Data Security & eirb Tips & Tricks School of Nursing Office of Research Affairs Brown Bag Series
|
|
- Sharlene Lindsey
- 8 years ago
- Views:
Transcription
1 Data Security & eirb Tips & Tricks School of Nursing Office of Research Affairs Brown Bag Series Denise Snyder, MS, RD, CSO, LDN Director, Research Management Team (RMT) Research Practices Manager, SON Site Based Research (SBR)
2 SBR Functions Responsible for the integrity, financial accountability, regulatory compliance, quality, and academic productivity of the projects conducted in their groups Provide day-to-day management of site-based research activities including: Feasibility assessment of potential studies Study selection decisions Personnel management (hiring/supervision) of nonfaculty research staff Protocol-specific training and study execution Financial management
3 How do Privacy and Confidentiality Differ? Privacy is about protecting the person Confidentiality is about protecting the private information (DATA) you collect or access
4 PHI 18 Identifiers Names All geographic subdivisions smaller than a state, including: street address, city, county, precinct, ZIP Code, and their equivalent geographical codes, except for the initial 3 digits of a ZIP Code if, according to the current publicly available data from the Bureau of the Census All elements of dates (except year) for dates directly related to an individual, including birth date, admission date, discharge date, date of death; and all ages over 89 and all elements of dates (including year) indicative of such age, except that such ages and elements may be aggregated into a single category of age 90 or older Telephone Number Fax Number Address Social Security number
5 PHI 18 Identifiers Medical Record number Health Plan Beneficiary number Account numbers Certificate/License number Vehicle Identifiers and Serial numbers (including license plates) Device identifiers and Serial numbers URL Address IP Address Biometric identifiers, like fingerprints and voiceprints Full-face Photos and Any Comparable Images Any other unique identifying number, characteristic or code
6 Data Security What does it mean? Securing systems & data behind the Duke firewall (HIPAA compliance) Scheduled backups (prevent loss of valuable data) communications (more than just password protection of your within Duke vs. leaving Duke) Partnering with your IT department (ensuring your data collection and storage methods conform to the HIPAA and institutional guidelines)
7 Know Your Data What are you storing? Do you have IRB approval for storing it? Where are you storing data? How do you send/transfer/transmit it? What systems or software are you using to collect data where are they located? Who has access to your data? What are they permitted to have access to? Who can administer your data? Only the PI or a chosen administrator can approve/ rescind access
8 Keep Data Where it s Safe Secure server (SED-PHI or Limited Access) Secure network (Duke is secured your desktop and laptop are not) Secure remote access (VPN or Citrix) Paper files should be stored in a locked cabinet in a locked room Never keep identifiable subject data on a laptop or a flash drive, desktop or any other portable media (unless it is encrypted by CITDL or an IRONKEY flashdrive)
9 Sensitive Electronic Information check the box, it will prompt the recipient for a password that they will set up and it takes them to a secure mail area to pick up the message.
10 Data Collection Tools Password encryption on MS Access or Excel is not HIPAA compliant (use SED folder) REDCap Electronic Data Capture database Survey tools do not use Survey Monkey for any sensitive electronic information (name, etc) Survey monkey is not backed up or stored behind the Duke firewall Alternative survey tools Viewsflash (requires knowledge of html) REDCap Survey (coming soon undergoing validation & testing)
11 REDCap Electronic Data Suitable for research projects with low to mediumlow complexity data collection requirements Targeting researchers currently using spreadsheets or MS Access to store data Advantages: System and data security Scheduled data backups HIPAA Compliance Web based access Knowledgeable support (RMT & DTMI)
12 REDCap Survey Designed to collect study participant self-report outcomes Survey results can be exported to MS Excel or a variety of statistical analysis packages Links to a survey may be distributed via or posted to a web page Responses may be kept anonymous or tracked by individual
13 First step log in
14 MyHome Workspace for Do you have dual roles (dept reviewer + study personnel)? Current Workspace tells you what hat you are wearing.
15 MyHome Items in Presubmission
16 NEW STUDY New Study Application (submitting a new study) All Other Studies PI or Key Personnel
17 Approved Studies
18 Current Status of Study View Study Create New or Actions Available Expiration Date Approval initial review
19 Use these tabs to look at information related to this study
20 Study Documents
21
22 Choose amendment that you want to view
23 Status of Amendment #9 View Amendment #9 View Current Approved Study View Modified Study (changes made during the amendment)
24
25
26 Expiration dates you can find your current expiration date on your CR and in your original study workspace Select the most recent continuing renewal (CR#) to pull your approval notice-click [view]
27 For NEW studies If research is done at Duke (this can be at SON, in DUHS, in clinic etc), select yes, otherwise choose no (e.g. receiving deidentified data from another site such as UNC nothing is done here).
