MENU
Mary Greyard

Announcements

  • Changes to the federal rule governing human research (Common Rule) were announced on January 18, 2017. Many of the Common Rule changes go into effect January 19, 2018. 
  • The changes to the Common Rule do not apply to FDA-regulated studies. 
  • ORIC is working to roll out these changes at ECU. The announcements section of the ORIC > UMCIRB webpage and the ePIRATE homepage will be your main source for information and updates about the revised Common Rule roll out. 
  • Studies submitted on or after January 19, 2018 will be reviewed under the revised Common Rule. We are currently evaluating whether the changes will apply to studies existing prior to January 19, 2018. 
  • The definition of "human subject" has been altered to now include identifiable biospecimens. Identifiable biospecimens and identifiable private information are treated the same in the final rule. 
  • Consent forms will need to include an introductory paragraph which provides a clear and easy to understand summary of the key information that will be helpful to a potential participant or their legally authorized representative in the understanding of reasons why they might or might not want to take part in the research. 
  • Overall, there are four new elements of informed consent; one new required element and three new optional (i.e."if applicable") elements. These new elements are generally related to the secondary use of data and samples and genomic research. 
  • The revisions to the Common Rule broaden the types of research that can be reviewed under exempt categories. For example, secondary research involving identifiable private information that is protected by HIPAA can be reviewed under an exempt category; currently, this type of research requires review under an expedited category. As has always been the case at ECU, only the IRB may determine what research may be reviewed under the exempt categories. 
  • Some minimal risk studies will no longer be required to undergo annual continuing review.
  • Changes to the Common Rule mandate the use of a single IRB for multisite, cooperative studies. This requirement will be effective January 19, 2020. 
  • The revisions to the Common Rule go into effect January 19, 2018 and UMCIRB will begin reviewing new studies under the revised Common Rule on that date. 
  • New document templates will be posted on both the UMCIRB website and within ePIRATE. Be sure to use these new templates for any new research studies submitted on or after 01.19.18. 
  • Revised SOPs will be posted on the UMCIRB website.
  • Existing expedited studies approved prior to January 19, 2018 will continue to follow pre-2018 requirements including required renewal at least annually. Upon request by the investigator and after discussion with ORIC, an existing study may be revised to meet the new federal requirements. An amendment would need to be submitted and approved within the electronic IRB submission system to document this transition.
  • Keep our website and the ePIRATE homepage checked for continuing and updated information. 
  • Remember, the revised Common Rule does not apply to FDA-regulated studies. 
The short form consent (both the English and Spanish versions) has been updated. The new version date for the short form if 10/09/2017. In addition, an attestation of translation has been obtained for the Spanish translated version of the short form and it available on the UMCIRB website under "Forms, Docs & Templates". Please be sure to use this new template when submitting a short form for IRB review and approval.

Welcome to the ORIC - Research HIPAA Compliance

The HIPAA Privacy Rule provides federal protections for personal health information held by covered entities and gives patients an array of rights with respect to that information. At the same time, the Privacy Rule is balanced so that it permits the disclosure of protected health information (PHI) needed for patient care and other important purposes.

The purpose in this site is to help researchers know the limitations here at ECU when conducting research using PHI. This will explain the required length of storage of data as well as how to store it securely while having the proper authorization to do so.

*For non-research HIPAA compliance questions please refer to:  http://www.ecu.edu/cs-dhs/institutionalintegrity/index.cfm

Required Research HIPAA Training

Login to Cornerstone for HIPAA training using your pirateID and search for:

ECU HIPAA/Security Training for Researchers click on request and the training will be assigned to you.

Research HIPAA FAQs

What is PHI?

PHI stands for Protected Health Information.

The HIPAA Privacy Rule provides federal protections for personal health information held by covered entities and gives patients an array of rights with respect to that information. At the same time, the Privacy Rule is balanced so that it permits the disclosure of personal health information needed for patient care and other important purposes.

How to know if PHI is involved?

  1. Are you recruiting patients as participants from a healthcare component?
  2. Are you accessing the medical record to retrieve data?
  3. Is a healthcare component referring patients to you to recruit?
  4. Are you conducting your research within a healthcare component?

If you answer yes to any of the 4 questions above then PHI is involved in your research.

HIPAA Forms and Documents

Other ECU Links Relevant to Research HIPAA Compliance

Identity Theft Protection Committee (ITPC) - In order to implement and ensure compliance with legal  requirements governing SSNs and PII, ECU established the Identity Theft Protection Committee (ITPC) to oversee ECU's compliance with this regulation in regard to the collection, segregation, disclosure and security of SSNs and PII and the development of related policies/regulations.

The ITPC is also responsible for approving the collection and use of SSNs and PII.

Questions concerning the requirements of this regulation should be directed to the Identity Theft Protection Committee (ITPC) at ITPC@ecu.edu

Clinical Information Steering Committee - The Clinical Information Steering (CIS) Committee oversees the adoption and use of healthcare-related information technologies. CIS's partnership with ITCS provides a uniform process for the Brody School of Medicine, ECU School of Dental Medicine, ECU Allied Health, ECU College of Nursing and ECU Physicians to request and receive guidance in the selection, development and implementation of hardware, software systems, databases and third party IT services that support clinical research and operations for the purposes of assuring compatibility with existing East Carolina University and Vidant Health healthcare-related information technology systems, promoting operational efficiency, limiting storage of patient information outside of the university's designated Electronic Health Record (EHR) system(s), and ensuring both patient and university data are protected within the scope of applicable university policies, government regulations and state laws.