Centers for Medicare & Medicaid Services Executive Summary for Research Identifiable Data Version 8/2013; Updated 7/10/18 For CMS Use Only Privacy Board Approval Date: Part D Approval Date: DUA User name and title Richard Barohn, MD, Vice Chancellor for Research (see Item 16 of DUA) Requesting Organization1 University of Kansas Medical Center Type of Organization Study PI (if different from DUA User) Study Title Non-profit Lemuel R Waitman, PhD, Director, Medical Informatics “Greater Plains Collaborative PCORnet Cohort Characterization for Breast Cancer, ALS, and Obesity” Patient-Centered Outcomes Research Institute (PCORI) (see Item of DUA) Funding Source Executive Summary| Dissemination and Reporting of Findings |Data Management Plan | Project Staff| Collaborator Checklist EXECUTIVE SUMMARY Study Overview PCORnet was created in 2014 by the Patient Centered Outcomes Research Institute (PCORI) to further the goals of the Learning Health System and help to answer questions that are important to patient, clinician, and health system stakeholders PCORnet includes 11 clinical data research networks (CDRNs) and 18 patient-powered research networks (PPRNs) Each of the CDRNs is charged with aggregating longitudinal data on over million individuals that is appropriate to inform all care that a patient receives, as well as creating longitudinal cohorts — one rare disease, one common condition, and one to examine obesity In addition, PCORI envisions PCORnet as a national resource to understand the development of health and disease in our country; we share this goal In order to understand all care a patient receives, either the CDRN’s clinical delivery system needs to provide all of the care for that patient or needs to supplement delivery system data with insurance claims data that identifies care received outside of the CDRN’s clinical delivery system Throughout phase of the PCORnet contract (March 2014-September 2015) and continuing in phase (October 2015-October 2018) there are contractual milestones to understand the degree to which a CDRN manages complete and comprehensive data for the patient population and to test that complete and comprehensive data first with the three longitudinal cohorts defined in the phase contract For the Greater Plains Collaborative (GPC) CDRN, our rare disease is amyotrophic lateral sclerosis (ALS), our common disease is breast cancer, and we are tracking obesity in the context of all patients with healthy and unhealthy weights as specified by the PCORnet obesity task force This obesity cohort is shared with the other CDRN PCORnet colleagues Within the context of GPC and PCORnet, our study has four overarching aims: (1) To understand the development, treatment, and progression of breast cancer (2) To understand the development, treatment, and progression of amyotrophic lateral sclerosis (ALS) (3) To understand the development, treatment, progression, and consequences of healthy and unhealthy (overweight and obesity) weight Throughout this document, “organization” can be interpreted as the company, agency, or group or team within a company, depending on which makes more sense in context with the research study for which CMS data files are being used For example, large companies may defer to a CMS data file inventory for just their team; whereas smaller companies may keep a single CMS data file inventory for the entire company Executive Summary for Research Identifiable Data Version 8/2013, Updated 7/10/18 (4) Serve as a greater national resource to understand the development, treatment, progression, and consequences of acute and chronic disease cared for within the United States healthcare system and in support of quality care for the conditions championed by the Patient Powered Research Networks in PCORnet as well as the other conditions studied by our peer CDRNs We are including investigators from the ABOUT Hereditary Breast Cancer PPRN (http://pcornet.org/patient-powered-research-networks/pprn8-university-of-south-florida/) and the Vasculitis PPRN (http://pcornet.org/patient-powered-research-networks/pprn14-university-of-pennsylvania/) To support these aims from a methodological basis, we seek to expand the data completeness of our patients’ health care processes and outcomes and understand the information gain for our complete and comprehensive population by comparing correlations between the Medicare and Medicaid claims data with the data in our CDRN that includes the electronic health record and billing data from each of our component health systems, clinical registry data (e.g hospital tumor registries), private payer claims data, and patient-reported outcomes, as available, and work with our GPC and CDRN investigators to answer specific cohort questions to achieve our overarching aims Our first methodological hypothesis is that when our health systems function as tertiary or quaternary care facilities, they will hold very comprehensive (detailed, multifactorial signals, structured and un-structured) indicators of health and care processes but as patients return to their primary care and especially rural environments, the Medicare and Medicaid claims data will provide valuable signals of follow up care processes and outcomes In this context, we seek to measure the contribution of claims data to fill in a more “complete” picture of our patients’ health Second, there is considerable variability in the mix of primary versus specialty care within our health systems and in comparison to the larger United States healthcare system composed of community hospitals and providers The degree to which analyses based upon the cohorts contained in the GPC reflect the larger populations within our states is not well characterized We will calculate the distributions of our three conditions and their treatment patterns for our cohorts within the GPC relative to their occurrence in our larger state regions Finally, during the tertiary care periods, understanding the correlation between EMR, billing and claims data is not well described for a diverse set of health systems encompassed by the GPC Most of the risk adjustment and health services research has rested on standardized claims data from sources such as CMS Our ability to use rich and more current clinical and administrative data to drive trial recruitment and observation for PCORnet will hinge on the ability to quality control these new data sources and quantify the relative support of EMR and billing systems-based computable phenotypes versus established claims-based models In closing, we will create a de-identified resource that merges CMS claims and GPC site data to characterize the increase in data completeness and comprehensiveness provided through claims integration We will be conducting three technical and methodological analyses in support of our cohorts: (1) Quantifying completeness of the health system-derived data repositories (2) Evaluating the distributions of health and care processes for the