliance

New Study Submissions to the IRB

HIPAA PRIVACY NOTICE

FAMILY MEDICAL ASSOCIATES OF RALEIGH 3500 Bush Street Raleigh, NC P: (919) F: (919)

Learn about your letter at CONSENT TO RELEASE

Genesis Health System. Institutional Review Board. Standard Operating Procedures

WELCOME. Payment will be expected at the time of service. Please remember our 24 hour cancellation notice.

Waiver of Informed Consent when Using Medical Records or Other Secondary Data or Specimens UNC-CH OHRE Guidance Document

UC IRVINE INSTITUTIONAL REVIEW BOARD NON-HUMAN SUBJECT RESEARCH DETERMINATION FORM HRP Version: July 2018

NAME SS# ADDRESS CITY STATE ZIP. TELEPHONE (home) (business) Cell SEX M F BIRTH DATE PLACE OFBIRTH RACE ETHNICITY LANGUAGE

New Patient Information

New York Notice Form Notice of Psychologists Policies and Practices to Protect the Privacy of Your Health Information

ASU Phi Theta Kappa Scholarship Awards. General Information

ETHICAL AND REGULATORY CONSIDERATIONS

Written Financial Policy

OAK HAMMOCK AT THE UNIVERSITY OF FLORIDA, INC. NOTICE OF PRIVACY PRACTICES. Privacy Office: (352) Effective Date: September 23, 2013

always legally required to follow the privacy practices described in this Notice.

JOINT NOTICE OF PRIVACY PRACTICES

Changes to the Common Rule

R. Gregory Cochran, MD, JD

DURABLE POWER OF ATTORNEY FOR HEALTH CARE DECISIONS (Medical Power of Attorney) I,, born, designate

System to Track and Approve Research STAR Principal Investigator/Proxy User Guide

Notice of Privacy Practices

THE CENTER FOR SLEEP MEDICINE

Pain Specialists of Greater Chicago Notice of Privacy Practices

OVERVIEW OF THE USES AND DISCLOSURES OF PHI

Record or Document Type Retention Period Relevant Legal Citation(s) IRB Records: Training Records;

A Better You Counseling Services, LLC 1225 Johnson Ferry Road, Ste 170 Marietta GA

Transcription:

HIPAA & Research Overview for the Privacy Board March 22, 2011 UAMS HIPAA Office Vera M. Chenault, JD

The Privacy Board - YOU HIPAA Privacy Rule establishes the requirements for membership and role of the Privacy Board A Privacy Board is a review body that acts upon requests for a waiver or an alteration of the Authorization requirement under the Privacy Rule for uses and disclosures of PHI for a particular research study. A Privacy Board may waive or alter all or part of the Authorization requirements for a specified research project or protocol. The UAMS Privacy Board is the UAMS Institutional Review Board

HIPAA and Research Four ways HIPAA allows for use to PHI in research: 1. Patient authorization Must comply with HIPAA requirements or Alteration of HIPAA-compliant form must be approved by Privacy Board 2. Waiver granted by Privacy Board Must be documented prior to the research

3. De-identified data May not include any of 18 identifiers of the individual or of relatives, employers, or household members of the individual 4. Limited data set May not include any of 16 identifiers, including name, SSN, street address May include date of birth, date of service, geographic designation other than street address Must have data use agreement in place

1. Patient Authorization Must obtain authorization for each specific research study Authorization may be, but does not have to be, part of informed consent, as long as all elements are present Authorization does not have to be reviewed or approved by IRB or Privacy Board Authorization may not be for future research

1. Patient Authorization Cont d Requirements Description of the information being used Specific identification of persons authorized to disclose the information Specific identification of the persons to whom the covered entity may disclose the information A description of the purpose must be research study specific An expiration date, event of expiration, or specific statement that there is no expiration date Description of the right to revoke the authorization Statement of whether research-related treatment will be conditioned on signing of the authorization

1. Patient Authorization Cont d Requirements cont d Statement that the information may be further disclosed by the recipient Statement that, if the IRB determines that it is appropriate to suspend the subject s right to access their own PHI during the study, access will be restricted until after completion of study Signature of the individual or personal representative (and authority if personal representative) and date

2. Waiver of Authorization To grant a waiver, the Privacy Board must determine that The PHI use or disclosure involves no more than minimal risk to the privacy of individuals based on at least the presence of (1) an adequate plan presented to the Privacy Board to protect PHI identifiers from improper use and disclosure; (2) an adequate plan to destroy those identifiers at the earliest opportunity, consistent with the research, absent a health or research justification for retaining the identifiers or if retention is otherwise required by law; and (3) adequate written assurances that the PHI will not be reused or disclosed to any other person or entity except (a) as required by law, (b) for authorized oversight of the research study, or (c) for other research for which the use or disclosure of the PHI is permitted by the Privacy Rule; The research could not practicably be conducted without the requested waiver or alteration; and The research could not practicably be conducted without access to and use of the PHI.

2. Waiver of Authorization If IRB is considering waiver of Informed Consent and waiver of HIPAA Authorization, must consider these separately However, if patients are asked to sign Informed Consent, probably don t qualify for waiver of HIPAA Authorization This is not a waiver of other HIPAA requirements, only a waiver of the requirement that an Authorization be obtained.

Other Avenues De-identified data Limited data set Reviews preparatory to research Special rule for decedents information

HIPAA Resources UAMS Research/HIPAA page: http://www.uams.edu/irb/hipaa.asp UAMS HIPAA Homepage: http://hipaa.uams.edu/ Includes forms, policies, and other resources UAMS HIPAA Office Jennifer, Research Privacy Officer: 526-7559 Vera Chenault, HIPAA Campus Coordinator: 603-1379 HIPAA Hotline: 614-2187 HIPAA Email: HIPAA@UAMS.EDU

2024 © careersdocbox.com Privacy Policy | Terms of Service | Feedback