IRBs can help investigators create a plan to prevent survey security breaches that can lead to false data and study slowdowns and shutdowns. IRBs should ensure researchers know that if they detect a breach that changes/corrupts data, leads to someone outside the research team accessing data, causes potential harm to participants, or requires a change in procedures or informed consent, it should be reported to the IRB.

Researchers at the University of Houston discovered a survey study had been breached. Large number of surveys poured in, with batches arriving in two-minute intervals. Other signs of a breach included suspicious responses, unusual email addresses and patterns, responses from outside the United States, and missing contact information.

Precautions include a focus on creating safe bathrooms, increasing the number of trained observers to monitor patients at risk, and managing access to belongings and clothing.

Covered entities should take note of some key findings from audits conducted by the OCR in 2016 and 2017. OCR assessed covered entities’ and business associates’ compliance with selected provisions of HIPAA rules.

A covered entity’s victory over proposed penalties from the Department of Health and Human Services was good news for those responsible for HIPAA compliance, showing that good faith efforts and a willingness to fight the allegations can pay off.

A covered entity’s victory over proposed penalties from the Department of Health and Human Services was good news for those responsible for HIPAA compliance, showing that good faith efforts and a willingness to fight the allegations can pay off.

New legislation and proposed rules will affect HIPAA compliance. Both actions are good news for covered entities and business associates.

The recent cyberattack on a large health system shows the need for a robust security program, as well as how severely such an attack can affect healthcare operations.