Research Protections Program
Health Insurance Portability and Accountability Act (HIPAA)
On 14 April 2003 the Privacy Rule of the Health Insurance Portability and Accountability Act (HIPAA) went into effect. Developed, released, and enforced by the Department of Health and Human Services, the HIPAA Privacy Rule sets national standards for maintaining the privacy and enhancing the security of an individual's Protected Health Information (PHI). This includes all Individually Identifiable Health Information (IIHI) that is in any type of format, either electronic or paper that is maintained, stored, or transmitted by a Covered Entity (CE).
Research, School of Dentistry Privacy Board, IRBs and HIPAA
Research: Research is defined in the Privacy Rule as, "a systematic investigation, including research development, testing, and evaluation, designed to develop or contribute to generalizable knowledge."
Research as defined in the Privacy Rule
HHS Final HIPAA Security Rule
In the February 20 Final Register, HHS adopted and published the final security for protecting IIHI as part of the Health Insurance Portability and Accountability Act. These standards will take effect on 21 April 2003.
HHS Final HIPAA Security Rule (pdf)
HIPAA Advisory - Final Security Rule - by sections (link)
CMS - HIPAA Fact Sheet on Security Standards Final Rule (word doc)