Integrity Times
Welcome to Integrity Times, a snapshot of Integrity-related happenings at OHSU. We encourage you to pass this information on to others in your area. Issues are also archived on-line.
Feature Articles and Announcements
Does Your Activity Need IRB Review?
Rise in Phishing Attempts at OHSU
Changes to OHSU’s World Class Code of Conduct
Does your Activity need IRB Review??
Susan Bankowski, MS, JD
Assistant Professor, IRB Chair
Often, it is difficult to know if an activity meets the regulatory definition of human subject research.
Human subject means a living individual about whom an investigator (whether professional or student) conducting research obtains:
(1) Data through intervention or interaction with the individual, or
(2) Identifiable private information.
Research means a systematic investigation, including research development, testing and evaluation, designed to develop or contribute to generalizable knowledge. Activities which meet this definition constitute research for purposes of this policy, whether or not they are conducted or supported under a program which is considered research for other purposes. For example, some demonstration and service programs may include research activities.
There is now a new function in the eIRB that allows a PI to make a request of the IRB to make a determination, without a full study submission. The function is called Request a Determination and is available when you create a new study in the eIRB.
Rise in Phishing Attempts at OHSU
John Rasmussen
Information Security Officer
Over the past couple of months ITG has seen a slight increase in the number of phishing emails being received by OHSU employees. These emails purport to be from ITG and ask the user to send their login username and password immediately or risk losing access to their email account.
Phishing is defined as an attempt to fraudulently obtain sensitive user information through email. In the past these emails were sent out in bulk spam, but have become more sophisticated in recent years by carefully targeting their attacks. In these cases, the attacker will mimic a trusted source, such as OHSU, and even adopt logos and mission statements in the email. These targeted attacks are called “spear phishing”. In some cases the attacker targets high profile individuals only, including directors and executives, and this is called “whaling”.
If you see an email asking for your username and password or any other information like your credit card number or bank account number you should immediately delete the email. ITG or any of your personal financial institutions will never ask you for a password in an email. If something looks suspicious please call the ITG Helpdesk 4-2222 and ask them about it before responding.
New Changes to OHSU's World Class Code of Conduct
The Integrity Office is excited about the new changes to the Code of Conduct that make it more accessible and easier to navigate online, although much of the content remains unchanged. The new, sleeker format allows hard copies of the Code to print on fewer pages. Plus, we separated the Guiding Principles and Question/Answer sections to permit those who wish to print only the Guiding Principles to save both paper and time.
Code Summary: At the end of the Code, you will find a new, one-page summary sheet, which can easily be posted in lunchrooms, over copy machines, on bulletin boards, and in similar conspicuous areas. If you would like a laminated color copy of the summary page, please contact the Integrity Office.
Our Code of Conduct guides the behavior and performance of the OHSU community, therefore it is up to all of us make sure this document remains an integral part of our daily work lives.
Please review the Code of Conduct at http://www.ohsu.edu/integrity/policies/coc.cfm
