Medical Records Privacy: Uses and Oversight of Patient Information in Research

Pursuant to a congressional request, GAO discussed the privacy of medical records used for health research, focusing on: (1) to what extent medical information used for research depends on personally identifiable information; (2) research that is and is not subject to current federal oversight requirements; (3) how the institutional review board (IRB) ensures the confidentiality of health information used in research; and (4) what steps organizations have taken to safeguard information.