Forum Rules:
- Be courteous and respectful.
- Ask questions and discuss topics of interest.
- Share your knowledge and experiences.
- Create connections and a sense of community.
Hi, I am reposting this in the forum – kindly re-enter responses you have sent me by email for all to see.
Under the federal regs we are required to ensure that there are adequate protections for privacy of individuals and confidentiality of data (45 CFR 46.111(a)(7). I’m assuming most of us are not equipped nor trained to evaluate this (e.g., which software are being used, how data are being stored electronically). In addition to requiring things like cybersecurity training, and PI attestations that they will maintain the data in a secure fashion, how do you ensure this reg is followed?
What is your protocol for when amendment activities involve new software/data storage?
And if you use attestations, can you kindly share them?
