Some research studies require detailed interaction with study participants, such as tracking medical outcomes for clinical trials, or re-contacting participants at a later date for follow-up. As a result, investigators may need to securely store personal health information (PHI), such as names, addresses, and birth-dates. Management of these types of studies require secure data management at each step of the process -- data acquisition, management, and analysis – and this must be done efficiently and in compliance with all appropriate regulations regarding the protection of PHI.
The Safely Held Electronic Data Platform (SHED) provides OnCore® Enterprise Research, a data management tools allowing for customized data structures, longitudinal tracking of study subjects (including disease profiles and outcomes) and storage of versioned IRB protocols, subject consents, clinical findings (including images) and pedigree-formatted family data. LabmatrixTM provides the capability for complete biospecimen tracking (annotations, locations, chains of custody, barcodes), cell and cell lines annotation, and reporting (research-oriented + administrative) is also provided.
Case Western Reserve’s University Technology (Utech) developed, manages, and maintains a Secure Research Environment (SRE) for exactly these purposes. The SRE uses standardized operating procedures, rigid access control, auditing and encryption procedures to minimize risk to study data. Within the SRE, the Institute for Computational Biology has deployed the SHED for the explicit purpose of managing scientific studies containing PHI, and is HIPPA, FISMA, and SANS/ISO compliant.
HIPPA Compliant
HIPAA, the Health Insurance Portability and Accountability Act, sets the standard for protecting sensitive patient data. Any individual who deals with protected health information (PHI) must ensure that all the required physical, network, and process security measures are in place and followed.
FISMA Compliant
FISMA is one of the most important regulations for federal data security standards and guidelines -- it was introduced to reduce the security risk to federal information and data. FISMA establishes a set of guidelines and security standards for federal agencies and any individuals that are involved in a contractual relationship with the government.
SANS/ISO Compliant
ISO IEC 17799 2005 is the "Code of Practice for Information Security Management," and is the most widely accepted standard throughout the world. The SANS checklist provides precise audit checks that can be performed on the organization's infrastructures, and used in conjunction with the standard for Information Security management.