Question
You are a Privacy officer at Covered Entity A. Your colleague Diane is in the dermatology department would like to receive data from a university
You are a Privacy officer at Covered Entity A. Your colleague Diane is in the dermatology department would like to receive data from a university hospital so that she can develop algorithm that will detect certain skin cancers from patient-submitted images. Diane would like to know whether the dermatology department needs a particular agreement with the university hospital to receive this data. Additionally, Diane would like to partner with Mark from Biotech Company X, who is a product innovation lead, so that Mark's team can help co-develop the algorithm.?
1.With respect to the relationship with Covered Entity A and the university hospital, how will you advise Diane? Consider advising whether Diane's team will need a BAA, DUA, or no agreement at all (with the university hospital) based on the type of data they will receive. Would it be more or less ideal if the Covered Entity receives PHI, a limited data set, or de-identified data? Which agreements would you use for each? How will you explain these options to Diane? How will you explain the risks involved with each option?
2.What do you anticipate that Mark's Privacy team at Biotech Company X will advise him? What type data do you think they will ask for? Will they need a BAA, DUA, or no agreement with Covered Entity A and/or the university hospital?
Step by Step Solution
There are 3 Steps involved in it
Step: 1
Get Instant Access to Expert-Tailored Solutions
See step-by-step solutions with expert insights and AI powered tools for academic success
Step: 2
Step: 3
Ace Your Homework with AI
Get the answers you need in no time with our AI-driven, step-by-step assistance
Get Started