HIPAA and Advanced Scientific Computing

Abstract

Demand for compute cycles and massive data storage has been growing rapidly in biomedical research. Activities on topics such as electronic health record analytics and gene sequencing are placing an increasing burden on academic medical college IT departments with limited ability to scale. As a result, campus and national advanced scientific computing centers (ASCCs) are being asked to accommodate biomedical researchers. This presents a challenge to these organizations since clinical research data or electronic health records contain identifiable patient information protected by the federal Privacy and Security Rules promulgated under the Health Insurance Portability and Accountability Act (HIPAA) of 1996. The HIPAA Privacy and Security Rules require entities to protect the privacy of individually identifiable health information or protected health information (PHI). The rules specify the types of safeguards that must be put in place including required security controls to ensure patient privacy.