Use of Data from the Electronic Medical Record in Research Opportunities & Pit Falls Kristin West.

Slides:

Advertisements

Similar presentations

Ann Johnson IRB Administrator, IRB Member. Objectives 1. Identify the components necessary for management and oversight of tissue repositories used for.

Advertisements

TISSUE BANKING Challenging to Say the Least

1 The HIPAA Privacy Rule and Research This presentation will probably involve audience discussion, which will create action items. Use PowerPoint to keep.

HIPAA and Public Health 2007 Epi Rapid Response Team Conference.

HIPAA – Privacy Rule and Research USCRF Research Educational Series March 19, 2003.

1 HIPAA and Research and YOU. 2 INTRODUCTION Rule #1:Don’t Panic Rule #2:Bottom Line for Researchers: HIPAA is Manageable thru Education/Awareness and.

What is HIPAA? This presentation was created by The University of Arizona Privacy Office, The Office for the Responsible Conduct of Research on March 5,

Health Insurance Portability Accountability Act of 1996 HIPAA for Researchers: IRB Related Issues HSC USC IRB.

Implementation of Privacy Board Reviews at PCMC Mary Thomason, Intermountain Healthcare Privacy Board Chair.

Human Specimen Repositories: Requirements of 45 CFR part 46 PRIM&R May 5, 2004 Julie Kaneshiro DHHS Office for Human Research Protections Phone:

Will you be sending data/specimens that meet the criteria of “Identifiable” under HIPAA regulations? No  If data/specimens were collected under UVa protocol-

Ellen Wright Clayton, MD, JD Craig-Weaver Professor of Pediatrics Director, Center for Biomedical Ethics and Society Vanderbilt University.

Recently Issued OHRP Documents: Guidance on Subject Withdrawal and Draft Revised FWA Secretary’s Advisory Committee on Human Research Protections October.

Belinda Seto, Ph.D. Deputy Director National Institute of Biomedical Imaging and Bioengineering National Institutes of Health (NIH) Implementing the NIH.

Tissue Banking Marilyn Mason, Ph.D. January 14, 2009.

CUMC IRB Investigator Meeting November 9, 2004 Research Use of Stored Data and Tissues.

Human Subjects Protection in Research Carnegie Mellon University Regulatory Compliance Administration 5000 Forbes Avenue, UTDC Bldg., Rooms 108 & 109 Pittsburgh,

NIH Proposed Use of a Central IRB (C-IRB) for NIH-funded multi-site studies Committee on Clinical Research January 26,

Informed Consent and HIPAA Tim Noe Coordinating Center.

IRB Monthly Investigator Meeting Columbia University Medical Center IRB October 11, 2005.

Health Insurance Portability and Accountability Act (HIPAA)

2012 VA IRB Administrators Meeting Stephania H. Griffin, JD, RHIA, CIPP/G VHA Privacy Officer Director, Information Access and Privacy Privacy Officer.

How to Obtain Institutional Review Board (IRB) Approval Richard Wagner Associate Director UCSF Human Research Protection Program August 14, 2008.

1 VUMC Confidentiality Policy and HIPAA Implications for Clinical Research General Clinical Research Center Skills Workshop March 2, 2007 Gaye Smith Privacy.

Human Research Protection Programs 1a: How to Navigate Human Subject Protection Regulations Sponsored by the American Society for Investigative Pathology.

Paula Peyrani, MD Medical/Project Director, HIV Program at the 550 Clinic Assistant Director, Research Design and Development Clinical and Translational.

Treuman Katz Center for Pediatric Bioethics Conference Banking Biological Samples for Pediatric Research Jeffrey R. Botkin, M.D., M.P.H. Professor.

NIH Data Sharing Policy University of Nebraska Medical Center.

Primary Care and Community Outreach Research VCOM Institutional Review Board Jim Mahaney, PhD Associate Dean for Biomedical Affairs, Virginia Campus Past.

1 Defense Health Agency Privacy and Civil Liberties Office HIPAA Privacy Board Overview August 6, 2015.

Health Insurance Portability and Accountability Act (HIPAA)

Future Use of Stored Samples & Data and the NIH Policy on GWAS and dbGaP NIAID/DAIDS Dione Washington, M.S. -- ProPEP Sudha Srinivasan, Ph.D.-- TRP Tanisha.

SACHRP HIPAA Recommendations: September 2004 Mark Barnes Huron Consulting Group March 3, 2009.

Computerized Networking of HIV Providers Workshop Data Security, Privacy and HIPAA: Focus on Privacy Joy L. Pritts, J.D. Assistant Research Professor Health.

