Duke Office of Federal Relations -- The Office of Federal Relations represents the interests of the University's faculty, students and staff on matters of legislation and regulations before the federal government in Washington, D.C.
Duke General Accounting Procedures (Duke GAP) -- The Duke General Accounting Procedures (GAPs) are workflow overviews, forms and other tools to assist in the day-to-day financial operations for the business units of the Duke Community. They provide account code structure, general ledger account definitions, journal-voucher workflow procedures, capital asset acquisition and disposal procedures, space allocation information, and fiscal year-end close information.
Duke Human Resources -- Duke Human Resources (HR) provides the Duke workforce with employment and organizational policies and procedures, as well as, tools and workflows for employees and supervisors in the Duke community. Additionally, HR provides employee benefits resources, performance appraisals processes, supports staff recruitment and provides training and development.
Duke IT Security Office -- The Duke University IT Security Office (ITSO) provides leadership in the development, delivery and maintenance of an information security and risk management program to safeguard the university's information assets and the supporting infrastructure against unauthorized use, disclosure, modification, damage or loss. IT Security Office listing of Policies, Procedures, Standards
Duke Health Information Security Office (NetID and password required) -- The Duke Health Information Security Office (ISO) is responsible for protecting information assets across all Duke Health entities, including Duke University Hospital, Durham Regional Hospital, Duke Raleigh Hospital, the Schools of Medicine and Nursing, research institutes, clinics, Health System corporate functions, and other related organizations. Duke Medicine Information Security Policies in eGRC System (NetID and password required).
Uniform Guidance (UG) -- Duke receives approximately $1 billion in sponsored program funding annually. Various United States federal agencies award Duke more than half of that annual funding. Depending on the timing of the award, all programs are subject to the rules in either an OMB circular (prior to December 26, 2014) or the Uniform Guidance (as of December 26, 2014). The Uniform Guidance (UG) is the new Federal regulation which provides a government-wide framework for grants management. To learn more, reference Duke’s Uniform Guidance resource pages (NetID and password required).
Association of College and University Auditors (ACUA) -- ACUA is a resource for higher education auditing, regulatory compliance, and risk management. Membership is required to access some content areas.
Association of Healthcare Internal Auditors (AHIA) -- AHIA is a professional healthcare internal auditing network that provides its members and their clients with the tools, knowledge and insights for the evaluation risk within the complex and dynamic healthcare environment.
Information Systems Audit and Control Association (ISACA) -- ISACA is an independent, nonprofit, global association, ISACA engages in the development, adoption and use of globally accepted, industry-leading knowledge and practices for information systems.
National Association of College and University Business Officers (NACUBO) -- This is a membership organization representing more than 2,500 colleges, universities, and higher education service providers across the country and around the world. NACUBO specifically represents chief business and financial officers through advocacy efforts, community service, and professional development activities. The association's mission is to advance the economic viability and business practices of higher education institutions in fulfillment of their academic missions. Duke maintains an institutional membership that provides all Duke personnel with access to all content.
The Institute of Internal Auditors (IIA) -- The Institute of Internal Auditors (IIA) is an international professional association for audit professionals. The IIA is the internal audit profession's global voice, recognized authority, acknowledged leader, chief advocate, and principal educator. Generally, members work in internal auditing, risk management, governance, internal control, information technology audit, education, and security. Membership is required to access some content areas.
Higher Education Compliance Alliance (HECA) -- The Higher Education Compliance Alliance was created by the National Association of College and University Attorneys (NACUA) to provide the higher education community with a centralized repository of information and resources for compliance with federal laws and regulations. All Duke personnel have access to the full content.
Inside Higher Education -- Inside Higher Ed is an online source for news and opinion for all of higher education. It provides breaking news and feature stories, daily news and current events commentary, areas for comment and dialog on articles and resources for recruiting and career management.
North Carolina Healthcare Information & Communications Alliance (NCHICA) -- NCHICA is a nonprofit consortium representing many sectors of the healthcare industry. Their mission is to assist NCHICA members in accelerating the transformation of the U.S. healthcare system through the effective use of information technology, informatics and analytics.
Committee of Sponsoring Organizations of the Treadway Commission (CoSO)
RCA-Related Resources External to Duke
- Association for the Accreditation of Human Research Protection Programs (AAHRPP). AAHRPP promotes high-quality research through an accreditation process that helps organizations worldwide strengthen their human research protection programs (HRPPs).
- The registration section at website of ClinicalTrials.gov. ClinicalTrials.gov allows the registration of clinical studies with human subjects that assess biomedical and/or health outcomes and that conform to any applicable human subject or ethics review regulations (or equivalent) and any applicable regulations of the national or regional health authority (or equivalent).
- FDA - Food and Drug Administration -- The Food and Drug Administration (FDA) is an agency of the United States Department of Health and Human Services and is responsible for regulating food, dietary supplements, drugs, biological medical products, blood products, medical devices, radiation-emitting devices, veterinary products, and cosmetics in the United States.
