What has PCORI done to address data privacy concerns and human subject protections in this Policy?

In developing this Policy, PCORI has been attentive to data privacy and human subject protections concerns. More specifically, the data subject to the requirements of the Policy must be de-identified in accordance with HIPAA regulations. Additionally, only data from participants whose informed consent permits de-identified data to be archived at a data repository and used for secondary research will be made available for third-party requests. The Policy also requires that third-party data requestors enter into a data use agreement with clear prohibitions against using the data to re-identify individuals and redistributing the data to people who haven’t been approved to use the data.