According to the U.S. Department of Health and Human Services Office for Civil Rights (OCR), health care organizations must protect patients’ protected health information (PHI) even if they are participating in research or clinical trials.
This means that any website used to recruit potential study participants, as well as all associated data collection platforms, needs to follow strict HIPAA guidelines and safeguards when dealing with PHI from their prospective recruits/participants – including using secure encryption protocols for data transmitted over the internet or other networks whenever possible; ensuring access controls are put into place so only authorized personnel can view or use personal information; notifying affected individuals upon a breach involving their protected health information, and other specific requirements.
The HIPAA Privacy Rule is designed to protect the privacy of personal health information.
Clinical research is an important part of medical care. To ensure the privacy and security of patient medical information, researchers must adhere to the HIPAA Privacy Rule standards when using or disclosing PHI for research activities.
The HIPAA Rules affect clinical research by requiring entities to protect and secure identifiable human data which includes names, addresses, phone numbers, email addresses, social security numbers, medical record numbers and more. All 18 identifiers listed must be secured in order for the rules to be followed correctly.