28 For NEW studies exempt or those requiring review all studies belonging to SON SBR should check YES to: Does this study require SBR oversight for any other reason?
29 Studies In Progress A Submission that I m working on
30 Status of In Progress Study View/Edit Study to continue to work on your new study prior to submission Actions Available important to choose submit when you are ready for it to go to Dept Review/IRB
31 Here s a shortcut to jump through to specific pages
32 Choose Regular Study Application unless you think your study meets exemption
33 These gray boxes give instructions and links to forms
34 Upload research summary here when adding New documents choose Add when you are amending or making changes to the current document, you should use Edit and indicate those edits by track changes - When you select Edit this box pops up allowing you to browse to find the file you want to upload in this document s place
35 Making changes to key personnel This button is used for changing key personnel s role on the study or edit rights for eirb To add new key personnel or remove people who ve moved on choose Personnel Change Request
36 eirb Homepage Forms-download current renewal forms, consent templates, etc MyHome your study workspace
37 Important links & information DUSONnet IT tools NewFolder/Access Duke IRB main page policies, contacts Duke eirb page all study paperwork is managed here HRPP (CITI) training
38 Thank you! Contacts for questions: Denise Snyder (SBR Research Practices) Leslie Fife (SON ORA Administrator) Glenn Setliff (Director, CITDL) Scott Neal (Data Security CITDL) Kasie Barrett (SON IRB Specialist)
HIPAA ephi Security Guidance for Researchers
What is ephi? ephi stands for Electronic Protected Health Information (PHI). It is any PHI that is stored, accessed, transmitted or received electronically. 1 PHI under HIPAA means any information that
More informationHIPAA COMPLIANCE. What is HIPAA?
HIPAA COMPLIANCE What is HIPAA? The Health Insurance Portability and Accountability Act (HIPAA) also known as the Privacy Rule specifies the conditions under which protected health information may be used
More informationHIPAA COMPLIANCE INFORMATION. HIPAA Policy
HIPAA COMPLIANCE INFORMATION HIPAA Policy Use of Protected Health Information for Research Policy University of North Texas Health Science Center at Fort Worth Applicability: All University of North Texas
More informationHIPAA-Compliant Research Access to PHI
HIPAA-Compliant Research Access to PHI HIPAA permits the access, disclosure and use of PHI from a HIPAA Covered Entity s or HIPAA Covered Unit s treatment, payment or health care operations records for
More informationStatement of Policy. Reason for Policy
Table of Contents Statement of Policy 2 Reason for Policy 2 HIPAA Liaison 2 Individuals and Entities Affected by Policy 2 Who Should Know Policy 3 Exclusions 3 Website Address for Policy 3 Definitions
More informationUniversity of Cincinnati Limited HIPAA Glossary
University of Cincinnati Limited HIPAA Glossary ephi System A system that creates accesses, transmits or receives: 1) primary source ephi, 2) ephi critical for treatment, payment or health care operations
More informationQOPI CERTIFICATION PROGRAM
QOPI CERTIFICATION PROGRAM QCP Initial Chart Documentation Submission Guide American Society of Clinical Oncology 2318 Mill Rd., Suite 800 Alexandria, VA 22314 E: qopicertification@asco.org http://qopi.asco.org/certification
More informationLA BioMed Secure Email
INFORMATION SYSTEMS LA BioMed Secure Email Los Angeles Biomedical Research Institute at Harbor-UCLA 1124 W Carson St Bldg E2.5 Phone 310.222.1212 Table of Contents Intended Audience... 1 Purpose... 1 When
More informationHealth Insurance Portability & Accountability Act (HIPAA) Compliance Application
Health Insurance Portability & Accountability Act (HIPAA) Compliance Application IRB Office 101 - Altru Psychiatry Center 860 S. Columbia Rd, Grand Forks, North Dakota 58201 Phone: (701) 780-6161 PROJECT
More informationAdministrative Services
Policy Title: Administrative Services De-identification of Client Information and Use of Limited Data Sets Policy Number: DHS-100-007 Version: 2.0 Effective Date: Upon Approval Signature on File in the
More informationHow to De-identify Data. Xulei Shirley Liu Department of Biostatistics Vanderbilt University 03/07/2008
How to De-identify Data Xulei Shirley Liu Department of Biostatistics Vanderbilt University 03/07/2008 1 Outline The problem Brief history The solutions Examples with SAS and R code 2 Background The adoption
More informationWhat is Covered by HIPAA at VCU?