patients within the GPC versus the larger Medicare and Medicaid populations in our region to understand how studies of the GPC population generalize to the broader populations in our states (3) Using CMS claims data to enhance quality control processes for aggregating health system-derived data and establishing correlations with CMS claims data for health system-derived data to support trial recruitment and observational studies, i.e validating the use of EMR data for recruitment How have you ensured that your data request includes the minimum amount of data necessary to achieve your research objectives? Executive Summary for Research Identifiable Data Version 8/2013, Updated 7/10/18 2.1 Please describe how this cohort will meet minimum data necessary (Include estimated cohort size Refer to your cost invoice.) This cohort will include only individuals residing in GPC regions supported by the GPC institutions NIH Clinical and Translational Science Award/Great Plains IDEA – Clinical and Translational Research, which includes the following states: Kansas, Missouri, Iowa, Wisconsin, Nebraska, Minnesota, Texas, Utah, North Dakota, South Dakota and Indiana Note: Utah joined the GPC as a partner in 2018 and Nebraska’s CTR now supports the state of North Dakota and South Dakota The geographic region described contains approximately 16 million beneficiaries Because people may move between health systems, it is necessary to cover the regions, rather than the individuals, covered by the health systems Therefore to accomplish the second aim in comparing our three studied conditions and their treatment patterns against the larger population within the states, it is necessary to obtain claims data for all patients residing in the eleven states The reason for requesting the use of multiple years of data for the pre-defined patient cohort (i.e., ALS, breast cancer, obesity) is to be able to support cohort characterization over time within our health systems We anticipate refreshing this resource annually to (1) adjust our quality control methods, (2) continue our cohort characterization efforts for ALS, breast cancer, and obesity, and (3) provide an efficient resource to support additional cohort characterization activities approved by CMS as separate subsequent reuse Data Use Agreements 2.2 List the CMS data files and years being requested at this time and provide justification for how each will be used in the analysis If requesting reuse of data, include the DUA # to be reused The list of files should match Item #5 of DUA 2.2.1 Medicare (claims and enrollment) or Medicaid (claims and enrollment) We are requesting the following research identifiable files (RIF) from CMS and provided justification for each  Outpatient & Carrier, cohort1 [2011-2016] Outpatient and Carrier claims are necessary to capture healthcare events that occur outside of our health systems (capturing follow up care processes and outcomes) as well as validate events that occur within our health systems For example, a patient may be diagnosed at the University of Kansas Cancer Center but return to Western Kansas for follow up care In addition, for breast cancer patients not treated at university cancer centers, we will be able to establish comparative data regarding treatment patterns and outcomes Furthermore, our cohort leaders have identified ambulatory procedures as key characteristics for characterizing our cohorts  Home Health & Hospice, cohort1 [2011-2016] The homehealth and hospice RIFs are necessary to capture healthcare services provided by home health and hospice providers, which is outside of our health systems The files contribute towards completing the picture of patients’ healthcare history and is especially valuable for understanding the care of our ALS patients  Master Beneficiary Summary File Base, (A/B/D) Segment, cohort1 [2011-2016] The base (A/B/D) segment is necessary for evaluating patient characteristics across GPC versus the larger Medicare and Medicaid population in our regions  MedPAR (SS/LS/SNF), cohort1 [2011-2016] The MedPAR file is necessary to capture inpatient and skilled nursing facility (SNF) healthcare events that occur outside of our health systems (capturing follow up care processes and outcomes) as well as validate events that occur within our health systems The inpatient hospital data is necessary for Executive Summary for Research Identifiable Data Version 8/2013, Updated 7/10/18 understanding the correlation between EMR, billing, and claims data during tertiary care periods For example, we hope to study whether hospital encounters claimed correlate with what is documented in EMR SNF event data is valuable for completing the picture of patients’ follow-up care occurring outside of our health system  MAX Personal Summary, cohort 2, [2011-2012] The MAX Person Summary is a denominator file necessary for evaluating patient characteristics and summarized healthcare utilization of patients across GPC versus the larger Medicare and Medicaid population in our regions  MAX Inpatient File, cohort2, [2011-2012] The MAX Inpatient File is necessary to capture healthcare events that occur outside of our health systems (capturing follow up care processes and outcomes) as well as validate events that occur within our health systems  MAX Prescription Drug, cohort 2, [2011-2012] The MAX Prescription Drug file is necessary to capture medication exposures that occur outside of our health systems (capturing follow up care processes and outcomes) as well as validate medication exposures that occur within our health systems  MAX Other Therapies, cohort2, [2011-2012] The MAX Other Therapies file is necessary to capture healthcare events that occur outside of our health systems (capturing follow up care processes and outcomes) as well as validate events that occur within our health systems  MAX Long Term Care File, cohort2 [2011-2012] The MAX Long Term Carefile is necessary to capture healthcare events that occur outside of our health systems (capturing follow up care processes and outcomes) as well as validate events that occur within our health systems Medicaid accounts for nearly 50% of the nursing home care in our region  Crosswalk (GPC ID to Bene ID; GPC ID to MSIS ID) [current] Crosswalk is necessary to link the Medicare and MAX files to GPC site data (EMR, registry and billing information, death status) 2.2.2 Part D event data (if using in study)  Part D Event data (available starting CY2006), unencrypted IDs., cohort [2011-2016] We are requesting Medicare Part D Drug Event Data for 2011, 2012 and 2013; Medicare Part D Drug Event Data are necessary to capture medication exposures that occur outside of our health systems (capturing follow up care processes and outcomes) as well as validate medication exposures that occur within our health systems Our cohort leaders have identified medications as key characteristics for characterizing our cohorts 2.2.3 Part D characteristics files (if using in study)  Part