Research with Medical Records
Required Research Documentation in Medical Records
Fairview requires some amount of research documentation in their patients’ medical record (MR) to further patient safety, continuity of care and billing compliance. Fairview's research documentation policy says researchers enrolling Fairview patients or seeing study participants at Fairview facilities are required to provide study-specific documentation in their participants’ Fairview MRs.
Required Research Elements are documented in Epic based on the information that researchers enter in the CTMS
- University of Minnesota Institutional Review Board (IRB) number
- Principal Investigator’s phone and pager number
- Study Coordinator’s phone and if applicable, pager number (Required information documentated in Epic by study coordinator in the Research Study comments field)
- Date of patient enrollment into the study and expected length of participation
HIPAA and Research
Parts of the Health Insurance Portability and Accountability Act (HIPAA) regulations are designed to ensure our patients' privacy and the security of the information we use and retain within Fairview. Researchers accessing, using or retaining protected health information (PHI) of Fairview patients must abide by Fairview’s HIPAA-related policies.
Reporting Privacy Breaches
If a patient’s privacy (such as PHI) is breached to an unauthorized individual or entity, then federal law requires that the breach be evaluated to determine if the patient should be notified. In order to comply with this law, Fairview Health Services requires that all breaches involving Fairview patients or research participants immediately be reported as follows:
- Report privacy breaches relating to participation in a research study to the Fairview Research Regulatory Affairs Officer at 612-672-7680.
- Breaches relating to patient care, separate from research participation, must be reported to Fairview’s Privacy Office at 612-672-5647.
Whether it is a misdirected fax or mailing or a more serious breach, such as the loss of a external-data drive containing patient information, be sure to report possible breaches as soon as possible.