Ethical and regulatory concerns arise when patient data is used for research. In a presentation for the University of California’s Ethics, Compliance and Audit Symposium, Kristen Rosati broke down common challenges when using “Big Data” in research, providing resources for researchers to understand de-identification practices and improve data governance. 

Kristen explained the different compliance requirements for researchers using data gathered under various privacy laws, including HIPAA, 42 C.F.R. Part 2, the Common Rule, the California Consumer Privacy Act, and the European Union General Data Protection Regulation. She also shared best practices for good data governance in research, including prioritizing de-identified information, minimizing the amount of data used, implementing a data use agreement, and more. 

Kristen is considered one of the nation’s leading “Big Data” and HIPAA compliance attorneys.  With extensive experience in data sharing for research and clinical integration initiatives, clinical research compliance, and biobanking and genomic privacy, she regularly speaks on these topics at national conferences and forums. Kristen is a Past President of the American Health Lawyers Association, the nation’s largest educational organization devoted to legal issues in the healthcare field with almost 15,000 members.