D Drug Characteristic File (append to PDE), cohort [2011-2016] We are also requesting Medicare Part D Drug Characteristics File for 2011, 2012, and 2013 It allows us to capture more detailed information on treatment received by patients We are not requesting Provider, Pharmacy, Plan or Formulary characteristics files 2.2.4 Assessment data (if using in study) Executive Summary for Research Identifiable Data Version 8/2013, Updated 7/10/18 Not applicable 2.3 If this study will require further years of CMS data that are not yet available for request, please list those CMS data files and years that will be required for the entire scope of your study (Note: Approval of data files for years that are not yet available will NOT be granted at this time, the information included here will simply provide CMS with an overview of your study) We will require Medicare 2016 and subsequent year files for annual updates given the renewal of our PCORI CDRN Phase contract which has a study period from October 2015 through 2018 We arerequesting similar 2012 Medicaid MAX data 2.4 Please list any non-identifiable or non-CMS files you are planning to use in conjunction with the above files for your analysis (e.g Provider of Services (POS) file, AMA Physician Master file, etc.) We will link the CMS data files with our CDRN i2b2-enabled clinical data warehouses at each GPC site containing EMR, registry and billing information, death status, but also sociodemographic information on the census tract level which was derived from the American Community Survey and the 2010 Census Summary File (https://assets.nhgis.org/original-data/acs/2012ACS_5.pdf and https://assets.nhgis.org/original-data/modern-census/2010sf1.pdf ) The final linked resource used in the analysis will be completely de-identified We will use the CMS National Plan and Provider Enumeration System (NPPES) for quality assurance of the claims provider versus the providers identified in the electronic medical record for the encounter We will use the Provider of Services file also to categorize the institutions providing care within and external to our participating GPC institutions You are requesting Research Identifiable Files (RIF) Why can’t Limited Data Set (LDS) files be used for this study? The objective of PCORnet is to link complete and comprehensive data for our regions and health systems That requires linking CMS data to each site’s EMR data The linking requires RIF (as opposed to the LDS Files) because we need data files that are not available as in an LDS file, such as the MAX and PDE We plan to enhance the privacy of our patient level data by hashing the patient identifiers so that the final product managed at KUMC on behalf of the GPC members is a fully de-identified repository to conduct our completeness/comprehensiveness analysis This is illustrated in the figure on the following page While unique identification numbers or personal identifying information (PII) such as surnames, given names, date of birth, and address would make record linkage straightforward, distribution of such information is however restricted due to privacy concerns Since patient’s trust is with their home health systems and academic medical centers, we seek to avoid transmitting PII through the GPC network infrastructure We would seek to work with ResDAC, the CMS Contractor, and other CDRNs such as PaTH (http://www.pcornet.org/clinical-data-research-networks/cdrn11university-of-pittsburgh/) and CAPriCORN to implement a privacy-preserving approach for brokering file linkage between CDRNs and CMS to support PCORnet First, individual GPC sites will send the NewWave-GDIT (Research Data Distribution Center under contract with CMS) encrypted beneficiary identifiers (e.g., SSN, HICs, name, DOB) along with a hashed IDs generated from the hashing algorithm (reference figure below) After receiving beneficiary information from each GPC sites, NewWave-GDIT will generate the finder files that contain mappings between the hashed IDs and CMS IDs and send the crosswalk files and CMS data back to KUMC (not individual GPC sites) Finally, KUMC will integrate the crosswalk and CMS data with individual site EMR data (limited data set) through linking the hashed IDs This will allow KUMC to achieve record linkage of patients’s EMR and claims data without obtaining or retaining actual patient level PII from individual GPC Executive Summary for Research Identifiable Data Version 8/2013, Updated 7/10/18 sites At last, the merged dataset will be de-identified and made available to project team members for running analyses or using the i2b2 client Is it feasible to obtain individual level authorization from Medicare/Medicaid beneficiaries for your research? Explain Field should not be italicized, font size should be 11 – system will not let me change With over one million patients’ data needed for these analyses, there is a lack of the time and fiscal resources to obtain patient-level authorization for these data We also seek to make the resulting data set fully de-identified to enhance patient privacy and need for individual level authorization If you intend on requesting the National Death Index segment of the Master Beneficiary Summary File, please complete the NDI Supplement    YES, I’ve included the NDI Supplement X NO, I’m not requesting the NDI Executive Summary for Research Identifiable Data Version 8/2013, Updated 7/10/18 If this research project is funded by a commercial entity, the (primary) lead investigator attests that they will limit data sharing with the funding entity to aggregated analytic results and will retain the right to independently prepare publications of the study results X I attest 9/15/2015 Signature of (Primary) Lead Investigator Date DISSEMINATION AND REPORTING OF FINDINGS From the CMS DUA, “The User agrees that any use of CMS data in the creation of any document (manuscript, table, chart, study, report, etc.) concerning the purpose specified in section (regardless of whether the report or other writing expressly refers to such purpose, to CMS, or to the files specified in section or any data derived from such files) must adhere to CMS’ current cell size suppression policy This policy stipulates that no cell (e.g admittances, discharges, patients, services) 10 or less may be displayed Also, no use of percentages or other mathematical formulas may be used if they result in the display of a cell 10 or less.” X I agree Please describe your plans for disseminating the findings from your analysis, including specific media through which you will report results The analytic methods and code developed to support PCORnet will be shared as open source materials on our GPC websites to facilitate adoption and dissemination with the PCORnet and potential investigators who might use the PCORnet resource Our summarized analytic and quality control results (adhering to the cell size suppression policies) will be shared with the PCORnet coordinating center and PCORI Results