- Office of Good Clinical Practices at the FDA is the focal point within FDA for Good Clinical Practice (GCP) and Human Subject Protection (HSP) issues arising in human research trials regulated by FDA.
- ICH - The International Conference on Harmonisation’s mission is to achieve greater harmonisation worldwide to ensure that safe, effective, and high quality medicines are developed and registered in the most resource-efficient manner.
- Good Clinical Practices is Efficacy Guideline E6. Good Clinical Practice (GCP) is an international ethical and scientific quality standard for designing, conducting, recording and reporting trials that involve the participation of human subjects. Compliance with this standard provides public assurance that the rights, safety and well-being of trial subjects are protected; consistent with the principles that have their origin in the Declaration of Helsinki, and that the clinical trial data are credible.
- National Institute of Health (NIH) -- A part of the U.S. Department of Health and Human Services, NIH is the largest biomedical research agency in the world.
- Office of Inspector General (OIG) -- Office of Inspector General's (OIG) mission is to protect the integrity of Department of Health & Human Services (HHS) programs as well as the health and welfare of program beneficiaries.
- OHRP - The Office for Human Research Protections (OHRP) provides leadership in the protection of the rights, welfare, and well being of subjects involved in research conducted or supported by the U.S. Department of Health and Human Services (HHS).
- 21 CFR 312 Investigational New Drug Application -- The Code of Federal Regulations section that contains procedures and requirements governing the use of investigational new drugs, including procedures and requirements for the submission to, and review by, the Food and Drug Administration of investigational new drug applications (IND's).
- 21 CFR 812 Investigational Device Exemptions --The Code of Federal Regulations section that contains procedures for the conduct of clinical investigations of devices. An approved investigational device exemption (IDE) permits a device that otherwise would be required to comply with a performance standard or to have pre-market approval to be shipped lawfully for the purpose of conducting investigations of that device.
- 45 CFR 46 Protection of Human Subjects -- Basic HHS Policy for Protection of Human Research Subjects which applies to all research involving human subjects conducted, supported or otherwise subject to regulation by any federal department or agency which takes appropriate administrative action to make the policy applicable to such research.
- Belmont Report -- This report, created in 1979, delineates the ethical principles and guidelines for research involving human subjects.
- The Nuremburg Code -- The Nuremberg Code is a set of 10 research ethical principles for human experimentation set as a result of the Nuremberg Trials at the end of the Second World War.
External Privacy-Related Laws, Regulations and Other Resources
- Berkman Center for Law and the Internet – A center at Harvard University founded to explore and study cyberspace and help pioneer its development.
- Educause - Privacy Library – A nonprofit association with the mission of transforming higher education through the use of information technology.
- Federal Trade Commission: Privacy and Security – Privacy and security resources from the FTC, a bipartisan federal agency with a unique dual mission to protect consumers and promote competition.
- Privacy and Security of Electronic Health Information Guide – The Office of the National Coordinator for Health Information Technology’s resource guide for complying with federal privacy and security requirements.
- Privacy Rights Clearinghouse – A nonprofit corporation whose mission is to engage, educate and empower individuals to protect their privacy.
- Children's Online Privacy Protection Act (COPPA) – Federal law that provides specific privacy protections for children under the age of 13.
- Digital Millennium Copyright Act (DMCA) – Federal law addressing copyright-related issues.
- Fair Credit Reporting Act (FCRA) – Federal law that promotes the accuracy, fairness, and privacy of information in the files of consumer reporting agencies.
- Family Education Rights Protection Act (FERPA) -– Federal law that protects the privacy of student education records.
- Federal Information Security Management Act (FISMA) – Federal law that recognizes the importance of IT security to the economic and national security interests of the U.S. and requires that agencies and others implement security programs.
- Gramm-Leach-Bliley Act (GLB) – Federal law that requires financial institutions to explain their information-sharing practices to their customers and to safeguard sensitive data.
- Health Insurance Portability and Accountability Act of 1996 (HIPAA) – Federal law that includes privacy protections for individually identifiable health information.
- North Carolina Identity Theft Protection Act – State law that seeks to prevent identify theft and guard and protect individuals’ privacy.
- Payment Card Industry Data Security Standards (PCI DSS) – Policies and procedures intended to optimize security of payment card transactions and protect cardholders against misuse of personal information.
- Red Flags Rule – FTC enforced rule that requires that certain businesses and organization implement identity theft prevention programs to detect, prevent and mitigate the damage of identity theft.
- State Breach Laws – State and U.S. territory breach notification laws.
- NIST - National Institute of Standards and Technology – A non-regulatory federal agency within the U.S. Department of Commerce that develops standards infrastructure for information technologies and applications.
- Information Technology Portal of NIST
Managing @ Duke. These memos are used to communicate important information on specific topics about the university’s operational or academic endeavors. The Managing @ Duke page of the HR website is currently underdevelopment. A link will be added to the Managers page of the HR website as soon as it is finalized.