What is Covered by HIPAA at VCU? The Privacy Rule was designed to protect private health information from incidental disclosures. The regulations specifically apply to health care providers, health plans,
More informationApplication for an Off-Site Tissue Banking Waiver at a Non-Profit or Academic Institution
Application for an Off-Site Tissue Banking Waiver at a Non-Profit or Academic Institution INSTRUCTIONS This form may be filled in and saved using Adobe Reader version 7.0 or higher. The full version of
More informationHIPAA-G04 Limited Data Set and Data Use Agreement Guidance
HIPAA-G04 Limited Data Set and Data Use Agreement Guidance GUIDANCE CONTENTS Scope Reason for the Guidance Guidance Statement Definitions ADDITIONAL DETAILS Additional Contacts Web Address Forms Related
More informationHIPAA-P06 Use and Disclosure of De-identified Data and Limited Data Sets
HIPAA-P06 Use and Disclosure of De-identified Data and Limited Data Sets FULL POLICY CONTENTS Scope Policy Statement Reason for Policy Definitions ADDITIONAL DETAILS Web Address Forms Related Information
More informationMemorandum. Factual Background
Memorandum TO: FROM: SUBJECT: Chris Ianelli and Jill Mullan, ispecimen, Inc. Kristen Rosati and Ana Christian, Polsinelli, PC ispecimen Regulatory Compliance DATE: January 26, 2014 You have asked us to
More informationDe-Identification of Health Data under HIPAA: Regulations and Recent Guidance" " "
De-Identification of Health Data under HIPAA: Regulations and Recent Guidance" " " D even McGraw " Director, Health Privacy Project January 15, 201311 HIPAA Scope Does not cover all health data Applies
More informationIRB Policy for Security and Integrity of Human Research Data
IRB Policy for Security and Integrity of Human Research Data Kathleen Hay Human Subjects Protection Office Terri Shkuda Research Informatics & Computing, Information Technology Overview of Presentation
More informationHIPAA OVERVIEW ETSU 1
HIPAA OVERVIEW ETSU 1 What is HIPAA? Health Insurance Portability and Accountability Act. 2 PURPOSE - TITLE II ADMINISTRATIVE SIMPLIFICATION To increase the efficiency and effectiveness of the entire health
More informationUPMC POLICY AND PROCEDURE MANUAL
UPMC POLICY AND PROCEDURE MANUAL POLICY: INDEX TITLE: HS-EC1807 Ethics & Compliance SUBJECT: Honest Broker Certification Process Related to the De-identification of Health Information for Research and
More informationHIPAA and You The Basics
HIPAA and You The Basics The Purpose of HIPAA Privacy Rules 1. Provide strong federal protections for privacy rights Ensure individual trust in the privacy and security of his or her health information
More informationHIPAA 101: Privacy and Security Basics
HIPAA 101: Privacy and Security Basics Purpose This document provides important information about Kaiser Permanente policies and state and federal laws for protecting the privacy and security of individually
More informationSCHOOL OF PUBLIC HEALTH. HIPAA Privacy Training
SCHOOL OF PUBLIC HEALTH HIPAA Privacy Training Public Health and HIPAA This presentation will address the HIPAA Privacy regulations as they effect the activities of the School of Public Health. It is imperative
More informationData Security in a Mobile, Cloud-Based World
Data Security in a Mobile, Cloud-Based World Jacob Buckley-Fortin CEO ehana What we ll cover Trends Risks Recommendations 1 Trends Mobile Has Taken Over Trend #1 2 3 450 million users worldwide Adopted
More informationTips for Investigators ~eirb Submissions~ Department of Emergency Medicine Research Division. *Edwin D. Boudreaux, PhD; EM Division Director
Tips for Investigators ~eirb Submissions~ Department of Emergency Medicine Research Division *Edwin D. Boudreaux, PhD; EM Division Director * Virginia Ginger Mangolds, MS, FNP-C, BSEd. RN, CEN; EM Division
More informationResearch Electronic Data Capture (REDCap)
Research Electronic Data Capture (REDCap) An Introduction and Training Seminar Kenna Whitley Center for Research Methods and Data Analysis What is REDCap? A secure, web based electronic data capture system
More informationHIPAA Medical Billing Requirements For Research
The Health Insurance Portability and Accountability Act (HIPAA) Excerpted from the UTC IRB Policy June 2008 Table of Contents PART V: The Health Insurance Portability and Accountability Act (HIPAA)...