from the study will be targeted for publication in peer-reviewed journals for each of the cohorts and the informatics methods employed Prior to publication, the results may be presented at a national or international scientific meeting, such as the annual AMIA Joint Summits on Translational Science, Association for Clinical and Translational Science, San Antonio Breast Cancer Symposium, and the American Association of Neuromuscular & Electrodiagnostic Medicine Annual Meeting Executive Summary for Research Identifiable Data Version 8/2013, Updated 7/10/18 PROJECT STAFF This section specifically identifies the project staff, organization, and the role of individuals in this project The requestor and custodian should be named in this section at a minimum 1.Name & Title of Requestor /User Organization Role in this Study Will this individual have access to raw data, analytic files, or output with cell sizes less than 11? Richard Barohn, MD, Vice Chancellor for Research University of Kansas Medical Center Signatory authority for requesting organization; not a co-investigator (Role C)    NO    YES, this individual will be directly supervised by DUA signatory, [Name]  X YES, this individual has signed the DUA 2.Name & Title of Custodian Organization Role in this Study Will this individual have access to raw data, analytic files, or output with cell sizes less than 11? Lemuel R Waitman, PhD, Director, Medical Informatics University of Kansas Medical Center Principal Investigator (Roles A and C)    NO    YES, this individual will be directly supervised by DUA signatory, [Name]  X YES, this individual has signed the DUA 3.Name & Title Organization Role in this Study Will this individual have access to raw data, analytic files, or output with cell sizes less than 11? Jeffery Statland, MD, Assistant Professor, Neurology University of Kansas Medical Center Co-investigator (Role C) X NO    YES, this individual will be directly supervised by DUA signatory, [Name]     YES, this individual has signed the DUA or signature addendum 4.Name & Title Organization Role in this Study Will this individual have access to raw data, analytic files, or output with cell sizes less than 11? Daniel W Connolly, Lead Biomedical Informatics Software Engineer University of Kansas Medical Center Data Analyst and Informatics Specialist (Role A and C)    NO    YES, this individual will be directly supervised by DUA signatory, [Name]  X YES, this individual has signed the DUA or signature addendum 5.Name & Title Organization Role in this Study Will this individual have access to raw data, analytic files, or output with cell sizes less than 11? Mei Liu, PhD, Assistant Professor, Medical Informatics University of Kansas Medical Center Co-investigator also leading GPC implementation of linkage methods (Role C)    NO X YES, this individual will be directly supervised by DUA signatory, Lemuel R Waitman _ YES, this individual has signed the DUA or signature addendum 6.Name & Title Organization Role in this Study Will this individual have access to raw data, analytic files, or output with cell sizes less than 11? Jennifer Klemp PHD, MPH, Assistant Professor, Hematology/Oncology University of Kansas Medical Center Breast cancer researcher and co-investigator (Role C)    NO    YES, this individual will be directly supervised by DUA signatory, [Name]  X YES, this individual has signed the DUA or signature addendum Executive Summary for Research Identifiable Data Version 8/2013, Updated 7/10/18 7.Name & Title Organization Role in this Study Will this individual have access to raw data, analytic files, or output with cell sizes less than 11? Elizabeth Chrischilles, PhD, Professor, Chair, Public Health University of Iowa Epidemiologist and lead investigator on breast cancer (Role C)    NO    YES, this individual will be directly supervised by DUA signatory, [Name]  X YES, this individual has signed the DUA or signature addendum 8.Name & Title Organization Role in this Study Will this individual have access to raw data, analytic files, or output with cell sizes less than 11? Bradley McDowell, Director, Population Research Core University of Iowa Research scientist (Role C)    NO    YES, this individual will be directly supervised by DUA signatory, [Name]  X YES, this individual has signed the DUA or signature addendum 9.Name & Title Organization Role in this Study Will this individual have access to raw data, analytic files, or output with cell sizes less than 11? Elena Letuchy, Statistician University of Iowa Research scientist (Role C)    NO X YES, this individual will be directly supervised by DUA signatory, Chrischilles    YES, this individual has signed the DUA or signature addendum 10 Name & Title Organization Role in this Study Will this individual have access to raw data, analytic files, or output with cell sizes less than 11? Jennifer Schlichting, Research Scientist University of Iowa Epidemiologist (Role C)    NO    YES, this individual will be directly supervised by DUA signatory, [Name] X YES, this individual has signed the DUA or signature addendum 11 Name & Title Organization Role in this Study Will this individual have access to raw data, analytic files, or output with cell sizes less than 11? Bjarni Haraldsson, Graduate Student University of Iowa Epidemiologist (Role C)    NO X YES, this individual will be directly supervised by DUA signatory, Chrischilles    YES, this individual has signed the DUA or signature addendum 12 Name & Title Organization Role in this Study Will this individual have access to raw data, analytic files, or output with cell sizes less than 11? Ingrid Lizarraga, MBBS, Assistant Professor, Surgery University of Iowa Oncologist and co-investigator (Role C) X NO    YES, this individual will be directly supervised by DUA signatory, [Name]    YES, this individual has signed the DUA or signature addendum 13 Name & Title Organization Role in this Study Will this individual have access to raw data, analytic files, or output with cell Jeremy Stoltenberg, System Analyst University of Iowa IT Administrator (Role A)    NO    YES, this individual will be directly supervised by DUA signatory, [Name] Executive Summary for Research Identifiable Data Version 8/2013, Updated 7/10/18 sizes less than 11? X YES, this individual has signed the DUA or signature addendum 14 Name & Title Organization Role in this Study Will this individual have access to raw data, analytic files, or output with cell sizes less than 11? Nicholas Rudzianski, Research Assistant University of Iowa Server Manager (Role A)    NO X YES, this individual will be directly supervised by DUA signatory, Chrischilles    YES, this individual has signed the DUA or signature addendum 15 Name & Title Organization Role in this Study Will this individual have access to raw data, analytic files, or output with cell sizes less than 11? Amy Trentham-Dietz, PhD, Professor, Population Health Sciences University of Wisconsin – Madison Breast cancer researcher