PHRPC Scope
Overview
Effective January 1, 2022, amendments to the Personal Health Information Act (PHIA) were proclaimed. The PHIA amendments bring a NEW REQUIREMENT for researchers. Importantly, the Health Information Privacy Committee (HIPC) was replaced by the new Provincial Health Research Privacy Committee (PHRPC).
As of January 1, 2022, PHRPC is the ONLY committee that has authority to provide approval for research projects requesting USE of personal health information (PHI), maintained by any Manitoba Trustee, including by government or government agency. However, PHRPC review and approval is subject to the requirements of PHIA and is not required in all cases. This document is intended to highlight the SCOPE of PHRPC in the context of the PHIA requirements. Review of this document in its entirety, should guide researchers to a conclusion about the need for PHRPC review of a project.
It is important to note that Trustees (see definition below) retain the authority to approve DISCLOSURE of PHI maintained by that Trustee (grant access and provide data). This means that researchers requesting disclosure of PHI must provide the Trustee:
- Information supporting the request for USE and DISCLOSURE of PHI for research in the RITHIM-PRAS application (this information is required for Trustee consideration, regardless of whether PHRPC approval is required or not);
- Approval by PHRPC for the USE of the PHI requested for research purposes, if applicable.
Which Research Projects Require PHRPC Review?
Research projects that the use or disclosure of PHI that:
- is maintained by any Trustee where there will be no contact with the individuals that may be participating in the project and no plan to obtain consent from those individuals regarding the use of PHI; or
- is maintained by a Trustee in order to identify and/or contact potentially eligible individuals to discuss participation in a research project and all potentially eligible individuals have not already provided consent to be contacted for the purposes of research.
Which Research Projects DO NOT Require PHRPC Review?
- Research projects that do not request the use or disclosure of PHI (including PHINs) maintained by a Trustee.
- Research projects that request access, use or disclosure of PHI (including PHINs) that is maintained by any Trustee where consent will be obtained from those individuals (including consent for any potential data linkages) prior to any access, use or disclosure.
- Research projects that request the use or disclosure of PHI maintained by a Trustee and individuals have provided or will be asked to provide consent to be contacted for the purpose of research in any of the following ways:
- All individuals have previously provided consent to the Trustee to be contacted for research; or
- Individuals contact the research team directly through an active recruitment process (e.g., posters and/or social media adds), where PHI was not required by the research team to develop the process; and once contacted, the researcher will obtain consent from project participants prior to accessing personal health information about the participants maintained by the Trustee.
- A project conducted by a Trustee that only uses personal health information maintained by the same Trustee for the purpose of:
- 6.1 Establishing, monitoring, or evaluating health care services or treatment options provided by the Trustee for a patient population; or
- 6.2 Research and planning that relates to the provision of health care or payment for health care by the Trustee.
- A research project, including clinical trials, where:
- 7.1. The full research team is part of the health care team providing care to potential project participants and the research team members are accessing PHI as part of their job duties; and
- 7.2 The research team within the health care institution will approach the patients under their care directly to discuss participating in the research as an extension of their health care treatment plan options; and
- 7.3. Informed consent will be obtained prior to access or disclosure of PHI for the project.
(from PHIA s. 1(1)).: Recorded information about an identifiable individual that relates to: (a) the individual’s health, or health care history, including genetic information about the individual, (b) the provision of health care to the individual, or (c) payment for health care provided to the individual and includes (d) the PHIN and any other identifying number, symbol or particular assigned to an individual, and (e) any identifying information about the individual that is collected in the course of, and is incidental to, the provision of health care or payment for health care.
Personal Health Information Number (PHIN) (from PHIA s. 1(1)).: The Personal Health Identification Number (PHIN) is a unique nine-digit numeric identifier assigned by Manitoba Health to every person registered for health insurance in Manitoba, and to non-residents who are treated in Manitoba at facilities which submit claims electronically.
Trustee (from PHIA s. 1(1)).: A health professional, health care facility, public body, or health services agency that collects or maintains personal health information.