top of page

HIPAA Privacy Board

Research is critical to improving our knowledge of health issues and improving patient outcomes and quality of care. Access to quality data can help researchers understand diseases and health conditions, improve detection and diagnosis, enhance quality of care, and identify potential breakthroughs in discovery and development of health solutions. This research is increasingly dependent on access to large amounts of personal data from a wide array of sources, and this data may or may not be anonymized.

 

While access to data for health research is vital to unlocking these life-saving benefits, health data is inherently sensitive and often protected by privacy laws. For example, in the U.S., the Health Insurance Portability and Accountability Act (HIPAA) restricts the use and disclosure of health data for research unless certain conditions are met, such as when a data subject has consented to the use or disclosure or when approved by an Institutional Review Board (IRB). Another solution that is often overlooked, but is explicitly provided for by law, is review and waiver by a privacy board.

Hallmarks of the Red Barn Privacy Board

There are several advantages of engaging a privacy board to seek approval of an alteration or waiver.

 

Data Experts

Working with the Red Barn Privacy Board ensures an independent review of proposed research use cases by data privacy and security experts. Standing members of the Red Barn Privacy Board typically average 20 or more years of experience in data privacy, cybersecurity, and data governance, and we may engage further subject matter experts depending on the proposed research protocol. The diverse backgrounds and expertise of members ensures a comprehensive assessment and understanding of benefits and risks. We have a pool of standing board members, and each research proposal will be reviewed by a Privacy Board of three (3) or more members.

 

Current standing board members include:  

  • Fred Cate (Distinguished Professor of Law, IU Maurer)

  • Sheila Colclasure (SVP Data Integrity, AI and Policy, IPG)

  • Stan Crosley (Former CPO, Lilly/Co-Chair HHS Privacy and Security WG/IAPP Board)

  • Peter Cullen (Former VP Trust, Microsoft/IAPP Board)

  • Elizabeth Denham (Former ICO UK/Chair GPA and CEO IAF/IAPP Board)

  • Peter Lefkowitz (Former SVP Citrix and Oracle/IAPP Board)  

  • Continuing to expand

 

 

Independent Perspectives

Working with the Red Barn Privacy Board will ensure an independent review of each research proposal. We will review all conflicts of interest for the Board and ensure that the members that sit for a research proposal review meet the criteria under HIPAA. Companies that are interested in having one or more of their employees sit on the Privacy Board for the review of their submission can include this request in their submission documentation.  We will then assess and discuss with the company the inclusion of such members in the constitution of the Privacy Board specific to that request.

 

Foundation for Ethical Use of Data

The Red Barn Privacy Board helps to lay a foundation for enabling the ethical and optimal use of data for research in a way that is compliant with the HIPAA Privacy Rule. Working with the Privacy Board is often an iterative process. Our experts will review your submission, fully discuss it with you, and, where required, provide guidance to suggest modifications to your  research proposal that will satisfy the waiver criteria. The learnings from interactions with the Board will assist companies in developing foundational policies and procedures for future research projects and Privacy Board submissions.

bottom of page