search this site.

210527P - PRIVACY AND CONFIDENTIALITY

Copyright 1995-2023 © by Prof Omar Hasan Kasule - Admin
Category:
Print Friendly and PDFPrint Friendly

Presentation at a workshop on Week I: Bioethics Module - CRC Program held at King Fahad Medical City via Zoom on 27 May 2021 at 10:00-11:00 am. By Professor Omar Hasan Kasule Sr. MB ChB (MUK). MPH (Harvard), DrPH (Harvard) Professor of Epidemiology and Bioethics, King Fahad Medical City

 


POLICY ON THE USE OF MEDICAL RECORDS FOR RESEARCH WHILE PRESERVING CONFIDENTIALITY:

 All medical records can be used for research provided the results are reported in the aggregate and no personally identifying information.

 Research shall not be carried out on medical records without approval by the Institutional Review Board and the unit that has physical custody of the records. The Health Information Technology shall approve data extraction from online data bases.

 Patient permission shall be needed in cases in which confidentiality may be breached such as use of images and certain forms of genetic data.

 Data shall be abstracted and no original documents or copies shall be taken out of the medical record.

 Researchers shall make sure that they protect the privacy and confidentiality of the patients involved.

 

PERSONALLY IDENTIFIABLE HEALTH INFORMATION - 1:

 Names.

 All geographic subdivisions smaller than a province, including street address, city, county.

 All elements of dates (except year) for dates directly related to an individual, including birth date, admission date, discharge date, date of death.

 Telephone numbers.

 Electronic mail addresses.

 ID number Medical record numbers.

 Health plan beneficiary numbers.

 Account numbers.

 

PERSONALLY IDENTIFIABLE HEALTH INFORMATION - 2:

 Certificate/license numbers.

 Vehicle identifiers and serial numbers, including license plate numbers.

 Device identifiers and serial numbers.

 Biometric identifiers, including fingerprints and voiceprints.

 Full-face photographic images and any comparable images.

 Any other unique identifying number, characteristic, or code.

 

DATA CONFIDENTIALITY AND SAFE AND SECURE STORAGE OF DATA - 1:

 Strict confidentiality for records that can identify the participant.

 Medical and research records data should be kept confidential with security assured by double locking of doors, password protected computers, and cybersecurity measures against data breach.

 Strict control of access, removal, or delivery of data.

 All new staff should be oriented about data security and should sign a non-disclosure agreement.

 

DATA CONFIDENTIALITY AND SAFE AND SECURE STORAGE OF DATA - 2:

 Identifying information should be separated from the data.

 Appropriate blood sample / urine collection: Ensure that you have identified the participant and matched him/her to the correct sample to be collected prior to collection. Make sure that your sample is labeled with the appropriate details without revealing the participant’s confidentiality.

 Inspectors, auditors, and monitors should sign a confidentiality agreement before looking at records. They are not allowed to take away any of the source documents.