1 Defense Health Agency Privacy and Civil Liberties Office Data Sharing Program Overview Ms. Rita DeShields DHA Data Sharing Compliance Manager August.

Advanced HIPAA Issues for Biotech and Life Sciences Companies: Mark E. Schreiber Palmer & Dodge LLP 111 Huntington Avenue Boston, MA

HIPAA and Research Basics for IRB Tim Atkinson Director, Research and Sponsored Programs Director, Institutional Review Board Research Privacy Officer.

HIPAA – How Will the Regulations Impact Research?.

NIH Data Sharing Dr. Belinda Seto, Deputy Director National Institute of Biomedical Imaging and Biomedical Engineering (NBIB) June 23, 2004 Collaborative.

Research Compliance: An Overview of the Players and Issues Involved in Emory’s Research Compliance Programs.

H I P A A T R A I N I N G Self Directed Module 7 Research Disclosures For Data Custodians START Click to begin…

HIPAA SURVIVAL SKILLS: An Update University of Miami1 Marisabel Davalos, M.S.Ed., CIP Associate Director of Educational Initiatives November, 2008.

Privacy and Confidentiality. Definitions n Privacy - having control over the extent, timing, and circumstances of sharing oneself (physically, behaviorally,

Health Insurance Portability and Accountability Act (HIPAA) CCAC.

© 2013 The McGraw-Hill Companies, Inc. All rights reserved. Ch 8 Privacy Law and HIPAA.

Privacy vs. Confidentiality.  IRB review of privacy and confidentiality protections is required under the Common Rule and the FDA regulations, as well.

1 Ethical issues in genomics research Bernard Lo, M.D. March 3, 2009.

SHARe. What is WHI-SHARe? SHARe – stands for SNP Health Association Resource. It is an NHLBI program for genome-wide association studies (GWAS). GWAS.

HIPAA and Human Subjects Research IRB Member CE May 2014 Slideshow by Sean Horkheimer.

Case Studies: Puzzles in Human Research Kevin L. Nellis, M.S., M.T. (A.S.C.P.) Program Analyst, Program for Research Integrity Development and Education.

Regulatory Guidance for Genetic Testing. Three Specific Areas Laboratory tests Results of genetic testing – Clinical – Research GenomeWide Association.

VETERANS HEALTH ADMINISTRATION SLIDE 0 New Requirements for VA ORD Investigators: Implementation of Data Management and Access Plans.

HIPAA Privacy Rule Positive Changes Affecting Hospitals’ Implementation of the Rule.

PwC Issues in HIPAA Research Compliance William R. Braithwaite, MD, PhD “Dr. HIPAA” HIPAA Summit 6 Washington, DC 27 March 2003.

Human Subjects Update E. Wethington, Chair, UCHS.

CAN THE CANNED FORMS: Practical Advice in Implementing HIPAA Privacy Policies and Forms Margaret Marchak, Esq. Rachel Nosowsky, Esq. HIPAA Summit West.

NIH Genomic Data Sharing (GDS) Policy Kathleen Calzone, PhD, RN, APNG, FAAN Anjan Purkayastha, PhD February 22, 2016.

Audrey R. Chapman, Ph.D. October 22, 2014

Final HIPAA Privacy Rule: The Research Provisions Julie Kaneshiro DHHS Office for Human Research Protections Phone: Fax:

HEALTH INSURANCE PORTABILITY AND ACCOUNTABILITY ACT (HIPAA)

The HIPAA Privacy Rule: Implications for Medical Research

HIPAA Administrative Simplification

The 2018 Human Subject Rules

Common Rule Changes to Consent and Template

The HIPAA Privacy Rule and Research

The 2018 Human Subject Rules

Making Your IRBs and Clinical Investigators HIPAA-Ready

Issues in HIPAA Research Compliance

Research Compliance: The Research/Privacy Nexus

Office of the Vice President for Research Human Subjects Protection Program IRB Submission Process Module 4 - Health Insurance Portability and Accountability.

