HIPAA
|
|
For Researchers at the University at BuffaloAs
of April 14, 2003 if
your research involves the use or creation of health
information about your research subjects there are new steps you must implement to protect
the privacy of a research subject's personally identifiable health information. This
website will assist you in fulfilling these new federal regulatory requirements. Although the UB research function has been explicitly defined as a non-covered function under HIPAA, research protocols involving the provision of health care, or that will be obtaining health information from a third party entity will be required by the UB IRBs to adhere to the HIPAA regulations as they relate to a non-covered entity for acquiring individually identifiable health information for research purposes from a covered entity. In general, protocols that must comply with UB HIPAA policy will need to secure from each research subject a signed HIPAA compliant authorization form to use or disclose their personally identifiable health information for research purposes. In some instances, there are alternatives to obtaining authorization including a waiver of authorization and a certificate of de-identification. The HIPAA Worksheet (below) will guide you to the correct option available to fulfill the new regulatory requirements and UB's policy for implementing them. Be mindful that your research protocol may obtain individually identifiable health information from different locations, and for different uses in various stages of the protocol, e.g., subject identification, recruitment, data collection and analysis. A protocol that is required to comply with UB's HIPAA research policies must have a HIPAA mechanism in place for every piece of individually identifiable health information it obtains. HIPAA Documents and worksheetsOverview - documents to better understand HIPAA and HIPAA at UBUB HIPAA Overview - what UB functions are covered under HIPAA and how does HIPAA apply to research. UB HIPAA Declarations and Guidance - Formal UB position statements on issues such as UB covered functions, non-covered functions, etc. This page also contains UB Guidance documents aimed at helping the UB community understand specific HIPAA issues (some specifically target research issues). Organizational Issues Describes the impact of HIPAA on research when multiple entities, each with its own HIPAA issues, participate in research. HIPAA and UB Research Power Point presentation orienting the researcher to HIPAA at UB is available from this link. Nuts-And-Bolts - documents needed by UB investigators to assist them in complying with HIPAA at UB.HIPAA
Worksheet
This worksheet will assist you in determining if HIPAA will impact your
research and, if it does, what mechanisms you need to have in place in order to
collect individually identifiable health information so that your research will collect
data in a way that is compliant with UB's policy to meet the HIPAA Privacy regulations. Specific HIPAA information transfer mechanisms:
|
This material is designed for internal University at Buffalo use only and is
copyrighted. Information and documents available on this site may be
freely copied and used with appropriate attribution to the University at
Buffalo. None of the information on these pages should be construed as
legal advice or expert opinion with respect to how any particular function or
entity engages in work to come into compliance with HIPAA.
|