News

Research Riddle

The recent uproar over the Office of Human Research Protections (OHRP) ordering a multicenter study of a Michigan ICU checklist to halt data collection has left quality improvement (QI) researchers, ethicists, and legal experts scratching their heads.

Even before the Michigan debacle, there was considerable confusion about how patient privacy rules included in the Health Insurance Portability and Accountability Act of 1996 (HIPAA) affected QI studies. No one was really sure when institutional review board (IRBs) needed to be involved and when patients needed to be officially consented.

The HIPAA contains specific language addressing how patients and patient data should be handled by researchers. And experts say that’s a good thing—in theory.

Know HIPAA’s Scope

Because most people haven’t read HIPAA carefully, they don’t understand who and what is covered by the legislation, says James G. Hodge Jr., an associate professor and executive director at the Centers for Law and the Public’s Health at Johns Hopkins School of Public Health in Baltimore.

First, Hodge says, you need to understand where HIPAA’s privacy rule starts and stops. “It starts with covered entities and stops with those not covered,” he adds.

What does this mean?

For starters, it means public health authorities are exempt because they are not providing functions covered by HIPAA, Hodge says. What’s covered by HIPAA are “those providing healthcare or data clearinghouses that deal with health benefits.”

Health researchers may or may not be covered by HIPAA’s privacy rules, Hodge says. “They’re not covered by the privacy rule unless they are performing covered functions, such as healthcare,” he adds. “This is an important thing. You don’t think automatically how this may implicate data exchanges.

The rule also has exceptions, Hodge says. “If it’s a covered entity that is providing data to a public authority, that may occur without patient authorization, if it’s for public health related purposes.”

Further, he says: “Covered entities can disclose information is when it is for health oversight research, which I think was meant to include quality improvement. What you don’t get to do is run an experiment that has the potential harm to people who are not aware that they are in a research study.”—LC

But a 2007 study in the Journal of the American Medical Association found that many epidemiologists feel the rules have adversely affected research and done little to improve patient privacy.1

The situation for QI researchers is even more confusing. Many see studies examining the effect of QI interventions as fundamentally different from “human subjects research.” And because of this many were shocked when the OHRP halted data collection from the Michigan care-checklist program.

In that case, the OHRP argued that because the study was prospective, it wasn’t simply QI, but rather “human subjects research.” The OHRP demanded that researchers run their plans by the IRBs of every one of the 103 hospitals involved in the research before relenting Feb. 15 and letting the study resume. (Initial results of the study were published in the New England Journal of Medicine in 2006.2)

Many medical experts view the intervention being studied in Michigan—a simple checklist aimed at reminding physicians to follow some common-sense procedures designed to lower the infection rate associated with central lines—as a straightforward attempt at QI. They argued the study should be exempt from some of the rules regarding human research subjects.

Experts say the OHRP’s initial ruling made what was already a confusing subject into an impossibly muddled morass that may have a chilling effect on the publication of QI studies.

Some say the OHRP has extended HIPAA too far. First of all, legal experts say, it must be understood that HIPAA’s rules don’t apply equally to everyone. For example, public health authorities are allowed to gather patient data without consent if they are trying to prevent the spread of disease. And hospitals are allowed to use data to improve the quality of healthcare, says James G. Hodge Jr. an associate professor at the Johns Hopkins School of Public Health in Baltimore, and executive director of the Centers for Law and the Public’s Health at Johns Hopkins.

1 2 3 Next

Comment on this Article

Your email address will not be published. Required fields are marked *