More informationIRB Application for Medical Records Review Request
Office of Regulatory Research Compliance Institutional Review Board FORM B1 : Medial Records Review Application FORM B1 IRB Application for Medical Records Review Request Principal Investigator: Email:
More informationIDAHO STATE UNIVERSITY POLICIES AND PROCEDURES (ISUPP) HIPAA Privacy - De-identification of PHI 10030
IDAHO STATE UNIVERSITY POLICIES AND PROCEDURES (ISUPP) HIPAA Privacy - De-identification of PHI 10030 POLICY INFORMATION Major Functional Area (MFA): MFA X - Office of General Counsel & Compliance Policy
More informationBUMC Clinical Research Seminar: What would YOU do? Put your IRB hat on!
BUMC Clinical Research Seminar: What would YOU do? Put your IRB hat on! Mary-Tara Roth, RN, MSN, MPH BUMC Clinical Research Resources Office (CRRO) Mary Banks, RN, BSN Senior Analyst II, BUMC IRB September
More informationEverett School Employee Benefit Trust. Reportable Breach Notification Policy HIPAA HITECH Rules and Washington State Law
Everett School Employee Benefit Trust Reportable Breach Notification Policy HIPAA HITECH Rules and Washington State Law Introduction The Everett School Employee Benefit Trust ( Trust ) adopts this policy
More informationDoctor of Nursing Practice The Practice Improvement Project Guidelines: Requirements to Complete the DNP
Doctor of Nursing Practice The Practice Improvement Project Guidelines: Requirements to Complete the DNP Introduction All Medical University of South Carolina (MUSC) School of Nursing Doctor of Nursing
More informationDe-Identification of Clinical Data
De-Identification of Clinical Data Sepideh Khosravifar, CISSP Info Security Analyst IV TEPR Conference 2008 Ft. Lauderdale, Florida May 17-21, 2008 1 1 Slide 1 cmw1 Craig M. Winter, 4/25/2008 Background
More informationHIPAA Compliance for Students
HIPAA Compliance for Students The Health Insurance Portability and Accountability Act (HIPAA) was passed in 1996 by the United States Congress. It s intent was to help people obtain health insurance benefits
More informationHIPAA POLICY REGARDING DE-IDENTIFICATION OF PROTECTED HEALTH INFORMATION AND USE OF LIMITED DATA SETS
HIPAA POLICY REGARDING DE-IDENTIFICATION OF PROTECTED HEALTH INFORMATION AND USE OF LIMITED DATA SETS SCOPE OF POLICY: What Units Are Covered by this Policy?: This policy applies to the following units
More informationThe HIPAA privacy rule and long-term care : a quick guide for researchers
Scholarly Commons at Miami University http://sc.lib.miamioh.edu Scripps Gerontology Center Scripps Gerontology Center Publications The HIPAA privacy rule and long-term care : a quick guide for researchers
More informationThe following list consists of a few tips and tricks to use when navigating eirb.
TIPS/TRICKS The following list consists of a few tips and tricks to use when navigating eirb. GENERAL Submitting applications Only the PI can submit applications. However, the Study Coordinator can submit
More informationChildren's Hospital, Boston (Draft Edition)
Children's Hospital, Boston (Draft Edition) The Researcher's Guide to HIPAA Evervthing You Alwavs Wanted to Know About HIPAA But Were Afraid to Ask 1. What is HIPAA? 2. What is the Privacy Rule? 3. What
More informationDe-identification Koans. ICTR Data Managers Darren Lacey January 15, 2013
De-identification Koans ICTR Data Managers Darren Lacey January 15, 2013 Disclaimer There are several efforts addressing this issue in whole or part Over the next year or so, I believe that the conversation
More informationProtecting Personal Health Information in Research: Understanding the HIPAA Privacy Rule
AA Privacy RuleP DEPARTMENT OF HE ALTH & HUMAN SERVICES USA Protecting Personal Health Information in Research: Understanding the HIPAA Privacy Rule NIH Publication Number 03-5388 The HI Protecting Personal
More informationIRB, HIPAA, and Clinical Research
IRB, HIPAA, and Clinical Research A presentation by CHS Privacy and Security Offices UAB Institutional Review Board UAB Health System UAB/UABHS HIPAA Operations Team 1 Getting Started HIPAA 2 3 A Quick
More informationWinthrop-University Hospital
Winthrop-University Hospital Use of Patient Information in the Conduct of Research Activities In accordance with 45 CFR 164.512(i), 164.512(a-c) and in connection with the implementation of the HIPAA Compliance
More informationDe-Identification of Clinical Data
De-Identification of Clinical Data Sepideh Khosravifar, CISSP Info Security Analyst IV Tyrone Grandison, PhD Manager, Privacy Research, IBM TEPR Conference 2008 Ft. Lauderdale, Florida May 17-21, 2008
More informationHIPAA and Clinical Research
To Heal. To Teach. To Discover. HIPAA and Clinical Research 2011 Training Jennifer Edlind, UH Privacy Officer Ryan Terry, UH Information Security Officer 1 Agenda Research credentialing overview HIPAA
More informationPOLIC ANDP CEDURE. t/ 1 vhi4. Email Encryption 11/10/2018. Effective: 12/9/2015. HIPAA/Privacy. Policy. Last New policy Revised: Policy# 11.
