IRB Approval and HIPAA Regulations

Researchers who wish to use the Surveillance, Epidemiology and End Results-Consumer Assessment of Healthcare Providers and Systems (SEER-CAHPS) data are required to obtain IRB approval prior to the data being released to them. A full IRB review is not required. Many IRBs, including NIH's Office of Human Subjects Research, have determined that the SEER-CAHPS data are exempt (45 cfr 46.101(b)(4)).

Researchers who wish to use the SEER-CAHPS data may have concerns about complying with the Health Insurance Portability and Accountability Act (HIPAA)External Web Site Policy regulations. The SEER-CAHPS data contain information about geographic location at the county level. Because of these variables, the SEER-CAHPS data are considered by HIPAA requirements as a limited data set, which requires that investigators sign a Data Use Agreement prior to receiving the data. This exception allows for the release of the SEER-CAHPS data without obtaining authorization from individual patients (see Federal Register, August 14, 2002, pg 53235). However, because the SEER-CAHPS data are a limited data set, investigators who have the data may not share these files with other investigators. Investigators who are contacted by colleagues who wish to use their data should ask their colleagues to contact SEER-CAHPS.