The HIPAA Privacy Rule provides federal protections for personal health information held by covered entities and gives patients an array of rights with respect to that information. At the same time, the Privacy Rule is balanced so that it permits the disclosure of protected health information (PHI) needed for patient care and other important purposes.
The purpose in this site is to help researchers know the limitations here at ECU when conducting research using PHI. This will explain the required length of storage of data as well as how to store it securely while having the proper authorization to do so.
*For non-research HIPAA compliance questions please refer to: http://www.ecu.edu/cs-dhs/institutionalintegrity/index.cfm
Login to Cornerstone for HIPAA training using your pirateID and search for:
ECU HIPAA/Security Training for Researchers click on request and the training will be assigned to you.
PHI stands for Protected Health Information.
The HIPAA Privacy Rule provides federal protections for personal health information held by covered entities and gives patients an array of rights with respect to that information. At the same time, the Privacy Rule is balanced so that it permits the disclosure of personal health information needed for patient care and other important purposes.
If you answer yes to any of the 4 questions above then PHI is involved in your research.
Identity Theft Protection Committee (ITPC) - In order to implement and ensure compliance with legal requirements governing SSNs and PII, ECU established the Identity Theft Protection Committee (ITPC) to oversee ECU's compliance with this regulation in regard to the collection, segregation, disclosure and security of SSNs and PII and the development of related policies/regulations.
The ITPC is also responsible for approving the collection and use of SSNs and PII.
Questions concerning the requirements of this regulation should be directed to the Identity Theft Protection Committee (ITPC) at ITPC@ecu.edu
Clinical Information Steering Committee - The Clinical Information Steering (CIS) Committee oversees the adoption and use of healthcare-related information technologies. CIS's partnership with ITCS provides a uniform process for the Brody School of Medicine, ECU School of Dental Medicine, ECU Allied Health, ECU College of Nursing and ECU Physicians to request and receive guidance in the selection, development and implementation of hardware, software systems, databases and third party IT services that support clinical research and operations for the purposes of assuring compatibility with existing East Carolina University and Vidant Health healthcare-related information technology systems, promoting operational efficiency, limiting storage of patient information outside of the university's designated Electronic Health Record (EHR) system(s), and ensuring both patient and university data are protected within the scope of applicable university policies, government regulations and state laws.