Page 11 of 8 ALCOHOL, DRUG AND POLIC ANDP E T AL HEAL TH SERVICES CEDURE Section Sub-section Policy Compliance HIPAA/Privacy Policy# 11.xxx Email Encryption Director's Approval -+~,..._._-~"---------------
More informationYALE UNIVERSITY RESEARCHER S GUIDE TO HIPAA. Health Insurance Portability and Accountability Act of 1996 Handbook
YALE UNIVERSITY RESEARCHER S GUIDE TO HIPAA Health Insurance Portability and Accountability Act of 1996 Handbook Table of Contents I. INTRODUCTION... 2 What is HIPAA?... 2 What is PHI?... 2 II. HIPAA s
More informationHIPAA PRIVACY AND SECURITY STANDARDS CITY COMPLIANCE
Important: Conducting an assessment of your health plan(s) is the first step to determining HIPAA compliance. You will need to conduct a separate assessment for each of your health plans. (Please be aware
More informationJanuary 2003. Employers must be prepared for their obligations under the HIPAA Privacy Rules
Employer Sponsored Group Health Plans and the HIPAA Privacy Rules Employers must be prepared for their obligations under the HIPAA Privacy Rules January 2003 Bob Radecki KnowHIPAA.com HIPAA-COBRA-FMLA
More informationUniversity of Mississippi Medical Center Office of Integrity and Compliance
Office of Integrity and Effective Date: 2005 By: Committee 1.0 PURPOSE The purpose of this policy is to guide (UMMC) employees, who are involved with research, in obtaining an authorization for the use
More informationPROTECTED HEALTH INFORMATION AND THE JHSPH
PROTECTED HEALTH INFORMATION AND THE JHSPH The Health Insurance Portability and Accountability Act (HIPAA) protects individually identifiable health information, or Protected Health Information ( PHI ),
More informationData Security Basics: Helping You Protect You
Data Security Basics: Helping You Protect You Why the Focus on Data Security? Because ignoring it can get you: Fined Fired Criminally Prosecuted It can also impact your ability to get future funding, and
More informationA. HIPAA Privacy Authorizations and Exceptions for Use of Identifiable Protected Health Information
Protected Health Information and the JHSPH The Health Insurance Portability and Accountability Act (HIPAA) protects individually identifiable health information, or Protected Health Information ( PHI ),
More informationINDIANA UNIVERSITY SCHOOL OF OPTOMETRY HIPAA COMPLIANCE PLAN TABLE OF CONTENTS. I. Introduction 2. II. Definitions 3
INDIANA UNIVERSITY SCHOOL OF OPTOMETRY HIPAA COMPLIANCE PLAN TABLE OF CONTENTS I. Introduction 2 II. Definitions 3 III. Program Oversight and Responsibilities 4 A. Structure B. Compliance Committee C.