and co-investigator (Role C)    NO    YES, this individual will be directly supervised by DUA signatory, [Name] X YES, this individual has signed the DUA or signature addendum 16 Name & Title Organization Role in this Study Will this individual have access to raw data, analytic files, or output with cell sizes less than 11? Joan Neuner, MD, MPH, Associate Professor, General Internal Medicine Medical College of Wisconsin Breast cancer researcher and co-investigator (Role C)    NO    YES, this individual will be directly supervised by DUA signatory, [Name] X YES, this individual has signed the DUA or signature addendum 17 Name & Title Organization Role in this Study Will this individual have access to raw data, analytic files, or output with cell sizes less than 11? George Kowalski, Biomedical Informatics Software Engineer Medical College of Wisconsin Informatics Specialist (Role A and C)    NO    YES, this individual will be directly supervised by DUA signatory, [Name] X YES, this individual has signed the DUA or signature addendum 18 Name & Title Organization Role in this Study Will this individual have access to raw data, analytic files, or output with cell sizes less than 11? Robert Greenlee, PhD, MPH, Research Scientist Marshfield Clinic Research Foundation Epidemiologist and co-investigator (Role C) X NO    YES, this individual will be directly supervised by DUA signatory, [Name]     YES, this individual has signed the DUA or signature addendum 19 Name & Title Organization Role in this Study Will this individual have access to raw data, analytic files, or output with cell sizes less than 11? Adedayo Onitilo, MD, Chair, Hematology/Oncology Marshfield Clinic Research Foundation Oncologist and co-investigator (Role C) X NO    YES, this individual will be directly supervised by DUA signatory, [Name]     YES, this individual has signed the DUA or signature addendum 20 Name & Title Organization Role in this Study Will this individual have access to raw Anne Blaes, MD, Assistant Professor, Hematology/Oncology & Transplatation University of Minnesota Breast cancer researcher and co-investigator (Role C)    NO 10 Executive Summary for Research Identifiable Data Version 8/2013, Updated 7/10/18 enforce the strong password provision at the time of password creation All file and directory access is controlled by groups and users rights Users must have only the minimal access to systems and data that are required to perform their roles No raw data will be downloaded to a PC or hard drive at any time All access to the KUMC computing network is protected through a comprehensive defense-in-depth architecture On the perimeter, protection is provided by border router access control lists (ACLs), ingress and egress hardware firewalling, an intrusion prevention system (IPS), and logical network zones that have further ACLs applied to them The server is only reachable from within the KUMC internal secure network External access is adjudicated through approved and authorized virtual private network (VPN) accounts Administrative access to the server is regulated through the password-protected UNIX secure shell (SSH) system All logs from the network and from the server are centralized and reviewed for unapproved activity Additionally, only certain members of the project study team have network access to the server Key personnel who will have access to the raw CMS data are Bhargav Adagarla, Daryl Budine, and Lav Patel (personnel performing Role B: data integration) All CMS data management and analysis will occur directly on the de-id secure sever, eliminating the need to house data on desktops or laptop computers CMS data will not be stored on any removable media Our institutional Computer Security Policy can be found at: http://policy.ku.edu/KUMC/informationtechnology/computer-security Particularly applicable are the Sensitive Information in Electronic and Paper-Based Systems policy at http://policy.ku.edu/KUMC/information-technology/sensitive-information and Password Policy at http://policy.ku.edu/KUMC/information-technology/password-policy 1.8 Explain your organization’s system or process to track the status and roles of the research team KUMC maintains records of all IRB approved projects on their status of submission, modification, and continuing review through eCompliance (the University of Kansas implementation of Click Commerce http://www.huronconsultinggroup.com/Expertise/Software/Click_Portal/Click_IRB_7 ) Click Commerce is widely used across academic medical centers and universities to manage institutional review board processes and defines study team member roles as an explicit field We will establish connection between the IRB protocol governing the data request and the CMS approval details (CMS DUA number, matched study name, date the organization received data from CMS, inventory of data files and finder files received from CMS) The study termination portions of eCompliance will be used to track date of data destruction and Certification of Disposition status with CMS We will also use the eCompliance system to track all study members on their access level to the CMS data The PI or his delegate of this study will update eCompliance within 72 hours of any status change (active, pending, closed) and if there are any change in the roles of the research team (addition, modification of role, deletion from the study team) There is an annual review of all studies and their current status The annual review includes a required verification of project staff and roles as well as their timely completion of HSC/HIPAA training, computer security, and other research trainings 1.9 Describe your organization’s physical and technical safeguards used to protect CMS data files (including physical access and logical access to the files) In accordance with the CMS Agreement, KUMC will establish appropriate safeguards including encryption at rest and during transmission These safeguards will provide the foundation that meets and/or exceeds the security requirements established by the Office of Management and Budget (OMB), Federal Information Processing Standard 200 (FIPS), and NIST 800-53 special publication entitled, “Recommended Security Controls for Federal Information Systems.” 