| HIPAA Privacy Rule |
Per federal HIPAA Privacy Rule requirements, in order for researchers to access a patient's medical record for research or to use, access, or disclose patient protected health information (PHI), the subject must allow the researcher to do so via written permission (authorization). If it is not practical to obtain a subject’s authorization, a researcher may request a waiver of authorization by submitting a formal application to the institution’s Privacy Board. Authorization forms, whether separate from the study informed consent form or contained in the consent form, require review and approval by the appropriate institution’s Privacy Board. |
Research projects conducted at TMC, regardless of funding or affiliation of the researcher, require a completed research application. The application and FAQs concerning research at TMC, HIPAA, the Privacy Board, federal regulations, and more are available at: |
In addition, the research project will require review and approval by the appropriate UMKC IRB, which may be accessed at: |
|
For research projects conducted at Saint Luke’s Hospital, information may be obtained at: |
https://www.saintlukeshealthsystem.org/slhs/com/cir/irbpolicy.htm. |
For research projects conducted at Children’s Mercy, information may be obtained at: |