More informationNorth Shore LIJ Health System, Inc. Facility Name
North Shore LIJ Health System, Inc. Facility Name POLICY TITLE: The Medical Record POLICY #: 200.10 Approval Date: 2/14/13 Effective Date: Prepared by: Elizabeth Lotito, HIM Project Manager ADMINISTRATIVE
More informationCREATIVE SOLUTIONS IN HEALTHCARE, INC. Privacy Policy
CREATIVE SOLUTIONS IN HEALTHCARE, INC. Privacy Policy Amended as of February 12, 2010 on the authority of the HIPAA Privacy Officer for Creative Solutions in Healthcare, Inc. TABLE OF CONTENTS ARTICLE
More informationIntroduction. Purpose. Reference. Applicability. HIPAA Policy 7.1. Safeguards to Protect the Privacy of PHI
Office of Regulatory Compliance 13001 E. 17 th Place, Suite W1124 Mail Stop F497 Aurora, CO 80045 Main Office: 303-724-1010 Main Fax: 303-724-1019 HIPAA Policy 7.1 Title: Source: Prepared by: Approved
More informationBUSINESS ASSOCIATE AGREEMENT HIPAA Protected Health Information
BUSINESS ASSOCIATE AGREEMENT HIPAA Protected Health Information I. PREAMBLE ( Covered Entity ) and ( Business Associate ) (jointly the Parties ) wish to enter into an Agreement to comply with the requirements
More informationHow to Create a New Clinical Research Study
How to Create a New Clinical Research Study 1 Contents 1. Create a Submission for an Existing eirb Study... 3 2. Create a New Submission in eirb... 4 3. CRMS Clinical Research Study... 5 4. Uploading a
More informationTitle 56 Insurance Chapter 2 Insurance Companies Part 1 General Requirements for Doing Business. Tenn. Code Ann. 56-2-125 (2014)
Title 56 Insurance Chapter 2 Insurance Companies Part 1 General Requirements for Doing Business Tenn. Code Ann. 56-2-125 (2014) 56-2-125. Establishment and maintenance of an all payer claims database --
More informationDonna S. Sheperis, PhD, LPC, NCC, CCMHC, ACS Sue Sadik, PhD, LPC, NCC, BC-HSP Carl Sheperis, PhD, LPC, NCC, MAC, ACS
Donna S. Sheperis, PhD, LPC, NCC, CCMHC, ACS Sue Sadik, PhD, LPC, NCC, BC-HSP Carl Sheperis, PhD, LPC, NCC, MAC, ACS 1 DISCLAIMER Please review your own documentation with your attorney. This information
More informationProtecting Privacy & Security in the Health Care Setting
2013 Compliance Training for Contractors and Vendors Module 3 Protecting Privacy & Security in the Health Care Setting For Internal Training Purposes Only. After completing this training, learners will
More informationInformation Security and Privacy. WHAT is to be done? HOW is it to be done? WHY is it done?
Information Security and Privacy WHAT is to be done? HOW is it to be done? WHY is it done? 1 WHAT is to be done? O Be in compliance of Federal/State Laws O Federal: O HIPAA O HITECH O State: O WIC 4514
More informationITS Policy Library. 11.06 - Device Encryption. Information Technologies & Services
ITS Policy Library 11.06 - Device Encryption Information Technologies & Services Responsible Executive: Chief Information Officer, WCMC Original Issued: July 15, 2008 Last Updated: November 21, 2014 POLICY
More informationHIPAA 100 Training Manual Table of Contents. V. A Word About Business Associate Agreements 10
HIPAA 100 Training Manual Table of Contents I. Introduction 1 II. Definitions 2 III. Privacy Rule 5 IV. Security Rule 8 V. A Word About Business Associate Agreements 10 CHICAGO DEPARTMENT OF PUBIC HEALTH
More informationHIPAA PRIVACY DIRECTIONS. HIPAA Privacy/Security Personal Privacy. What is HIPAA? 6/28/2012
DIRECTIONS HIPAA Privacy/Security Personal Privacy Catholic Charities On-line Training July 2012 1. Read through entire online training presentation 2. Close the presentation and click on Online Trainings
More informationResearch Coordinator - PI s who have research coordinators or secretarial support can designate individuals to manage their IRB protocols in Mentor.
Mentor Online IRB System IRB s require lots of documentation and managing this process can get to be a burden for both investigators and the IRB committee and administrator. The Mentor IRB system is designed
More informationSecurity standards PCI-DSS, HIPAA, FISMA, ISO 27001. End Point Corporation, Jon Jensen, 2014-07-11
Security standards PCI-DSS, HIPAA, FISMA, ISO 27001 End Point Corporation, Jon Jensen, 2014-07-11 PCI DSS Payment Card Industry Data Security Standard There are other PCI standards beside DSS but this
More informationHIPAA Privacy and Security
HIPAA Privacy and Security Course ID: 1020 - Credit Hours: 2 Author(s) Kevin Arnold, RN, BSN Accreditation KLA Education Services LLC is accredited by the State of California Board of Registered Nursing,
More informationGetting Through The Approval Process
Getting Through The Approval Process Objectives Discuss why it is necessary to get informal and formal approvals Describe the documents that DUHS IRB requires for approval Describe definitions of IRB and
More informationTriageLogic Information Security Policy
TriageLogic Information Security Policy What is HIPAA, and what information is protected by it? HIPAA, short for the United States Health Insurance Portability and Accountability Act, is a set of standards
More informationUniversity of Pittsburgh Data Center Information Security
University of Pittsburgh Department of Critical Care Medicine CRISMA Center Data Management Core Standard Operating Procedures University of Pittsburgh Data Center Information Security CRISMA Data Management
More information4. No accounting of disclosures is required with respect to disclosures of PHI within a Limited Data Set.
