It is becoming increasingly clear that as a university, that in addition to our pursuit of excellence in learning, research and patient care, we are also becoming compliance driven. So much so that I believe we can no longer enjoy the position that someone else is taking care of this. A couple of years ago, I wrote an editorial discussing the need to bring together the financial and patient care aspects of a patient's hospital record, in order to better address compliance within the health-care setting. Mostly the paper's point has been ignored, but the principles upon which it was derived are fact. Here, I have brought together some links to help me, and others locate resources dealing with a number of compliance-driven issues.

• Access to all federal regulations is available through the National Archives and Records Administration: http://www.gpoaccess.gov/cfr/
• Access to Court Opinions are available through the Cornell Law Library http://www.law.cornell.edu
• Access Supreme Court Decisions: http://www.supremecourtus.gov/opinions/opinions.html

• Sony vs Universal Pictures: Video Taping
• Campbell, aka Skyywalker vs Acuff Rose Music
• Fogerty vs Fantasy Inc
• Feist Publications vs Rural Telephone Services Co., Inc
• Teleprompter Corp vs Columbia Broadcasting Co

• "the Industry vs P2P providers" 9th Circuit Court of Appeals

• Summary of Digital Millennium Copyright Act
• Full text of the DMCA
• Ruling about exemption from prohibition from circumvention of protection measures
• Lexmark v SCC - reverse engineering is ok in some cases
• US Copyright Office http://www.copyright.gov/
• US Code Title 17 - Copyrights http://www4.law.cornell.edu/uscode/17
• Stanford Copyright and Fair Use Information Resource
• CalTech Copyright Tutorial
• Circumvention of copyright protection systems
• Concerns associated with the Digital Millennium Copyright Act (DMCA)
• Text, History and Caselaw associated with the DMCA
• Follow the SCO - IBM legal action related to possible LINUX copyright issues
• Univ Texas Crash Course in Copyright
• Online Resource for Understanding Copyright and Distance Education (NCSU)
• Indiana University Copyright Center
• Fair Use: Limitations on exclusive rights
• BitLaw - Overview of Fair Use in Copyright
• Fair Use of Copyrighted Works: A crucial element in educating America (CETUS)

Publishing the algorithm for playing DVDs has been an interesting case to follow. The motion picture industry limited distribution of the encyption techology to the manufacturers of DVD players and somewhere in the mix - the Linux community was without a tool to play a DVD they had purchased. The decision below is interesting in that it clearly articulates the nature of a Trade Secret and information that becomes available in the public domain. Both the positive aspect of Internet communication (makes access to information avaiable to just about everyone) and the negative aspect (tough to keep a secret) are articulated. A good read.

• Free Speech and publishing information within the public domain - 6th Appellate Court,California

Here are the PDF files for the recently released (28 Dec 2000) Standards for Privacy of Individually Identifiable Health Information

• How it all started: the Social Security Act of 1935: Social Secuity Act
• Section 1173 of Title XI: Standards for Information Transmission and Data Elements:
• Section 1173 of Title XI: Standards for code sets, security and transmission

Here are the August 2000 Federal Registry notes for Health Insurance Reform - Standards for Electronic Transactions; Announcement of Designated Standard Maintenance Organizations.

• HIPAA (45 CFR 142): 12 August 1998 Fed Register pp 43242-24380
• HIPAA (45 CFR 160, 162): 17 August 2000 Fed Register pp 50311-50372

Here are the HIPAA regulations in nice 50 page bite-size chunks

• HIPAA (45 CFR 160, 164): 28 Dec Fed Register pp 82462-42510
• HIPAA (45 CFR 160, 164): 28 Dec Fed Register pp 82511-42560
• HIPAA (45 CFR 160, 164): 28 Dec Fed Register pp 82561-42610
• HIPAA (45 CFR 160, 164): 28 Dec Fed Register pp 82611-42660
• HIPAA (45 CFR 160, 164): 28 Dec Fed Register pp 82661-42710
• HIPAA (45 CFR 160, 164): 28 Dec Fed Register pp 82711-42760
• HIPAA (45 CFR 160, 164): 28 Dec Fed Register pp 82761-42810
• HIPAA (45 CFR 160, 164): 28 Dec Fed Register pp 82811-42829

Here are the final (Feb 22, 2003) regulations for parts of HIPAA

• 45 CFR Parts 160, 162, 164
• 45 CFR Part 162 EDI formats

Here is the February 2000 Rederal Registry notes for the Family Educational Rights and Privacy Act

• FERPA (34 CFR 99): 06 July 2000 Fed Register pp 41852-42863

FDA Regulations

Here are the Fed Register reports of regulations related to IRBs, Human Subject studies, Electronic Records, GLP etc.

Here are the FDA regulations about e-signatures and a tutorial

• 21CFR11 Electronic records; Electronic Signatures (21 CFR 11)
• Guidance - 21CFR11 Electronic records; Electronic Signatures (21 CFR 11)
• Recent updates to 21CFR11
• FDA and E-Signatures Feb 28, 2003
• Guidelines for Electronic Record-Electronic Signatures

Here is a link to the Amer. Bar. Assoc tutorial on electronic signatures: http://www.abanet.org/scitech/ec/isc/dsg-tutorial.html

Misc FDA Regulations

• FDA: Protection of Human Subjects (21 CFR 50)
• FDA: Institutional Review Boards (21 CFR 56)
• FDA: Good laboratory practice for nonclinical laboratory studies (21 CFR 58)
• FDA: Protection of Human Subjects (National Defense) (32 CFR 219)
• FDA: Investigative Device Exemptions (21 CFR 812)
• FDA: Quality System Regulation (21 CFR 820)

Here is the Section 508 stuff dealing with web page accessibility - priimarily as it relates to the Disabilities Act

• Add an < alt="describe the image"> tag Section 508 enabling disabled folks to harvest information from your web site.