Ensuring HIPAA compliance for research projects relies on more than just using compliant systems; it requires a workflow and dataflow that remains secured and adherence to the Minimum Necessary Principle, i.e., storing the minimum amount of data for the minimum amount of time in the minimum necessary locations. To be able to show your good faith efforts, these actions should also be documented.
Email us at securemyresearch@iu.edu for help designing a secure workflow for HIPAA compliance.
We want your feedback
Please email securemyresearch@iu.edu to report errors/omissions and send critiques, suggestions for improvements, new use cases/recipes, or any other positive or negative feedback you might have. It will be your contribution to the Cookbook and appreciated by all who use it.