Honest Broker: Difference between revisions

Jump to navigation Jump to search
Line 41: Line 41:
An Honest Broker is a neutral intermediary (person or system), who is a workforce member and is certified to collect specified health information from the tissue or data bank, remove all patient identifiers, and provide the de-identified health information or tissue to research investigators, clinicians, or other healthcare workforce members, in such a manner that it would not be reasonably possible for any individual to identify the patients directly or indirectly.
An Honest Broker is a neutral intermediary (person or system), who is a workforce member and is certified to collect specified health information from the tissue or data bank, remove all patient identifiers, and provide the de-identified health information or tissue to research investigators, clinicians, or other healthcare workforce members, in such a manner that it would not be reasonably possible for any individual to identify the patients directly or indirectly.
===Information Custodian===
===Information Custodian===
All application systems must have an information custodian ([http://www.unmc.edu/its/security/procedures/access-control.html Access Control to Information Technology Resources]) who performs the functions which specify the security properties associated with the application system. This includes the categories of information that users are allowed to read and update. The information custodian is also responsible for classifying data and participating in ensuring the technical and procedural mechanisms implemented are sufficient to secure the data based upon a risk analysis that considers the probability of compromise and its potential business impact.  
All application systems must have an information custodian ([https://info.unmc.edu/its-security/policies/procedures/access-control.html Access Control to Information Technology Resources]) who performs the functions which specify the security properties associated with the application system. This includes the categories of information that users are allowed to read and update. The information custodian is also responsible for classifying data and participating in ensuring the technical and procedural mechanisms implemented are sufficient to secure the data based upon a risk analysis that considers the probability of compromise and its potential business impact.
 
===Institutional Review Board (IRB)===
===Institutional Review Board (IRB)===
IRB means the Institutional Review Board of record for the ACE.
IRB means the Institutional Review Board of record for the ACE.

Navigation menu