its: research computing
Research Data Repository

HIPAA Security Rule and Research Data

The Health Insurance Portability and Accountability Act (HIPAA) security rule requires that everyone with access to electronic personal health information (ePHI) implement safeguards to protect against inappropriate and unauthorized access to patient health data. As stipulated in HIPAA rules and regulations:

  • Protect all ePHI created, received, maintained, or transmitted.
  • Ensure that patient data is safeguarded against potential hacking and unauthorized access.
  • Partner with HIPAA experts at CWRU to ensure compliance with the requirements of the HIPAA Security Rule.
  • Any data sharing solution involving ePHI would fall under the HIPAA Security Rule.
Find out more about the CWRU HIPAA policy

Research Data Repository security:

  • As creator of the data, the researcher owns the copyright to it. The copyright holder determines access and reuse of the data.
  • It is a best practice to create a rights statement explaining what use others may make of your data.
  • Consider a repository that allows an embargo of your data.
    • For a set period of time, only metadata about your data will appear
    • An embargo note will indicate that the data is not currently available for re-use.
    • Permits awareness of your data, so that others will not duplicate your work.
    • Allows peers to contact you about your data and its availability.

© 2013 Case Western Reserve University
Cleveland, OH 44106
Information Technology Services
(legal notice)
Contact website owner
Contact our service desk
CWRU ITS Social Networks
Translate this page

Share |