Privacy and Confidentiality

Question 1

What’s the difference between Privacy and Confidentiality?

Answer 1

Privacy = protecting the person
Confidentiality = protecting the data

Question 2

What does Privacy mean in a research setting?

Answer 2

A subjects’s control over access to themselves or their info

Question 3

What does Confidentiality mean in a research setting?

Answer 3

A researcher’s obligation to protect data from unauthorized access

Question 4

What is a Covered Entity?

Answer 4

An individual or organization that handles protected health information (PHI) as part of standard operations.

Question 5

When does HIPAA apply?

Answer 5

When research involves protected health information (PHI) from covered entities

Question 6

What are the Three criteria of a Waiver of HIPAA Authorization?

Answer 6

Minimal risk to privacy

Research cannot practicably be done without the waiver

There are adequate data protection plans

Question 7

What do Certificates of Confidentiality (CoCs) do?

Answer 7

Protect against legal demands/forced disclosure, but don’t override mandatory reporting laws (e.g., child abuse)

Question 8

What federal law governs access to protected health information in research?

Answer 8

HIPAA — 45 CFR Parts 160 and 164

Question 9

How many types of covered entities are there?

Answer 9

Three:
Health Care Providers
Health Plans
Health Care Clearinghouses