23 Executive Summary for Research Identifiable Data Version 8/2013, Updated 7/10/18 CMS data files will be stored on a secure server housed within the KUMC secured datacenter, which is restricted only to authorized personnel and will require authorization through the use of issued badges, identity cards, and keys Visitors to the restricted area must be logged, badged, authorized, and escorted at all times After the transfer of data on to the secure servers, the physical storage media (from CMS contractor) holding source CMS data will be placed in a safe managed by the KUMC IR The servers hosting the data are only reachable from within the KUMC internal secure network The access to the KUMC computing network is protected through a comprehensive defense-in-depth architecture On the perimeter, protection is provided by border router access control lists (ACLs), ingress and egress hardware firewalling, an intrusion prevention system (IPS), and logical network zones that have further ACLs applied to them The server is only reachable from within the KUMC internal secure network External access is adjudicated through approved and authorized virtual private network (VPN) accounts Administrative access to the server is regulated through the password-protected UNIX secure shell (SSH) system All users will be required to have strong passwords of minimum and maximum 16 characters consisting of letters, numbers and special characters, changed on an annual basis, and would not be reused for a minimum of 10 cycles The system tools enforce the strong password provision at the time of password creation All file and directory access is controlled by groups and users rights Users must have only the minimal access to systems and data that are required to perform their roles No raw data will be downloaded to a PC or hard drive at any time All logs from the network and from the server are centralized and reviewed for unapproved activity Additionally, only certain members of the project study team have network access to the server Key personnel who will have access to the raw CMS data are Bhargav Adagarla, Daryl Budine, and Lav Patel (personnel performing Role B: data integration) All CMS data management and analysis will occur directly on the secure sever that only holds deidenfied CMS and EMR data, eliminating the need to house data on desktops or laptop computers CMS data will not be stored on any removable media The following is the KUMC’s general policy on computer security excerpted from: http://policy.ku.edu/KUMC/information-technology/computer-security: Physical - Access to data centers housing information systems and wiring closets housing networking infrastructure will be restricted to authorized personnel only and will require authorization through the use of issued badges, identity cards, keys, etc - Visitors to these restricted areas must be authorized and escorted at all times Logs of visitor access will be maintained and reviewed - Building wiring will be concealed and access portals locked - Obsolete computer equipment will be disposed of according to the Computer Equipment Disposal and Media Sanitization Policy (http://policy.ku.edu/KUMC/information-technology/equipment-disposal) Network - All network equipment and software will be installed and maintained by Information Resources Users may not install hubs, wireless access points, terminal services, or other equipment that extends the network nor may they access, alter, remove, connect to, or otherwise tamper with any equipment managed by Information Resources - Programs that interfere with proper network operation or that create substantial interference or risk will not be allowed 24 Executive Summary for Research Identifiable Data - - Version 8/2013, Updated 7/10/18 All network access points will be protected by a firewall and intrusion prevention systems that monitor and control communications Traffic matching specific reconnaissance, intrusion or virus patterns will be prevented from entering or exiting the network All boundary protection systems will be managed and monitored by Information Resources staff Information flow between information systems (particularly between systems of different sensitivity classifications) will be restricted through the use of access control lists, filtering or other mechanisms, as needed Remote access to networked systems and devices will be permitted only as specified in the Remote Access Security Policy Server and Applications - All server-based systems must be administered by a qualified information technology professional and meet the security guidelines established for each sensitivity classification level - Servers will be setup and maintained in accordance with security baselines developed by Information Security Where possible, adherence to these baselines will be automatically enforced Contact Information Security at 913-588-3333 for the current baselines - All servers must be certified by Information Security before being placed into use - All servers will be located within one of the University's secured data centers and registered with Information Resources - Sensitive information must not reside on Internet-facing servers (must be located in the private network.) - All servers and applications accessed over the network must use only encrypted authentication mechanisms unless otherwise authorized by Information Security - Servers and applications will be configured to notify appropriate personnel in the event that inappropriate, unusual and/or suspicious activity is noted Data - Backups will be performed according to schedules determined by type, sensitivity, importance, and value - Encryption will be applied based on type, sensitivity, importance and value - The record retention schedule will govern the storage of data - Sensitive information, including but not limited to protected health information (PHI) and social security numbers (PII), will be safeguarded in compliance with KUMC's Sensitive Information in Electronic and PaperBased Format operational protocol - Sensitive data transmitted into or out of the KUMC network via the public Internet must be encrypted Encryption may be accomplished through VPN, SSL, SSH, SFTP or other secure methods approved by the Director of Information Security Encryption is not needed for data transmitted via dedicated line when the offsite location is protected by a firewall User - With the exception of public-facing informational systems, access to systems and data will require authentication with individual and unique logins and passwords - Users must have only the minimal access to systems and data that are required to perform their roles - Data owners must authorize access to their respective systems - Passwords for all user accounts will adhere to the standard outlined in the Password Security policy - Access for users who change roles will have their access reviewed and updated, as required - Access will be immediately terminated when a user separates from the Medical Center Inactive accounts will be disabled or deleted after review - All users will complete Computer Security Awareness Training within 30 days of the start of their relationship with the University and on an annual basis thereafter Completion of the training will include documented acceptance of University technology-related policies 25 Executive Summary for Research Identifiable Data Version 8/2013, Updated 7/10/18 Specifically for the server that will host CMS data of this project, technical measures are implemented at the network, server, database, and application levels These controls pertain to technical configurations and enable an authorized user to access appropriate information at the authorized