Office of Research Oversight. Working Group Report Slide 2.

Slides:

Advertisements

Similar presentations

The Role of the IRB An Institutional Review Board (IRB) is a review committee established to help protect the rights and welfare of human research subjects.

Advertisements

Ann Johnson IRB Administrator, IRB Member. Objectives 1. Identify the components necessary for management and oversight of tissue repositories used for.

1 The HIPAA Privacy Rule and Research This presentation will probably involve audience discussion, which will create action items. Use PowerPoint to keep.

HIPAA – Privacy Rule and Research USCRF Research Educational Series March 19, 2003.

RESEARCH COMPLIANCE Agenda 1. No Destruction of local research documents after scanning 2. Training for shipping biological samples/specimens 3. Regulatory.

THE FOLLOWING SLIDES EXPLAIN THE REQUIRED ELEMENTS THAT MUST BE INCLUDED FOR A HIPAA AUTHORIZATION TO BE VALID HIPAA Authorizations.

Implementation of Privacy Board Reviews at PCMC Mary Thomason, Intermountain Healthcare Privacy Board Chair.

ORD Common Questions K. Lynn Cates, MD Assistant Chief Research & Development Officer Director, PRIDE December 5, 2012.

Privacy and Information Security Essentials

August 10, 2001 NESNIP PRIVACY WORKGROUP HIPAA’s Minimum Necessary Standard Presented by: Mildred L. Johnson, J.D.

ORO Findings on Privacy, Confidentiality, and Information Security Peter N. Poon, JD, MA, CIPP/G Office of Research Oversight Initially presented June.

What does this form mean? HIPAA Authorization means prior written permission for use and disclosure of protected health information (PHI) from the information’s.

1 Research Involving Sensitive Data & Databases Brenda Cuccherini, Ph.D., MPH VA Office of Research & Development January 2007.

Office of Research Oversight. Challenges & Opportunities Related to “Collaborative” Research with Affiliates Challenges –Federal Records Retention Requirements.

Recently Issued OHRP Documents: Guidance on Subject Withdrawal and Draft Revised FWA Secretary’s Advisory Committee on Human Research Protections October.

VHA Handbook K. Lynn Cates, M.D. Assistant Chief Research & Development Officer Director, PRIDE HRPP 201 March 24, 2011.

Developing a Records & Information Retention & Disposition Program:

CUMC IRB Investigator Meeting November 9, 2004 Research Use of Stored Data and Tissues.

Informed Consent and HIPAA Tim Noe Coordinating Center.

Office of Research Oversight VHA Handbook Research Conducted by VHA Program Office Employees Effective May 1, 2012 October 28, 2011.

Data Repositories - Anticipated Policy VHA Handbook Research Accountability Meeting Dr. Joan P. Porter Office of Research Oversight ORO Human Subject.

Health Insurance Portability and Accountability Act (HIPAA)

Anglican Province of Canada Privacy Policy. Commitment to Privacy The Privacy Policy, including the Web Privacy Statement, is the Anglican Province of.

Office of Research Oversight Update VA IRB Chair Meeting Baltimore, Maryland August 14-15, 2012 August 14, 2012.

2012 VA IRB Administrators Meeting Stephania H. Griffin, JD, RHIA, CIPP/G VHA Privacy Officer Director, Information Access and Privacy Privacy Officer.

Reality vs Urban Myth: The Truth About Regulations

2012 VA Human Research Protection Program Patricia L. Christensen, MS, RHIA, CIPP/G, CHPS, CHPC VHA Privacy Office Common Privacy Findings in Research.

Notice of Privacy Practices Nebraska SNIP Privacy Subgroup July 18, 2002 Michael J. Brown, MHA, CPA Vice-President, Administrative & Regulatory Affairs,

1 VUMC Confidentiality Policy and HIPAA Implications for Clinical Research General Clinical Research Center Skills Workshop March 2, 2007 Gaye Smith Privacy.

International Research & Research Involving Children K. Lynn Cates, MD Assistant Chief Research & Development Officer Office of Research & Development.

Responsible Conduct of Research (RCR) Farida Lada October 16, 2013

ORO Reviews: Frequent Findings Related to IRBs Bob Brooks Associate Director Research Compliance Education and Policy VHA Office of Research Oversight.

Health Insurance Portability and Accountability Act (HIPAA)

1 Defense Health Agency Privacy and Civil Liberties Office Data Sharing Program Overview Ms. Rita DeShields DHA Data Sharing Compliance Manager August.

HIPAA and Research Basics for IRB Tim Atkinson Director, Research and Sponsored Programs Director, Institutional Review Board Research Privacy Officer.

Developing Solutions - Specific ISO & Privacy Officer Responsibilities for Review of Human Research Projects K. Lynn Cates, M.D. Assistant Chief Research.

Privacy Officer Core Responsibilities for Human Research Protection Stephania H. Griffin, RHIA, CIPP/G VHA Privacy Officer.

