The Defense Health Agency (DHA) Privacy and Civil Liberties Office established a Health Insurance Portability and Accountability Act (HIPAA) Privacy Board, otherwise known as the DHA Privacy Board, to provide HIPAA Privacy Rule reviews and documentation for researchers that seek to use and/or disclose protected health information (PHI) managed by DHA. The DHA Privacy Board is critical for DHA’s compliance with the HIPAA Privacy Rule (45 CFR 160 & 164) and Department of Defense (DoD) Health Information Privacy Regulation (DoD 6025.18-R).
More information on the establishment of the DHA Privacy Board can be found here: Memorandum for the Establishment of a TMA Privacy Board and Revision of Section C7.9.1 of Department of Defense (DoD) Health Information Privacy Regulation (DoD 6025.18-R).
Privacy Board Annual Report
The DHA Privacy Board releases an Annual Report each calendar year, highlighting the achievements of the Board, providing information about the direction of the Board in the upcoming year, and acknowledging the Board members who volunteer both expertise and time to the effort of the DHA Privacy Board. The annual reports are accessible by title as listed below:
Board Members
As required by the HIPAA Privacy Rule and DoD Health Information Privacy Regulation (DoD 6025.18-R), the DHA Privacy Board:
- Has members of varying and appropriate professional competency as necessary to review the effect of the research protocol on the individual’s privacy rights and related interests;
- Includes at least one member who is not affiliated with the HIPAA covered entity (DHA within the Military Health System (MHS)), not affiliated with any entity conducting or sponsoring the research, and not related to any person who is affiliated with any of such entities; and
- Does not have any member participating in a review of any project in which the member has a conflict of interest.
You also may be interested in...
Showing results 1 - 14
Page 1 of 1
Report
1/30/2015
Read the DHA Privacy Board Annual Report for fiscal year 2014.
Recommended Content:
Privacy Board
Fact Sheet
5/7/2014
This flowchart outlines the process the DHA Privacy Board uses to review research related data requests for protected health information (PHI) about individual research participants for Health Insurance Portability and Accountability Act (HIPAA) Privacy Rule compliance.
Recommended Content:
Privacy Board
Fact Sheet
5/7/2014
This flowchart outlines the requirements that must be initiated before the DHA Privacy Board reviews a research project for compliance with the Health Insurance Portability and Accountability Act (HIPAA) Privacy Rule and Department of Defense (DoD) Health Information Privacy Regulation (DoD 6025.18-R).
Recommended Content:
Privacy Board
Report
5/7/2014
Read the TMA Privacy Board Annual Report for calendar year 2012.
Recommended Content:
Privacy Board
Report
5/7/2014
This report highlights the major accomplishments of the TMA Privacy Board during FY13. There were three new significant developments that required the Board to adjust some of its processes: 1) A careful study of the streamlining possibilities in viewing the MHS as a HIPAA single covered entity; 2) Clarifying advice received regarding information systems owned by the MHS; and, 3) The release of the HIPAA Omnibus Final Rule implementing both the statutory amendments to HIPAA in the Health Information Technology for Economic and Clinical Health Act (HITECH Act) and the Genetic Information Non-Discrimination Act (GINA) and other modifications under the authority of the Department of Health and Human Services, Office of Civil Rights (DHHS/OCR). The
Recommended Content:
Privacy Board
Fact Sheet
12/11/2012
Learn more about the Standard Operating Procedures as it relates to the internal operations of the DHA Privacy Board.
Recommended Content:
Privacy Board
Presentation
8/29/2012
This Presentation provides an overview on the Defense Health Agency (DHA) Privacy and Civil Liberties Office (Privacy Office) functions, including the Human Research Project Program (HRPP), the Data Sharing Agreement (DSA) Program, and the DHA Privacy Board’s Health Insurance Portability and Accountability Act (HIPAA) Privacy Rule reviews. This presentation took place at the Human Protections Administrators’ Conference in Fort Detrick, Maryland on August 29, 2012.
Recommended Content:
Privacy Board
Form/Template
8/1/2012
Use this form if the researcher has not received documentation from an Institutional Review Board (IRB) or HIPAA Privacy Board approving a waiver or alteration of Authorizations and reasons exist that make it impractical or impossible for the researcher to obtain Authorizations from each research participant, the PI may submit an Application for a Waiver of Authorization or an Altered Authorization. A DHA Privacy Board member will conduct an expedited review of the completed application and determine whether to approve or deny an altered Authorization or a full or partial waiver of Authorizations.
Recommended Content:
Privacy Board
Form/Template
8/1/2012
Use this form if a Research Authorization Review template and an Authorization are approved by the DHA Privacy Board, a PI will be required to sign a Principal Investigator Certification. Among other requirements, the certification ensures that the PI will maintain, electronically and/or in hard copy, the signed Authorization for each research participant whose PHI is used or disclosed in the project, and will provide any and/or all of the signed Authorizations to DHA immediately upon request.
Recommended Content:
Privacy Board
Form/Template
8/1/2012
Use this form if the researcher intends to conduct research that is solely on the protected health information (PHI) of decedents, the PI may submit this template to document the required representations, as outlined above, that are necessary for compliance with the HIPAA Privacy Rule and Department of Defense (DoD) Health Information Privacy Regulation (DoD 6025.18-R).
Recommended Content:
Privacy Board
Form/Template
8/1/2012
Use this form if the researcher intends to conduct a review of PHI to prepare for a research protocol or for similar purposes preparatory to research (e.g., for recruitment or screening purposes) and agrees not to remove the PHI from DHA, the PI may submit this template to document the required representations, as outlined above, that are necessary for compliance with the HIPAA Privacy Rule and DoD 6025.18-R.
Recommended Content:
Privacy Board
Form/Template
8/1/2012
Use this form if the researcher intends to obtain HIPAA Authorizations, also known as “Authorizations,” from research participants to comply with the HIPAA Privacy Rule, the PI must submit to the DHA Privacy Board a copy of the blank Authorization(s) to be used in the project and the completed Research Authorization Review. The DHA Privacy Board will conduct a review to determine that all core elements and required statements are provided in the Authorization(s) as required by the HIPAA Privacy Rule and DoD 6025.18-R.
Recommended Content:
Privacy Board
Policy
This Memorandum approves the request for an exception to the policy permitting the establishment and use of a TRICARE Management Activity (TMA) Privacy Board for the limited purpose of reviewing research requests in which the research involves MHS protected health information (PHI) owned and/or managed by TMA.
- Identification #: N/A
- Date: 4/13/2009
- Type: Memorandums
- Topics:
Privacy Board
Policy
This Regulation is issued under the authority of DoD Directive 6025.18, “Privacy and Individually Identifiable Health Information in DoD Health Care Programs,” December 19, 2002. It prescribes the uses and disclosures of protected health information.
Showing results 1 - 14
Page 1 of 1