View
220
Download
2
Category
Tags:
Preview:
Citation preview
Informed Consent and HIPAA
Tim NoeCoordinating Center
Overview of the Informed Consent Process
•Why do we need to get consent?
•Training for staff obtaining consent
•Setting where consent is obtained
•Assessing comprehension of participant
•Providing a copy of consent to participant
Why do we need to get consent?
• Federal regulations (45 CFR, Part 46)
• As an extra precaution• To ensure participants know what
they can expect
Training for staff obtaining consent
• All staff who will be obtaining informed consent should complete human subjects protection training.
• Online courses are offered at http://cme.cancer.gov/clinicaltrials/learning/humanparticipant-protections.asp or http://www.citiprogram.org/default.asp
Setting•The setting where informed consent is obtained should be private
•The environment should be appropriate (minimal noise and distractions)
•There should be adequate time to complete the consent process
Assessing Comprehension and Autonomy
• It is very important to assess whether or not a participant understands what s/he is agreeing to do.
• To assess comprehension it will be important to ask the participant to explain in her/his own words what s/he is agreeing to do.
• You may also want to ask him/her questions
• You should also assess if the participant is self-sufficient to make the decision to participate
Provide Participant with a Copy of the Consent
•It is important that every participant receives a copy of the consent form
•Usually it is best to bring two copies, have the participant sign both, and give her/him one copy
•Both consents should also be signed by the local Program Director/Coordinator and by the person explaining the consent to the participant
Review Sample Consent Form(Appendix U)
HIPAA
•New law, known as “HIPAA” (the Health Insurance Portability and Accountability Act of 1996), requires that we establish new policies and procedures to ensure patient confidentiality.
•The HIPAA Privacy Rule regulates the use and disbursement of individually identifiable health information and gives individuals the right to determine and restrict access to their health information
HIPAA
•The HIPAA Security Rule requires that reasonable and appropriate technical, physical, and administrative safeguards be taken with electronic individually identifiable health information.
•Because of HIPAA requirements two types of Authorization are often required (HIPAA Authorization A and B).
HIPAA
•Authorization A allows a health entity to share information about a patient to an outside entity for recruitment purposes
•Authorization B allows a health care entity to share health information about a patient to outside entities for research and evaluation purposes
HIPAA Authorization A HIPAA Authorization B
Typical Requirements: Applies to health care entities only Providers must have permission to
disclose a patient’s name for recruitment by an outside agency
Providers can recruit patients without prior authorization
Typical Requirements: Applies to health care entities only Participants in evaluation studies must
give their permission for personal health information to be shared with other outside of the health care organization
This is usually signed at the same time as a consent form
Variability: Depends on whether or not the person
recruiting participants has a clinical relationship with them
Depends on whether the organization is a health care entity
This requirement is usually dependent upon the local HIPAA policy
Evaluators can be granted a waiver if they meet the requirements
Variability: If the data collected are de-identified
(no personal identifiers are included in the data), no authorization is required.
Often the best approach is to obtain HIPAA Authorization B from everyone who signs a consent form. This ensures compliance.
Evaluators can be granted a waiver if they meet the requirements
IHS IRB Waiver of HIPAA Authorization
• The National IHS IRB determined that the project is in compliance with HIPAA requirements which allow for a waiver of HIPAA Authorization.
• Therefore, grantees can access medical records in order to get information to use in recruiting participants into the program without having a HIPAA Authorization A signed by the potential participant.
• However, as an extra precaution, we still plan to obtain HIPAA Authorization B at the time of consent.
Obtaining HIPAA Authorization B• Authorization B should be obtained during the
Informed Consent Process
• All guidelines for obtaining consent should be followed (i.e., setting, assessing comprehension, etc)
• Again, two copies should be signed by the participant and s/he should receive one copy
• Staff are also encouraged to complete HIPAA Training. Contact your local HIPAA Privacy Officer for information about training opportunities.
Review Sample HIPAA Authorization B Form
(Appendix U)
Questions?
Recommended