50 likes | 70 Views
Learn about the essential duties of privacy officers in human research protection, including reviewing protocols, ensuring legal authority for data use, and collaborating with IRB committees.
E N D
Privacy Officer Core Responsibilities for Human Research Protection Stephania H. Griffin, RHIA, CIPP/G VHA Privacy Officer
Responsibility of the Privacy Officers • Non-voting Member of IRB or R&D Committee • Participate in IRB or R&C Committee meetings in order to review research documentation and raise privacy issues directly to IRB or the R&D Committee • Final Privacy Review of Research • Ensure legal authority exists prior to the use of Protected Health Information (PHI) for Research – must review: • Protocol and Informed Consent, if applicable; • HIPAA-compliant authorization; and/or • IRB approval of waiver of HIPAA-compliant authorization; and • Appropriate agreements in instances where contractors will have access to PHI.
Responsibilities of the Privacy Officers • Ensure legal authority exists prior to the disclosure of PHI to outside entities (e.g., study sponsor) for Research – must review: • HIPAA-compliant authorization or IRB approval of waiver of HIPAA-compliant authorization; • Authority exists for disclosure under Privacy Act and 38 USC 7332; and • Ensure process exists for the maintenance of an accounting of all disclosures resulting from the Research. • Ensure HIPAA-compliant Authorization is consistent with the Informed Consent. • Final Review Required after IRB approval of research study and/or approval of waiver of HIPAA-compliant authorization, if applicable.
Responsibilities of the Privacy Officers • Review each Protocol but not expected to understand all of the scientific language • Your expertise is needed in the privacy legal requirements arena • You are not approving the protocol • Look for certain elements in the Protocol related to data use and data protection • Look for inconsistencies • Seek answers to any questions from the Principal Investigator, Research Compliance Officer, Research and Development administrator • Communicate concerns/required changes to IRB or R&D • Review documents prior to the IRB meeting • Provided you get the protocol and documents in a timely fashion
Responsibilities of the Privacy Officer • Use the Research checklist as your road map • Not mandatory to use but should be using some tool that is comparable to the checklist • Use the checklist as your documenting tool to reflect changes to the protocol • The Privacy Officer has distinct responsibilities but must work collaboratively with the other parts of the research team to accomplish the goal of an approved research protocol.