Keywords

ethics, HIPAA, privacy

 

Authors

  1. Olsen, Douglas P.

Abstract

Background: The Health Insurance Portability and Accountability Act (HIPAA) privacy regulations, which became effective on April 14, 2003, should have a significant impact on the conduct of nursing research.

 

Approach: The requirements of the regulations are discussed in three key areas of the research process, accessing data (including recruitment and using medical records), creating data (including intervention studies, survey, and interview research), and disclosing data to others such as colleagues at other institutions.

 

Results: N/A.

 

Discussion: HIPAA will certainly impact nurses' ability to conduct research but to an unknown degree.

 

Enacted in 1996, the Health Insurance Portability and Accountability Act (HIPAA) requires the healthcare profession to protect the privacy of patient information and create standards for electronic data exchange. Since HIPAA's enactment, the Office of Civil Rights has worked to implement the regulations, and finalized them in October of 2002 for implementation on April 14, 2003. The law does not target research, but was a result of reaction to public perception of pernicious abuses of privacy stemming from the sale of health information by insurance firms and others to third parties. The HIPAA privacy regulations constitute a sweeping reform of the way healthcare information is handled. Disclosures of health information for research are allowed but regulated beyond in the common-rule regulations currently monitored by Institutional Review Boards (IRB). The HIPAA regulations are still new and there will be considerable clarification and interpretation over the first few years of implementation.

 

HIPAA is a concern for anyone conducting or reviewing nursing research. The purpose of this article is to familiarize nurse researchers and nurses on IRBs with the major areas of the research process affected by HIPAA.