Conversations about clinical trial data privacy in clinical trials require an in-depth understanding of key regulations — and with multinational trials becoming more prevalent, being familiar with global regulations has become paramount.
In the US, HITECH (Health Information Technology for Economic and Clinical Health) and HIPAA (Health Insurance Portability and Accountability Act) are the main priorities.
Here, our expert on EDC software for clinical trials explores what these regulations say about trial data in terms of what trial managers and sponsors need to know — and how they should protect trial data privacy.
The north star for patient information — HIPAA
For data security, HIPAA has two fundamental thrusts. First, it’s a floor, not a ceiling; it’s the foundation from which to facilitate the safe and legal exchange of patient data. Second, it governs the rights of patients to their data and the obligations of organizations to safeguard this data.
However, HIPAA isn’t the only source of regulatory consideration — there’s the HITECH Act of 2009 as well. This act was aimed to accelerate the use of EHRs (electronic health records) and expand data protection requirements and liability of HIPAA for noncompliance.
The Future of HIPAA
Although HIPAA is still the guiding star, some critics want it to be more robust. According to them, this robustness could be achieved by extending its authority over entities that aren’t covered. If these amendments aren’t made, several data security risks may emerge.
HIPAA only safeguards ‘covered entities’ like research institutions, healthcare plans, and healthcare providers. This enforcement is only in the US and doesn’t cover data present on the internet.
Consequently, third-party data companies and internet service providers possess more information online, which is sold to advertisers and marketers. Thus, making changes in legislation is the only solution. These may comprise wider categories of entities regulated by HIPAA so that every entity collecting personal health information would be bound by the law.
HIPAA changes in 2021
Following are some specific changes that were made to HIPAA in 2021:
- To send/receive patient information, healthcare organizations should only charge ‘fair’ fees. This enables patients to access their records without worrying about their finances.
- While third parties may ask for patient records, they must have patient-signed HIPAA documentation.
- Patients can access and store their personal health information.
As is evident, these proposed changes are meant to amplify accessibility for community organizations and patients (leading to better treatment) while also safeguarding patient privacy.
ClinicalPURSUIT’s clinical data management EDC system makes data management and processing for clinical trials efficient, effective, and rapid
ClinicalPURSUIT’s clinical data management software help researchers acquire high-quality data using an intuitive and cost-effective solution.
Contact us now for more information on ClinicalPURSUIT – the best EDC clinical trial software!
