Send to:

Choose Destination
See comment in PubMed Commons below
Nurs Outlook. 2005 Mar-Apr;53(2):79-87.

Evaluating HIPAA compliance: a guide for researchers, privacy boards, and IRBs.

Author information

  • 1Angelo State University, Department of Nursing, San Angelo, TX 76909-0902, USA.


The purpose of this article is to describe implications of the Health Information Portability and Accountability Act of 1996 (HIPAA) for nurses engaged in human and health services research. In general, a person's private health information (PHI) may only be disclosed for treatment, payment, and business procedures related to healthcare service delivery. Access and/or use of the same information for research purposes necessitates another layer of review and may require a separate process of authorization. A brief historical overview of regulatory requirements regarding health information privacy and security standards for the electronic transformation of data and protection of electronically kept medical records is discussed and related to the role and responsibilities of researchers and organizations where research is conducted. In addition, a generic document template adaptable for use by an individual or organization is presented that can provide a quick, systematic review of HIPAA compliance when a research proposal is being developed or is received that seeks access to PHI.

[PubMed - indexed for MEDLINE]
PubMed Commons home

PubMed Commons

How to join PubMed Commons

    Supplemental Content

    Full text links

    Icon for Elsevier Science
    Loading ...
    Write to the Help Desk