WPF Files Comments on Federal Proposal for Human Subject Research Common Rule World Privacy Forum Skip to Content Javascript must be enabled for the correct page display Home Connect With Us: twitter Vimeo email Main Navigation Hot Topics
WPF Files Comments on Federal Proposal for Human Subject Research Common Rule
The Nuremberg Code, an extraordinary document around ethics and research on human subjects written after the research abuses that took place during World War II, is akin to a global Emancipation Proclamation for human research subjects. The Nuremberg Code’s 10 principles remain a timeless rendering of thought on what should be in place prior to any entity conducting research on human subjects, and this code forms the philosophical foundation of a regulation in the US known as the Common Rule. In the United States, the Common Rule determines what specific, actionable federal protections and rights people who undergo human subject research have. The rules apply to federally-funded entities, but the impact of the Common Rule reaches much further than the entities it regulates. It has an overall influence on thinking in medical research and beyond. As such, any revisions and updates to the Common Rule are vitally important. Today, the World Privacy Forum filed extensive comments about the new Federal proposal for Human Subject Research Protections, which updates the Common Rule, with the US Department of Health and Human Services, the US Department of Education, and other agencies. In our comments, we support several changes in the proposal. We also make substantive recommendations for improvements. Key areas where we are requesting improvements include: Data Risks
The proposal defines data risks as primarily related to unauthorized access. We have urged the agencies to broaden this idea to informational risks, which is an updated and much more appropriate approach to the issue of data risk today. Data Fusion
In our comments we discuss data fusion and how it interacts with human subject research protections. We present our researched understanding of how data is no longer separable — online and offline have merged, as have sensor and biodata, geolocation data, and many other data types. Financial and medical data, once clearly delineated and segregated, now overlap and interact in novel and inextricable ways, as do many other aspects of data. An updated approach to human subject research protection needs to take these kinds of data changes into account in order to remain as effective as possible. Existing Standards
We urged the agencies to retain a very high bar for human subject protections. Specifically, we commented about what the role of The Privacy Act of 1974 and the Family Educational Rights and Privacy Act (FERPA) should be in constraining human subject research, as well as HIPAA. We recommended that the agencies should set a higher standard for human subject research protection than is afforded in the Privacy Act, FERPA, or HIPAA. We wrote about many additional items, in detail, commenting on places where the proposal could be strengthened. We invite all to read our comments, which are available here. Read the WPF Comments on the US Common Rule proposal PDF 30 pages
Related
The Nuremberg Code (10 principles) Declaration of Helsinki, from the World Medical Association, 32 principles. Read background on the Nuremberg Code from the New England Journal of Medicine. This is a very good overview of the code and its impact. The article is brief, and is available online free of charge. Posted January 5, 2016 in Common Rule, Data Fusion, First Principles, Notice of Proposed Rule-making Comment, Public Comments, Public Policy, U.S. Department of Health and Human Services, US Department of Education Tags: Nuremberg Code Next »Do Not Call List: more than 222 million numbers registered and still growing, but robocall complaints growing « PreviousGenetic Information Nondiscrimination Act (GINA): WPF files comments on wellness program privacy, purchase of employee genetic data, more WPF updates and news CALENDAR EVENTS WHO Constituency Meeting WPF co-chair
6 October 2022, Virtual OECD Roundtable WPF expert member and participant Cross-Border Cooperation in the Enforcement of Laws Protecting Privacy
4 October 2022, Paris, France and virtual OECD Committee on Digital and Economic Policy fall meeting WPF participant
27-28 September 2022, Paris, France and virtual more Recent TweetsWorld Privacy Forum@privacyforum·7 OctExecutive Order On Enhancing Safeguards For United States Signals Intelligence Activities The White House https://www.whitehouse.gov/briefing-room/presidential-actions/2022/10/07/executive-order-on-enhancing-safeguards-for-united-states-signals-intelligence-activities/Reply on Twitter 1578431679592427526Retweet on Twitter 1578431679592427526Like on Twitter 1578431679592427526TOP REPORTS National IDs Around the World — Interactive map About this Data Visualization: This interactive map displays the presence... Report: From the Filing Cabinet to the Cloud: Updating the Privacy Act of 1974 This comprehensive report and proposed bill text is focused on the Privacy Act of 1974, an important and early Federal privacy law that applies to the government sector and some contractors. The Privacy Act was written for the 1970s information era -- an era that was characterized by the use of mainframe computers and filing cabinets. Today's digital information era looks much different than the '70s: smart phones are smarter than the old mainframes, and documents are now routinely digitized and stored and perhaps even analyzed in the cloud, among many other changes. The report focuses on why the Privacy Act needs an update that will bring it into this century, and how that could look and work. This work was written by Robert Gellman, and informed by a two-year multi-stakeholder process. COVID-19 and HIPAA: HHS’s Troubled Approach to Waiving Privacy and Security Rules for the Pandemic The COVID-19 pandemic strained the U.S. health ecosystem in numerous ways, including putting pressure on the HIPAA privacy and security rules. The Department of Health and Human Services adjusted the privacy and security rules for the pandemic through the use of statutory and administrative HIPAA waivers. While some of the adjustments are appropriate for the emergency circumstances, there are also some meaningful and potentially unwelcome privacy and security consequences. At an appropriate time, the use of HIPAA waivers as a response to health care emergencies needs a thorough review. This report sets out the facts, identifies the issues, and proposes a roadmap for change.