Children's Hospital of Wisconsin
For Physicians & Health ProfessionalsChildren's Hospital and Health System
Search
Health InformationPrograms & ClinicsFind a DoctorGiving & VolunteeringResearchAdvocacy & CommunitySafety & QualityContact UsCareers
Children's Research Institute Logo
spacing image

  Overview
 
 
  Institutional Review Board
spacing image spacing image
spacing image New submissions
spacing image spacing image
spacing image Study maintenance
spacing image spacing image
spacing image Continuing review and study termination
spacing image spacing image
spacing image Forms
spacing image spacing image
spacing image Toolbox
spacing image spacing image
spacing image Research Policies, Guidance and FAQs
spacing image spacing image
spacing image IRB Alert
spacing image spacing image
spacing image Feedback
 
 
  Find an investigator or research program
 
  Leadership
 
  Translational research programs
 
  News and events
 
  Current research at CRI
 
  Support CRI
 
  Contact us
 
  Nursing research
 
E-mail this pageE-mail this page    Print this pagePrint this page    

Database review by the IRB

  • If a database is developed for clinical or quality improvement purposes, the database does not need IRB review.
  • If a database is developed for clinical or QI purposes and knowingly will be used for future research, the database needs IRB review.
  • If a database is developed for research purposes, it needs IRB review.

Frequently asked questions

Does the HIPAA Privacy Rule permit the creation of a database for research purposes through an IRB Privacy Board waiver of individual authorization?

Yes. A covered entity may use or disclose protected health information without individuals' authorizations for the creation of a research database, provided the covered entity obtains documentation that an IRB or Privacy Board has determined that the specific waiver criteria were satisfied. Protected health information maintained by a covered entity in such a research database could be used or disclosed for future research studies as permitted by the Privacy Rule. That is, for future studies in which individual authorization has been obtained or where the Privacy Rule would permit research without an authorization, such as pursuant to an IRB or Privacy Board waiver.

Can researchers continue to access existing databanks or repositories that are maintained by covered entities, even if those databases were created prior to the compliance date without patient permission or without a waiver of informed consent by an IRB?

Yes. Under the HIPAA Privacy Rule, covered entities may use or disclosure protected health information from existing databases or repositories for research purposes, either with individual authorization as required in 45 CFR 164,508, or with a waiver of individual authorization as permitted at 45 CFR 164, 512(i).
Hospital locations: Milwaukee and Fox Valley.

Children's Hospital of Wisconsin in Milwaukee, serving Wisconsin, Northern Illinois and
Michigan's Upper Peninsula and beyond through nationally-recognized programs.

Report any problems or comments about this Web site to webmaster@chw.org.
Terms of Use and Privacy Policies. © 2012 Children's Hospital and Health System.