Presentation transcript:

Use of Data from the Electronic Medical Record in Research Opportunities & Pit Falls Kristin West

Overview of Presentation EMR Data for Research Role of IRB/Privacy Board Front Door Consents Genomic Data -- When is de-identified data identifiable? Unintended Consequences – Business Associates & Research Collaborators

The View from the Trenches

Accessing Data for Research Role of the IRB IRB as Privacy Board Whose IRB? Rise of Central IRBs Informed Consent & HIPAA Authorization The Power of the IRB – Waivers! Reviewing records & caps

Front Door Consents Recruitment – Partial Waiver of HIPAA Authorization Cold Calls – Does the average person know what an IRB is? Answer: Front Door Consent

Front Door Consent Method for recruitment & collecting biospecimens Increase study awareness Increased recruitment can mean increased funding Examples: MD Anderson, Emory

Front Door Consent – Logistical Issues Comprehension – can 8 th grade reading level be achieved? Memory – What did I sign? Multiple calls Revocation? Future Research

Genomic Data Data on the complete genetic material contained in an organism. Genome-wide Association Study – scanning markers across complete sets of people’s DNA to find genetic variants that are associated with a specific condition or disease.

New NIH Policy Final NIH Genomic Data Sharing Policy 8/28/ /final-nih-genomic-data- sharing-policy 8/28/ /final-nih-genomic-data- sharing-policy

NIH Genomic Data Policy Scope: NIH-funded research that “generates large-scale [>100 subjects] human or non-human genomic data, as well as the use of these data for subsequent research.” Includes “genome-wide association studies (GWAS), single nucleotide polymorphism (SNP) arrays, and genome sequence, transcriptomic, metagenomic, epigenomic, and gene expression data.”

Required Consent Elements Investigators must obtain participants’ consent to use their genomic data for “future research purposes and to be shared broadly.” “The consent should include an explanation about whether participants’ individual-level data will be shared through unrestricted- or controlled-access repositories.”

Consent also Required for De- identified Data “For studies proposing to use genomic data from cell lines or clinical specimens that were created or collected after the effective date of the Policy, NIH expects that informed consent for future research use and broad data sharing will have been obtained even if the cell lines or clinical specimens are de-identified.” Room for possible exceptions in the case of “compelling scientific reasons.”

De-identified... “Investigators should de-identify human genomic data that they submit to NIH-designated data repositories according to the standards set forth in the HHS Regulations for the Protection of Human Subjects to ensure that the identities of research subjects cannot be readily ascertained with the data.” “Investigators should also strip the data of identifiers according to the Health Insurance Portability and Accountability Act (HIPAA) Privacy Rule. The de- identified data should be assigned random, unique codes by the investigator, and the key to other study identifiers held by the submitting institution.”

... or Not? “Although the data in the NIH database of Genotypes and Phenotypes (dbGaP) are de-identified by both the HHS Regulations for Protection of Human Subjects and HIPAA Privacy Rule standards, NIH has obtained a Certificate of Confidentiality for dbGaP as an additional precaution because genomic data can be re-identified. ”

What about old specimens? “For studies using data from specimens collected before the effective date of the GDS Policy, there may be considerable variation in the extent to which future genomic research and broad sharing were addressed in the informed consent materials for the primary research. In these cases, an assessment by an IRB, privacy board, or equivalent body is needed to ensure that data submission is not inconsistent with the informed consent provided by the research participant. NIH will accept data derived from de-identified cell lines or clinical specimens lacking consent for research use that were created or collected before the effective date of this Policy.”

NIH Genomic Data Sharing Policy Implications of policy on broader use of genetic information? Can genetic information ever truly be de- identified? Does possible re-identification of genetic information make de-identification impossible?

Unintended Consequences – Business Associates You hire them and they want your data! Contract with Business Associate and Business Associate agreement permit Business Associate to de-identify data and/or create limited data set and use it for its own purposes. “What did that authorization say?"

Business Associates Sample Clause: “Covered Entity also understands and acknowledges that Business Associate may use, sell, rent and otherwise disseminate the XXXXX Data in aggregated, de-identified form for any purpose, or in the form of a Limited Data Set for public health, research or health care operations purposes, or in the form of analyses of such de-identified or Limited Data Set information, in its sole discretion, and that Covered Entity will not be entitled to any compensation for such use of XXXX Data.”

Unintended Consequences -- Research Collaborations Who is monitoring data transfers? From the formal to the very informal Is transfer covered by informed consent/authorization? Do you have appropriate data transfer agreements in place? Do your collaborators have appropriate data safeguards?

Unintended Consequences – Research Collaborations Big Data Sets – if you create them they will come. Chose your collaborators carefully. If you prepare data for litigation, be prepared to have to provide it to multiple parties. Examples: The C8 Project; Accutane Litigation

Questions ? Kristin H. West, J.D., M.S Assoc. VP for Research Admin. & Director, Office of Research Compliance Emory University Ste , 1599 Clifton Rd., N.E. Atlanta, GA (404)