IRB Approval & HIPAA Regulations
Researchers who wish to use the Surveillance, Epidemiology and End Results-Medicare Health Outcomes Survey (SEER-MHOS) data are required to obtain IRB approval prior to the data being released to them. A full IRB review is not required. Many IRBs, including NIH's Office of Human Subjects Research, have determined that the SEER-MHOS data are exempt (45 cfr 46.101(b)(4)).
Researchers who wish to use the SEER-MHOS data may have concerns about complying with the Health Insurance Portability and Accountability Act (HIPAA) regulations. The SEER-MHOS data contain information about geographic location at the county level. Because of these variables, the SEER-MHOS data are considered by HIPAA requirements as a limited data set, which requires that investigators sign a Data Use Agreement prior to receiving the data. This exception allows for the release of the SEER-MHOS data without obtaining authorization from individual patients (see Federal Register, August 14, 2002, pg 53235). However, because the SEER-MHOS data are a limited data set, investigators who have the data may not share these files with other investigators. Investigators who are contacted by colleagues who wish to use their data should ask their colleagues to contact SEER-MHOS.