The purpose of this article is to describe implications of the Health Information
Portability and Accountability Act of 1996 (HIPAA) for nurses engaged in human and
health services research. In general, a person’s private health information (PHI)
may only be disclosed for treatment, payment, and business procedures related to healthcare
service delivery. Access and/or use of the same information for research purposes
necessitates another layer of review and may require a separate process of authorization.
A brief historical overview of regulatory requirements regarding health information
privacy and security standards for the electronic transformation of data and protection
of electronically kept medical records is discussed and related to the role and responsibilities
of researchers and organizations where research is conducted. In addition, a generic
document template adaptable for use by an individual or organization is presented
that can provide a quick, systematic review of HIPAA compliance when a research proposal
is being developed or is received that seeks access to PHI.
To read this article in full you will need to make a payment
Purchase one-time access:
Academic & Personal: 24 hour online accessCorporate R&D Professionals: 24 hour online accessOne-time access price info
- For academic or personal research use, select 'Academic and Personal'
- For corporate R&D use, select 'Corporate R&D Professionals'
Subscribe:
Subscribe to Nursing OutlookAlready a print subscriber? Claim online access
Already an online subscriber? Sign in
Register: Create an account
Institutional Access: Sign in to ScienceDirect
References
Pub.L.No.104-191, 110 Stat. 2023 (1996), 42 U.S.C. 1320 (d)-3.
Standards for Privacy of Individually Identifiable Health Information (45 CFR Parts 160 and 164). Available from: URL: http://www.hhs.gov/ocr/hipaa/privacy.html. Accessed February 5, 2003.
- HIPAA regulations - a new era of medical-record privacy.New England J Med. 2003; 348: 1486-1490
- HIPAA.Policy, Politics Nurs Practice. 2001; 2: 29-32
HHS News (1998). HHS proposes security standards for electronic health data. Available from: URL:http://aspe.os.dhhs.gov/admnsimp/nprm/press3.htm. Accessed December 12, 2003.
- No end in sight for final rules on medical privacy.Hastings Center Report. 2001; 31: 8
- Personal privacy in an information society. Government Printing Office, Washington, DC1997
Workgroup for electronic data interchange. Available from: URL: http://www.wedi.org/. Accessed April 16, 2003.
- Committee on the Role of Institutional Review Boards in Health Services Research Data Privacy Protection/Division of Health Care Services. Protecting data privacy in health services research. National Academy Press, Washington, DC2000 (Available at: http://www.nap.edu/openbook/0309071879/html/R1.html. Accessed December 10, 2003)
- Protecting medical privacy in a digital age. 2003 (Available at: http://www.surfcontrol.com/resources/hipaa/HIPAA_Whitepaper.pdf Accessed April 2)
- The managed health care handbook. Aspen Publications, Gaithersburg, MD1996
- The effect of the new federal medical-privacy rule on research.New England J Med. 2002; 346: 201-205
- Medical privacy and medical research—judging the new federal regulations.New England Journal of Medicine. 2002; 346: 216-221
- Medical research community registers complaints about HIPAA privacy rule.AHA News. 2001; 37: 8
- Navigating the road to implementation of the health insurance portability and accountability act.Am J Public Hlth. 2003; 93: 1806-1808
HIPAA privacy rule & public heath: guidance from the CDC & US DHHS Biomedical Market Newsletter/April 30 2003/report originated in the epidemiology program office, Thacker, S.B. Director. Copyright Biomedical Market Newsletter, INC.
- When privacy and the public good collide—does the collection of heath data for research harm individual patients?2003 (Postgraduate Medicine (2003) online. Available at: http://www.postgradmed.com/issues/2003/05_03/editorial_may.html. Accessed December 15)
Hanken MA, Kuruc J. (Speakers). (2003) The Impact of the HIPAA Privacy Rule on Clinical Research. (Audio Seminar Series 1 July 2003). American Health Information Management Association.
- Early experience with new federalism in health insurance regulations.Hlth Affairs. 2000; 19: 7-22
- Employee benefits security administration fact sheet. 2004 (Available at: http://www.dol.gov/ebsa/newsroom/fscobra.html. Accessed January 16)
- HIPAA’s latest privacy rule.Policy Politics Nurs Practice. 2003; 4: 75-78
- Administrative simplification in the health care industry. 2004 (Available at: http://aspe.hhs.gov/admnsimp/. Accessed January 23)
- The HIPAA Privacy Rule.Hlthcare Financial Management. 2002; 56: 50-55
- HIPAA. 2003 (Available at: http://www.hhs.gov/ocr/HIPAA. Accessed July 18)
- HIPAA privacy rule and public health.MMWR. 2003; 52 (Early Release): 1-20
- Protecting personal health information in research. 2004 (NIH Publication Number 03-5388. Available at: http://privacyruleandresearch.nih.gov. Accessed February 5)
- Get on board with HIPAA privacy regulations.Nursing Management. 2002; 33: 28-31
- The challenges of developing a modern cardiac research program.Critical Care Nursing Quarterly. 2002; 25: 105-109
- The Belmont Report. 2003 (Available at: http://ohsr.od.nih.gov/guidelines/belmont.html. Accessed December 18)
- Confidentiality in medicine—a decrepit concept.New England J Med. 1982; 307: 1518-1521
- How research will adapt to HIPAA.American Journal of Law & Medicine. 2002; 28: 491-503
Biography
Kathryn E. Artnak is an Associate Professor at Angelo State University Department of Nursing, San Angelo, TX.
Biography
Margaret Benson is Director of Health Information Management and Privacy Officer at Shannon Medical Center, San Angelo, TX.
Article info
Identification
Copyright
© 2005 Elsevier Inc. Published by Elsevier Inc. All rights reserved.