level of granularity (see SOP) All logs of the server are reviewed regularly working with the KUMC network security team DATA SHARING, ELECTRONIC TRANSMISSION, DISTRIBUTION 2.1 Describe your organization’s policies and procedures regarding the sharing, transmission, and distribution of CMS data files For this project, there will not be any data sharing outside of the research team except for aggregated, deidentified results with appropriate cell size suppression (e.g < 11 subjects) Only authorized users on staff at KUMC will have access to the raw data files Sharing, transmission and distribution of, raw data files are governed by the broad KUMC policies on Research Record Management, Disposition and Retention (https://policy.ku.edu/KUMC/Vice-Chancellor-Research/records-ownership-retention), which includes the following policies and procedures Sharing of Research Records  Internal: Research Records created by KUMC PIs may be shared for research or scholarly purposes with other KUMC personnel when such sharing is not limited by written agreement, policy, or regulation PIs shall make every effort to protect intellectual property rights  External: Certain external sponsors (e.g., U.S Public Health Service) require that research records gathered in the course of research supported with their funds be shared in a timely manner with qualified individuals in the scientific community after the associated research results have been published or provided to the sponsor When research records sharing is not governed otherwise by another written agreement or an applicable policy or regulation, research records created by KUMC PIs may be shared with a broad scientific or educational audience Tangible Research Materials shall be shared with persons or entities outside KUMC (or vice-versa) only by specific written agreement Such specific agreements may include but are not limited to Material Transfer Agreements, grants, and contracts and must be processed through the KUMC Research Institute or KU Innovation and Collaboration, as appropriate Transfer of Research Records  For this protocol, KUMC will retain all original Research Records until the end of the data use agreement Any patient/subject records will require appropriate patient/subject authorization for use and disclosure to another entity  If a grant is being transferred to another university or institution along with the PI, then the PI is responsible for leaving all of the original Research Records with KUMC  The PI may take copies of Research Records not involving human subjects, upon written approval of the Vice Chancellor for Research  Before transferring the grant and a copy of the Research Records, the PI must also ensure that any special conditions stated in the grant, contract, or cooperative agreement are met  The PI’s KUMC department is responsible for archiving the Research Records for the duration of the data use agreement period  Prior to allowing the removal of any Tangible Research Product from KUMC, the recipient/university must execute a Material Transfer Agreement with KUMC 2.2 If your organization employs a data tracking system, please describe 26 Executive Summary for Research Identifiable Data Version 8/2013, Updated 7/10/18 A CMS Data User’s SOP will be created that outlines relevant regulatory and operational policies regarding content, use, and access of the CMS data files The SOP will list specific server locations for the files, and reiterates to users the critical nature of storing and analyzing CMS data only on the secure server Only certain members of the project study team have network access to the secure server Key personnel who will have access to the raw CMS data are Bhargav Adagarla, Daryl Budine, and Lav Patel (personnel performing Role B: data integration) All CMS data management and analysis will be conducted directly on the secure sever, eliminating the need to house CMS data on individual desktops or laptop computers All logs from the network and from the server that will store CMS data are centralized and reviewed regularly for unapproved activity Logging and auditing is performed at the operating system, database, and application levels The operating system access log reports generated by Information Security for the server are reviewed weekly by the database administrator KUMC will use a REDCap project database to track the CMS data inventory that are retained on the two servers, including all new and reuse DUAs, DUA renewal, and/or expiration dates and statuses, principal investigators and study team members, relevant CMS files, and studies approved to utilize each file 2.3 Describe the policies and procedures your organization has developed for the physical removal, transport and transmission of CMS data files The physical removal, transport and transmission of CMS data fall under existing KUMC policies on Research Record Management, Disposition and Retention (https://policy.ku.edu/KUMC/Vice-Chancellor-Research/recordsownership-retention) We are ensuring that these relevant policies and procedures are available on file We are also in the process of creating a work instruction document that summarizes the complete procedures for working with CMS data, including detailed references to all institutional policy and procedure documents This document will be incorporated into the Division of Medical Informatics Standard Operating Procedures TRAC project management system hosted on the intranet accessible on campus but behind institutional firewalls For this project, CMS data will be transported to KUMC through secure overnight mail shipment by Federal Express Physical CMS files are received by the custodian named on the DUA The custodian will pass the data to the Role B team member, Daryl Budine or Lav Patel, who loads the data onto our secure server in the KUMC datacenter The physical CMS data media will be stored in a safe managed by the KUMC Information Resources Once the data is transferred to the secure server, only authorized project staff (i.e., Bhargav Adagarla, Daryl Budine, and Lav Patel) has access to the raw files Other study team members will only be able to access the final de-identified repository and author analysis code or query specifications that result only in output that generates cell sizes 11 and greater We not anticipate any physical removal or transmission of CMS data files In the event that a server upgrade is required, all file transfers will be completed through encrypted channels If GPC investigators request the use of CMS data for new projects, they are required to submit an independent data reuse application to CMS for approval Upon approval, we will work with ResDAC to develop a policy and procedure agreement on how the reuse data integration and transmission should be conducted Per our institution’s existing policy on records retention: Destruction of Data - When the Research Records have met the applicable retention guidelines, the documents will be shredded