IRB Approval & HIPAA Regulations
Researchers who wish to use the Surveillance, Epidemiology and End Results-Medicare Health Outcomes Survey (SEER-MHOS) data are required to obtain IRB approval prior to the data being released to them. A full IRB review is not required. Many IRBs, including NIH's Office of Human Subjects Research, have determined that the SEER-MHOS data are exempt (45 cfr 46.101(b)(4)).
Researchers who wish to use the SEER-MHOS data may have concerns about
complying with the Health Insurance
Portability and Accountability Act (HIPAA) regulations. The SEER-MHOS data
contain information about geographic location at the county level. Because of
these variables, the SEER-MHOS data are considered by HIPAA requirements as a
limited data set, which requires that investigators sign a Data Use Agreement
prior to receiving the data. This exception allows for the release of the
SEER-MHOS data without obtaining authorization from individual patients (see
Federal Register, August 14, 2002, pg 53235). However, because the SEER-MHOS
data are a limited data set, investigators who have the data may not share these
files with other investigators. Investigators who are contacted by colleagues
who wish to use their data should ask their colleagues to contact SEER-MHOS.