IDAHO STATE UNIVERSITY POLICIES AND PROCEDURES (ISUPP) HIPAA Privacy - Limited Data Sets and Data Use Agreements 10200 POLICY INFORMATION Major Functional Area (MFA): MFA X - Office of General Counsel
More informationExtracting value from HIPAA Data James Yaple Jackson-Hannah LLC
Extracting value from HIPAA Data James Yaple Jackson-Hannah LLC Session Objectives Examine the value of realistic information in research and software testing Explore the challenges of de-identifying health
More informationCITY OF BLOOMINGTON VOLUNTEER NETWORK. www.bloomington.in.gov/volunteer. Volunteer Solutions Users Guide
CITY OF BLOOMINGTON VOLUNTEER NETWORK www.bloomington.in.gov/volunteer Volunteer Solutions Users Guide VOLUNTEER SOLUTIONS Users Guide City of Bloomington Volunteer Network 401 N. Morton St. Suite 260
More informationWatchDox for Windows User Guide. Version 3.9.0
Version 3.9.0 Notice Confidentiality This document contains confidential material that is proprietary WatchDox. The information and ideas herein may not be disclosed to any unauthorized individuals or
More informationData Driven Approaches to Prescription Medication Outcomes Analysis Using EMR
Data Driven Approaches to Prescription Medication Outcomes Analysis Using EMR Nathan Manwaring University of Utah Masters Project Presentation April 2012 Equation Consulting Who we are Equation Consulting
More informationLegal Insight. Big Data Analytics Under HIPAA. Kevin Coy and Neil W. Hoffman, Ph.D. Applicability of HIPAA
Big Data Analytics Under HIPAA Kevin Coy and Neil W. Hoffman, Ph.D. Privacy laws and regulations such as the Health Insurance Portability and Accountability Act (HIPAA) Privacy Rule can have a significant
More information8/3/2015. Integrating Behavioral Health and HIV Into Electronic Health Records Communities of Practice
Integrating Behavioral Health and HIV Into Electronic Health Records Communities of Practice Monday, August 3, 2015 1 How to ask a question during the webinar If you dialed in to this webinar on your phone
More informationHIPAA Privacy & Breach Notification Training for System Administration Business Associates
HIPAA Privacy & Breach Notification Training for System Administration Business Associates Barbara M. Holthaus privacyofficer@utsystem.edu Office of General Counsel University of Texas System April 10,
More informationCompliance Program and HIPAA Training For First Tier, Downstream and Related Entities
Compliance Program and HIPAA Training For First Tier, Downstream and Related Entities 09/2011 Training Goals In this training you will gain an understanding of: Our Compliance Program elements Pertinent
More informationComputer Security Incident Response Plan. Date of Approval: 23- FEB- 2015
Name of Approver: Mary Ann Blair Date of Approval: 23- FEB- 2015 Date of Review: 22- FEB- 2015 Effective Date: 23- FEB- 2015 Name of Reviewer: John Lerchey Table of Contents Table of Contents... 2 Introduction...
More informationSJÖGREN S INTERNATIONAL COLLABORATIVE CLINICAL ALLIANCE (SICCA) BIOREPOSITORY AND DATA REGISTRY DATA MANAGEMENT PLAN
1 SJÖGREN S INTERNATIONAL COLLABORATIVE CLINICAL ALLIANCE (SICCA) BIOREPOSITORY AND DATA REGISTRY DATA MANAGEMENT PLAN 1. Database Overview The SICCA database includes the Clinical Database, the Biorepository
More informationDropSend Getting Started Guide
DropSend Getting Started Guide DropSend Ltd. 2012 Step 1: How to send a file without registration If you want to quickly send a large file, you can do it from the homepage in just a couple of clicks. Here
More informationIRB Month Investigator Meeting April 2014
April 2014 AUDITS TRENDS EMR COMPLIANCE PRACTICES EMR FEDERAL REGULATIONS MONITORING REGULATORY SECURITY THREATS ACADEMI CINA BREACHES REVIEW COMPUTING MOBILE CLOUD HIPAA CENTER OPERATION S RESEARCH C
More informationU.S. Department of Health and Human Services (HHS) The Office of the National Coordinator for Health Information Technology (ONC)
U.S. Department of Health and Human Services (HHS) The Office of the National Coordinator for Health Information Technology (ONC) Security Risk Assessment (SRA) Tool User Guide Version Date: March 2014
More informationVirginia Commonwealth University Information Security Standard
Virginia Commonwealth University Information Security Standard Title: Scope: Data Classification Standard This document provides the classification requirements for all data generated, processed, stored,
More informationthe American Recovery and Reinvestment Act of 2009
Policy Title: Policy Number: HIPAA Information 9.1.10 Security Category: Effective Date: Policy Owner: Information 10/01/2013 Sr. VP Academic Affairs Technology Prior Effective Date: & Provost N/A Sr.