H I P A A T R A I N I N G Self Directed Module 7 Research Disclosures For Data Custodians START Click to begin…

VA Central IRB Annette Anderson, MS, CIP VA Central IRB Administrator Updated: September 21, 2015.

The Culture of Healthcare Privacy, Confidentiality, and Security Lecture d This material (Comp2_Unit9d) was developed by Oregon Health and Science University,

Privacy vs. Confidentiality.  IRB review of privacy and confidentiality protections is required under the Common Rule and the FDA regulations, as well.

AUDIT REQUIREMENTS, FINDINGS & BASICS RESEARCH COMPLIANCE.

VHA Handbook What’s new. General Requirements for Informed Consent A Legally Authorized Representative may not always qualify as a ‘personal representative’

1 Role of the Privacy Officer on the IRB Stephania H. Griffin, RHIA, CIPP/G VHA Privacy Officer.

Integrating a Federated Healthcare Data Query Platform With Electronic IRB Information Systems Shan He IPHIE 2010.

Human Subjects Research Office of Responsible Research Practices Human Subjects Research Vanessa Hill, MSHS, CCRC Senior Quality Improvement Specialist.

VA Central IRB Annette R. Anderson, MS, RHIA, CIP VA Central IRB Administrator Local Accountability Meeting June 2011.

1 Privacy Plan of Action © HIPAA Pros 2002 All rights reserved.

Policy and Implementation Plan for Public Access to Scientific Publications and Digital Data from VA-Funded Research Tom Puglisi, PhD, ORO Executive Director.

HIPAA and Human Subjects Research IRB Member CE May 2014 Slideshow by Sean Horkheimer.

Paul Kelly Facility Research Compliance Officer for the Ralph H. Johnson VA Medical Center.

1 Overview of the Report Holly H. Birdsall, MD, PhD Acting Deputy Chief of Research & Development Officer, ORD.

1 Role of the Privacy Office in VA Research Stephania H. Putt VHA Privacy Officer.

Policy and Implementation Plan for Public Access to Scientific Publications and Digital Data from VA-Funded Research Tom Puglisi, PhD ORO Executive Director.

INVESTIGATOR RESPONSIBILITIES C. Karen Jeans, MSN COACH Project Analyst.

VETERANS HEALTH ADMINISTRATION SLIDE 0 New Requirements for VA ORD Investigators: Implementation of Data Management and Access Plans.

Human Subjects Update E. Wethington, Chair, UCHS.

Office of Research Oversight What’s New in VHA Handbook Dated November 15, 2011 December 1, 2011.

VA Central IRB K. Lynn Cates, MD Assistant Chief Research & Development Officer Office of Research & Development Department of Veterans Affairs.

VA Central IRB K. Lynn Cates, MD Assistant Chief Research & Development Officer Office of Research & Development Department of Veterans Affairs September.

Disclaimer This presentation is intended only for use by Tulane University faculty, staff, and students. No copy or use of this presentation should occur.

Final HIPAA Privacy Rule: The Research Provisions Julie Kaneshiro DHHS Office for Human Research Protections Phone: Fax:

Working Group on IT Security and Privacy in VA and NIH Sponsored Research Joel Kupersmith, MD Chief Research & Development Officer.

HIPAA Training Workshop #3 Individual Rights Kaye L. Rankin Rankin Healthcare Consultants, Inc.

Objectives 1. Define and describe each of the Agreement types being discussed today; 2. Highlight specific questions to ask when determining the administrative.

HEALTH INSURANCE PORTABILITY AND ACCOUNTABILITY ACT (HIPAA)

The HIPAA Privacy Rule: Implications for Medical Research

The HIPAA Privacy Rule and Research

HIPAA Policy & Procedure Strategies

Making Your IRBs and Clinical Investigators HIPAA-Ready

Presentation transcript:

Office of Research Oversight

Working Group Report Slide 2

Office of Research Oversight Challenges & Opportunities Related to “Collaborative” Research with Affiliates Challenges –Federal Records Retention Requirements –Privacy/Confidentiality Requirements –Privacy Act, HIPAA Privacy Rule, etc –Data Ownership Issues –VA Data Security Requirements –Dual Appointment Investigator Issues Slide 3

Office of Research Oversight Challenges & Opportunities Related to “Collaborative” Research with Affiliates Opportunities –Working Group on Information Technology Security and Privacy in VA and NIH-Sponsored Research The Working Group report describes: –Disclosure of PHI –Pursuant to a request from the affiliate –For use in non-VA research conducted by the affiliate ORO’s Interim Guidance –Assumes (pending clarification in VA policy) that the Working Group report also applies to “collaborative” research in which VA data are combined with affiliate data Slide 4

