Office of Research
Division of Research Integrity and Compliance
Institutional Review Board

OHRP Federalwide Assurance: FWA00001669

PI Name: [Please specify]

Study Title:[Please specify]

Addendum 5 – HIPAA: Use, Receipt, or Disclosure of Protected Health Information

This addendum should be completed and attached to the IRB application you are submitting for IRB consideration.

For question regarding HIPAA, please contact Vinita Witanachchi, J.D., USF DRIC Privacy Officer and HIPAA Program Coordinator at (813) 974-5478).

SECTION 1 – INITIAL REVIEW
IRB QUESTIONS / PRINCIPAL INVESTIGATOR RESPONSES

Please select the type of entity involved in the research.

Select all that apply.

a) USF Covered Component (College of Medicine, College of Nursing, and/or USF Physician’s Group)

/

[ ] The USF integrated consent form containing HIPAA language (

[ ] Completed USF Application for HIPAA Waiver / Alteration of Authorization (

b) USF Affiliate (Moffitt, TGH, JAHVA, Shriners’, or All Children’s). Forms must be obtained at the respective research website(s)

/

Please attach oneof the following as applicable to your study:

[ ] Affiliate approved Research Authorization and USF consent form without HIPAA language
[ ] Affiliate approved integrated consent document(containing HIPAA language)
[ ] Completed USF Application for HIPAA Waiver/Alteration of Authorization

c) Non-USF; a health care provider, health care clearinghouse, or healthcare insurer that is not a USF Covered Component or a USF Affiliate*

/

Please do NOT use any of the USF HIPAA forms. Contact the Privacy Officer or other representative of the disclosing party to ensure that HIPAA requirements have been met in accordance with the policies of that entity. If you have any questions about how to proceed, please contact Vinita Witanachchi, J.D., USF DRIC Privacy Officer and HIPAA Program Coordinator at (813) 974-5478 or .

SECTION 2 – CONTINUING REVIEW/ MODIFICATIONS REQUESTED

IRB QUESTIONS

/

PRINCIPAL INVESTIGATOR RESPONSES

1 /

Please select the type of entity currentlyinvolved in the research. Select all that apply.

/

[ ] USF Covered Component (College of Medicine, College of Nursing, and/or USF Physician’s Group)

[ ] USF Affiliate (Moffitt, TGH, JAHVA, Shriners’, or All Children’s). Forms must be obtained at the respective research website(s)

[ ] Non-USF; a health care provider, health care clearinghouse, or healthcare insurer that is not a USF Covered Component or a USF Affiliate*

2 /

Please check one or more of the following as applicable:

Addition of a new data collection site.
List site: / Please attach one or more of the following as applicable:

[ ] The USF integrated consent form containing HIPAA language

[ ] Affiliate approved Research Authorization

[ ] Affiliate approved integrated consent document

[ ] Completed USF Application for HIPAA Waiver / Alteration of Authorization

[ ] A Non-USF entity being used; HIPAA representative contacted*

The sponsor, site, IRB, etc. has required documentation of informed consent on newly developed forms.

If you currently have a stand-alone USF HIPAA Authorization, you must now submit the USF Integrated Consent form containing HIPAA language / Please attach one or more of the following as applicable:

[ ] The USF integrated consent form containing HIPAA language

[ ] Affiliate approved integrated consent document

[ ] Affiliate approved {stand-alone) Research Authorization document

[ ] A Non-USF entity being used; HIPAA representative contacted*

Changes / revisions involved in the review of medical records; access of clinical data bases; access of registries; use of identifiable samples (tissue, blood, etc).

Please note: if your study currently has a HIPAA Waiver and the modification is NOT addressed in the currently existing HIPAA Waiver, you must re-apply for a HIPAA Waiver. /

Submit a USF Application for HIPAAWaiver/Alteration of Authorization unless this change is currently addressed in the informed consent form.

*Note to Investigator: If you are using a Non-USF entity, i.e., a healthcare provider, healthcare clearinghouse, or healthcare insurer, you are responsible for ensuring that HIPAA requirements have been met in accordance with the policies of that entity.

Addendum 5 HIPAA: Use, Receipt, or Disclosure of Protected Health InformationVersion 2008-06-13 Page 1 of 2