From OCR: OCR has issued new guidance on HIPAA and individual authorization of uses and disclosures of protected health information (PHI) for research. This guidance explains certain requirements for an authorization to use or disclose PHI for future research. The guidance also clarifies aspects of the individual’s right to revoke an authorization for research uses and disclosures of PHI.
I’ve uploaded the guidance, below. If you have ever provided your consent for your information to be used in research or are considering providing it in the future, you may want to read this and understand what you are consenting to and whether it will remain in effect forever if you do not revoke consent:
hipaa-future-research-authorization-guidance-06122018 v2