Privacy and Security Considerations for Health Services Research (Technical Assistance Event)
Overall Purpose:
The regulatory environment surrounding the field of health IT is continually evolving. It is imperative for health researchers to stay apprised of the latest legal developments to ensure that research protocols are compliant and that all necessary data security precautions are in place. Health care regulation is complex, and while the Health Insurance Portability and Accountability Act (HIPAA) outlines essential requirements, other applicable privacy protections found in federal and state law, as well as in contracts and business policies, may call for stronger protection. In addition, data for certain populations, such as minors and patients receiving behavioral health and/or substance abuse services, are subject to increased regulatory protection. Health IT research often necessitates access to patients’ protected health information (PHI). PHI is inherently sensitive, and patients and providers alike have valid concerns about PHI being accessed by unauthorized individuals.
This Webinar provided an overview of the privacy and security issues of importance to health IT researchers and outlined approaches for researchers to ensure the security of patient data through appropriate policies and procedures governing their team’s use of and access to PHI. Additionally, technical considerations for data use and exchange, particularly as related to electronic health records (EHR) and health information exchange (HIE), were discussed.