More informationHIPAA TRAINING. A training course for Shiawassee County Community Mental Health Authority Employees
HIPAA TRAINING A training course for Shiawassee County Community Mental Health Authority Employees WHAT IS HIPAA? HIPAA is an acronym that stands for Health Insurance Portability and Accountability Act.
More informationDe-identification, defined and explained. Dan Stocker, MBA, MS, QSA Professional Services, Coalfire
De-identification, defined and explained Dan Stocker, MBA, MS, QSA Professional Services, Coalfire Introduction This perspective paper helps organizations understand why de-identification of protected
More informationHuman Subject Research: HIPAA Privacy and Security. Human Research Academy 101
Human Subject Research: HIPAA Privacy and Security Human Research Academy 101 Your Enterprise Privacy Officer Christine Adams, CHC, CHPC Enterprise Privacy Officer Compliance & Enterprise Risk Management
More information2014 Core Training 1
2014 Core Training 1 Course Agenda Review of Key Privacy Laws/Regulations: Federal HIPAA/HITECH regulations State privacy laws Privacy & Security Policies & Procedures Huntsville Hospital Health System
More informationCommonwealth of Massachusetts Center for Health Information & Analysis (CHIA) Non-Governmental Application for Case Mix Data
Commonwealth of Massachusetts Center for Health Information & Analysis (CHIA) Non-Governmental Application for Case Mix Data This form is to be used by all applicants, except Government Agencies, as defined
More informationTips for Wireless VPN
Tips for Wireless VPN Before you take your laptop out of office to use VPN for the first time, please perform the following steps: Right click on My Network Places on your desktop. Left click on Properties.
More informationPROGRAM TO PREVENT, DETECT & MITIGATE IDENTITY THEFT
Office of Employee Benefits Administrative Manual PROGRAM TO PREVENT, DETECT & MITIGATE IDENTITY THEFT 150 EFFECTIVE DATE: AUGUST 1, 2009 REVISION DATE: PURPOSE: Ensure that the Office of Employee Benefits
More informationHIPAA SELF STUDY TRAINING GUIDE
HIPAA SELF STUDY TRAINING GUIDE I have received the LifeWays HIPAA SELF STUDY TRAINING GUIDE. I understand that I will be accountable for the information contained in the guide. If I have questions I may
More informationDepartment of Alcohol & Drug Programs. Information Management Services Division (IMSD) EMAIL ENCRYPTION INSTRUCTIONS
Department of Alcohol & Drug Programs (IMSD) EMAIL ENCRYPTION INSTRUCTIONS July 1, 2010 Why Do We Need Email Encryption? Code of Regulations, Title 45, Subtitle A, Part 164 The Health Insurance Portability
More informationGETTING STARTED ON THE WINDOWS SERVICE A GUIDE FOR NEW STAFF MEMBERS
Your Login ID: GETTING STARTED ON THE WINDOWS SERVICE A GUIDE FOR NEW STAFF MEMBERS CONTENTS 1.0 Introduction... 3 1.1 Welcome to Edinburgh Napier University from Information Services!... 3 1.2 About Information
More informationLimited Data Set Background Information
Limited Data Set Background Information 1. A limited data set is protected health information that excludes certain identifiers but permits the use and disclosure of more identifiers than in a de-identified
More informationDATA BREACHES: HOW TO AVOID THEM AND WHAT TO DO IF IT HAPPENS. Emory IRB Webinar January 8, 2015
DATA BREACHES: HOW TO AVOID THEM AND WHAT TO DO IF IT HAPPENS Emory IRB Webinar January 8, 2015 ACKNOWLEDGMENTS Thanks to Kris West for the information provided for this webinar DEFINITIONS Protected Health
More information