Health Privacy Issues for Researchers Quiz

Questions and Answers

Recruiting into research can qualify as an activity 'preparatory to research' under which circumstances?

It is entirely at the investigator's discretion.

It can qualify for the initial contact, but data should not leave the covered entity. (correct)

It never requires a written authorization.

It always requires a written authorization for ANY contact with the patient.

What type of information does HIPAA protect?

Any identifiable health information.

Identifiable health information that is created or held by entities operating across state lines.

Identifiable health information created or held by covered entities and their business associates. (correct)

Identifiable health information that is created or held by covered entities.

Under HIPAA, when is a 'disclosure accounting' required?

For all human subjects research that uses PHI without an authorization from the data subject, except for limited data sets. (correct)

For all human subjects research that uses PHI.

Solely at the principal investigator's discretion.

For all research where the data crosses state lines.

Which of the following is NOT an acceptable reason for a covered entity to use or disclose PHI without authorization?

Limited data set without an approved data use agreement.

What does HIPAA include in its definition of 'research'?

Development of generalizable knowledge.

Study Notes

Recruitment in Research

• Initial contact with potential research participants can be considered "preparatory to research."
• Data from this preparatory phase must remain within the covered entity and should not be shared externally.

Protected Health Information (PHI)

• HIPAA protects identifiable health information created or held by covered entities and their business associates.
• PHI must involve identifiable information related to individuals and is not limited by the individual's citizenship status.

Disclosure Accounting under HIPAA

• Disclosure accounting is mandatory for human subjects research using PHI when authorization from the data subject is absent.
• Exceptions include research utilizing limited data sets, simplifying the accounting requirements for such cases.

Use and Disclosure of PHI

• Covered entities can disclose PHI without authorization in several situations but not for limited data sets unless there's an approved data use agreement.
• Researchers must provide specific representations when using decedents' information or when research data does not cross state lines.

Definition of Research under HIPAA

• The term "research" under HIPAA encompasses activities aimed at generating generalizable knowledge.
• This definition is broad and includes various domains such as population health and quality assessment, not limited to federally-supported laboratories.

Description

Test your knowledge on health privacy issues and regulations relevant to researchers. This quiz covers important concepts such as patient recruitment and the necessary authorizations for contact. Enhance your understanding to ensure compliance in your research endeavors.