Office of Research Oversight Record Retention Requirements VA research data must be maintained per Federal records retention and other requirements A Records Retention Schedule approved by National Archives and Records Administration (NARA) is required to destroy Federal records Records Retention Schedule for VA facility-level research records is currently under development VA facilities must retain data from VA research pending approval of applicable Records Retention Schedule Slide 5

Office of Research Oversight Working Group Report – Disclosure Under HIPAA Authorization (Appendix A) Slide 6

Office of Research Oversight Disclosure Under HIPAA Authorization Subject’s HIPAA authorization permits VA to disclose data for research as described in the authorization No Data Use Agreement Required per Working Group Authorization, informed consent document, study protocol, and CRADA (where applicable) must be consistent as to data and purpose Authorization and consent must include all required elements and permit informed decision by subject Research data repository (VHA Handbook ) must be established if use or disclosure for future research (ie, outside study for which the data were collected) is anticipated Slide 7

Office of Research Oversight Disclosure Under HIPAA Authorization – Data Ownership & Information Security Valid informed consent and HIPAA authorization VA must retain a complete record of the disclosed data (per slide 5). The retained record is: –Owned by VA –Subject to VA information security requirements The disclosed copy is: –Not under VA control –Not subject to VA information security requirements Slide 8

Office of Research Oversight Disclosure Under HIPAA Authorization – Policy Clarification Desirable Working Group disclosure pursuant to a request from the affiliate vs “collaborative research” Not clear that disclosure under a HIPAA authorization necessarily transfers ownership Without a DUA or other legal agreement, it would seem problematic, for VA to assert ownership of the disclosed copy of any data provided to the affiliate/collaborator A DUA or other legal agreement would seem to be needed for VA to maintain ownership or control of disclosed data Slide 9

Office of Research Oversight Working Group Report – Disclosure without Authorization and Consent (Appendix A) Slide 10

Office of Research Oversight “Working Group” Report Disclosure Without HIPAA Authorization and/or Informed Consent Waiver of both informed consent and HIPAA authorization requirements required DUA required –Data ownership retained by VA –Permitted uses –Data transfer, storage, and information protection –Retention and destruction –etc Approval of Under Secretary for Health required Slide 11

Office of Research Oversight VA Information Security Requirements Apply to all research data owned by VA If maintained electronically and containing VA Sensitive Information (VASI) m ust reside on VA-owned equipment unless: –A waiver has been approved by the VA CIO or –A valid Memorandum of Understanding / System Interconnection Agreement (MUA/SIA) has been approved or –Where appropriate, a valid contract with VA’s security clause and security requirements has been established to permit alternate arrangements. Slide 12

Office of Research Oversight Investigators Holding Dual Appointments ORO’s Interim Guidance –Assumes (pending clarification in VA policy) that the Working Group report also applies to “collaborative” research in which VA data are combined with affiliate data Slide 13

Office of Research Oversight Investigators Holding Dual Appointments Critical to separate and document –VA activities on VA time vs –Affiliate activities on affiliate time Documentation should clarify –VA duties –VA duty locations –VA tours of duty –Data ownership issues –Data security requirements Separation of VA activities/research from affiliate activities/research critical for studies combining VA data with affiliate data Slide 14

Office of Research Oversight Combining VA Data with Affiliate Data for “Collaborative” Studies Slide 15 VA data are data collected –By a VA investigator –On VA time –Under a protocol approved by the VA IRB and the VA R&D Committee Affiliate data are data collected –By an Affiliate investigator –On affiliate time –Under a protocol approved by the affiliate IRB The “collaborative” study should be implemented as a multi-site study

Office of Research Oversight Combining VA Data with Affiliate Data for “Collaborative” Studies -- What Does “Separate Protocols” Mean? Slide 16 Each facility exercises latitude in administrative management of research projects Critical factor is to ensure that –VA research is clearly distinguished from affiliate research –IRB action on the VA research is separate and distinguishable from its action on the Affiliate research –The R&D Committee only approves the VA research

Office of Research Oversight Combining VA Data with Affiliate Data for “Collaborative” Studies Slide 17 Protocols, consent documents, and authorizations for both sites must include: –Use of data in a multi-site study combining VA and affiliate data –Data will be disclosed to study Coordinating Center –Location of Coordinating Center If Coordinating Center is at VA, the VA protocol must include: –Interaction/intervention and data collection activities at VA –Activities of the Coordinating Center

Office of Research Oversight Combining VA Data with Affiliate Data for “Collaborative” Studies Slide 18 If Coordinating Center is at the Affiliate Site and VA does not maintain ownership of the disclosed data: –A dual appointment investigator should not conduct research using the combined data set while on VA time unless the activity has been approved by the VA R&D Committee as an “off-site” VA research activity This particular “off-site” arrangement presents complex data ownership and other questions. –ORO strongly recommends consultation with ORD and Regional Counsel prior to approval of the arrangement

Office of Research Oversight Combining VA Data with Affiliate Data for “Collaborative” Studies Slide 19 Discussion & Questions