1 / 10

Role of the Privacy Office in VA Research

Role of the Privacy Office in VA Research . Stephania H. Putt VHA Privacy Officer. Overview of Discussion. Role of VHA Privacy Office Issuing Policy and Guidance on Field Reviewing Requests for National Data Processing requests for RealSSN and VistAWeb Access

Anita
Télécharger la présentation

Role of the Privacy Office in VA Research

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. Role of the Privacy Office in VA Research Stephania H. Putt VHA Privacy Officer

  2. Overview of Discussion • Role of VHA Privacy Office • Issuing Policy and Guidance on Field • Reviewing Requests for National Data • Processing requests for RealSSN and VistAWeb Access • Role of Facility Privacy Officer • Overall Responsibilities • Privacy Review of Research Documentation • Non-voting Member of IRB or R&D Committee • VA uses Affiliate or Outside IRB • Requested review prior to IRB submission • Outside Requests for Data

  3. Role of VHA Privacy Office • Issuing Policy and Guidance to Field • VHA Handbook 1605.1 • Privacy Fact Sheets • June 2006, Vol. 06, No. 3 - Privacy Requirements for Use of VHA Data by VHA Researchers • June 2006, Vol. 06, No. 4 - Privacy Requirements for Disclosure for Research to Non-VA Researchers • Available at http://vaww.vhaco.va.gov/privacy/FactSheets.htm • Review Tools • Privacy Review Checklist

  4. Role of VHA Privacy Office • Reviewing Requests for National Data • Extracts from National Databases at AAC • Extracts from Corporate Data Warehouse • Processing Requests for RealSSN and VistAWeb Access • Review Research Documentation • Provide approval • Sign and Submit VAF 9957 for RealSSN • Approval on Request Form for VistAWeb

  5. Role of Facility Privacy Officer • Overall Responsibilities • Developing facility privacy policies consistent with national privacy policies and monitoring compliance with such privacy policies; • Reviewing or auditing all programs at the facility on a periodic basis to determine which programs collect, use, maintain, and store individually-identifiable information in order to ensure compliance with facility privacy policies; • Reporting, in a timely manner, all actual or suspected breaches of privacy of all individually-identifiable information to the tracking service designated by the VA Privacy Service; and • Providing expert guidance to the facility on all privacy related matters such as Privacy Act (PA), Freedom of Information Act (FOIA), HIPAA Privacy Rule and 38 U.S.C.

  6. Role of Facility Privacy Officer • Privacy Review of Research Documentation • Required after IRB approval of research study • Ensure legal authority exists prior to the use of Protected Health Information (PHI) for Research • Ensure legal authority exists prior to the disclosure of PHI to outside entities for Research • Accounting of Disclosure required

  7. Role of Facility Privacy Officer • Non-voting Member of IRB or to R&D Committee • Participate in IRB or R&C Committee meetings in order to review research documentation and raise privacy issues directly to IRB or the R&D Committee • VA uses Affiliate or Outside IRB • Develop policies, in conjunction with Research Department, for the privacy review of documentation for all facility research studies; and • Reside as non-voting member on affiliate IRB or facility R&D Committee

  8. Role of Facility Privacy Officer • Requested Privacy Review Prior to IRB Submission • Conducted at request of Principle Investigator • Review to ensure that all elements are contained in the HIPAA authorization (if stand alone or incorporated into the informed consent) • Assist in determining if waiver of HIPAA authorization required

  9. Outside Requests for Data • Written request for data required from outside entity (Ref. 38 USC 5702) • Review/approval by Research Department to determine if research study is reasonable • Review by facility Privacy Officer to ensure legal authority exists for VHA to make the disclosure • Approval by Medical Center Director • Data provided and an accounting maintained

  10. Questions

More Related