HIPAA Security & Privacy
The Health Insurance Portability and Accountability Act of 1996 (HIPAA) was enacted to protect the privacy and security of healthcare information and to promote more standardization and efficiency in healthcare.
The Administrative Simplification provisions of HIPAA require the following for healthcare providers, health plans and healthcare clearinghouses:
- Electronic transactions and code sets standards requirements
- Privacy requirements
- Security requirements
- National identifier requirements
For clinical research, the privacy and security requirements of HIPAA are most relevant.
Privacy Requirements: The privacy requirements limit the release of patient protected health information (PHI) without the patient’s knowledge and consent beyond that required for patient care. Patient’s personal information must be more securely guarded and more carefully handled when conducting the business of health care.
Security Requirements: The security regulation outlines the minimum administrative, technical, and physical safeguards required to prevent unauthorized access to protected health care information.
Within the OpenClinica platform, all privacy and security provisions of the HIPAA guidelines are carefully addressed. We describe both requirements in more detail and their implications for clinical research. This section provides a general overview for investigators and institutions that may or may not be covered entities under the HIPAA guidelines.
Background on HIPAA and compliance guidelines can be found on this HHS website: http://www.hhs.gov/ocr/hipaa/.
Related Resources (Files)
| Title | Date | Posted By | |
 |
Complying with HIPAA in OpenClinica | Feb 22, 2005 | ccollins |
Related Pages
| Title | Date | Posted By | |
|
OpenClinica: HIPAA Privacy & Security Best Practices | May 29, 2007 | ccollins |
|
HIPAA Rule on Security Standards | Feb 21, 2005 | ccollins |