and the following recorded: Principal Investigator name; protocol identifiers such as funding 27 Executive Summary for Research Identifiable Data - Version 8/2013, Updated 7/10/18 source or sponsor (when applicable), protocol number (when applicable), HSC, IACUC or committee identifier; date shredded; person shredding the documents; and a summary of documents shredded If the study is an industry-sponsored study, prior to shredding documents or disposal of materials, the sponsor will be contacted and written permission obtained to destroy the documents Records/data cannot be destroyed until the institutional requirements for data destruction are met Moreover, the following policies and procedures from KUMC IRB SOP 4.0 on Privacy and Confidentiality apply (http://www.kumc.edu/compliance/human-research-protection-program/institutional-review-board/policiesand-regulations.html): 4.4 Physical Security for Research Data I All KUMC researchers are required to ensure confidentiality by providing physical security for identifiable research information Appropriate measures include limiting the extent of identifiers on data collection forms (when feasible) and providing locked file cabinets for storage 4.5 Electronic Security for Research Data I To comply with the HIPAA Privacy Rule and the HIPAA Security Rule, researchers must provide adequate electronic security for identifiable research data In April 2005, KUMC adopted the HIPAA Policy on Research using Electronic Protected Health Information The policy is found on the KUMC HIPAA website The policy covers the creation, use and receipt of data, data access, data storage and data transmission Other university policies about computer security, sensitive information, and storage on mobile devices apply to all identifiable research data II To maintain the confidentiality of electronic research data, investigators should store data preferentially on university network drives for firewall protection When data are stored on a mobile device or storage media, data must be encrypted Transmission of identifiable electronic data over the internet must employ a dedicated transmission line, virtual private network, encrypted website or secure file transfer protocols When electronic storage media are used for data exchange, the media must be password-protected Passwords must be sent to the data recipient in a separate secure communication III Additional requirements apply when study data will be stored on a mobile device Investigators must describe how the data are secured and what information would be accessible if the device were lost or stolen IV IRB application forms contain questions about provisions for data security Representatives of the HRPP meet regularly with staff from the KUMC Information Security Office to ensure appropriate security measures are utilized by researchers, use of new software meets institutional standards for security, and new security threats are identified Furthermore, our institutional Computer Security Policy can be found at: http://policy.ku.edu/KUMC/information-technology/computer-security Particularly applicable is the Sensitive Information in Electronic and Paper-Based Systems policy at http://policy.ku.edu/KUMC/informationtechnology/sensitive-information 2.4 Explain how your organization will tailor and restrict data access privileges based on an individual’s role on the research team Only certain members of the project team have access to the secured LINUX server Access to the CMS data files; will be granted to the above study team members by our database administrators, Daryl Budine and Lav Patel Administrative access on this server will be restricted to only those performing necessary administrative and 28 Executive Summary for Research Identifiable Data Version 8/2013, Updated 7/10/18 security functions User access to the CMS data will be enforced via a unique security group that will restrict access only to those on the study group Any access to the data will be via encrypted sessions At any time if there is a change to the study team, Dr Russ Waitman will notify Daryl Budine and Lav Patel either to revoke or grant new access 2.5 Explain the use of technical safeguards for data access (which may include password protocols, log-on/log-off protocols, session time out protocols, and encryption for data in motion and data at rest) Users who are granted access to this data will be authenticated using their KUMC enterprise user accounts The passwords for the user accounts will have a maximum lifetime of 365 days and will have to be changed on an annual basis The passwords cannot be reused for a minimum of 10 cycles and have to meet the requirements for strength Currently, the passwords have to be a minimum of characters and should contain at least one number, one special character and one upper case letter KUMC managed workstations and servers enforce policies around session timeouts, failed password authentication and log-on and log-off Workstations for example switch to screen saver after 30 minutes of inactivity KUMC computing network protected through a comprehensive defense-in-depth architecture is another safeguard On the perimeter, protection is provided by border router access control lists (ACLs), ingress and egress hardware firewalling, an intrusion prevention system (IPS), and logical network zones that have further ACLs applied to them To access the server that houses the data, authorized users have to be on the KUMC internal secure network or have to use the KUMC virtual private network to create a secure, authenticated and encrypted tunnel between network resources Also logs from the server are centralized and reviewed for unapproved access activity Physical Access to the data center where the server is located is restricted to authorized personnel and data will also be encrypted at rest as a further safeguard 2.6 Are additional organizations involved in analyzing the data files provided by CMS? Only KUMC study team members have access to the source CMS data files The study team members from the other sites listed above in “Project Staff” will only be able to access the final de-identified repository and author analysis code or query specifications that result only in output that generates cell sizes 11 and greater Their submission of the code/query specification and ability to view the returned output will be over a VPN connection No other organizations beyond those parties outlined in the Data Use Agreement will be involved in analyzing the CMS data If so, please review the Collaborator Checklist for guidance and considerations to include in the Data Management Plan, and indicate below how these organizations’ analysts will access the data files:             VPN connection Will travel to physical location of data files at requesting organization Request that a copy of the data files be housed at second location Other: Click here to enter text 2.7 If an additional copy of the data will be housed in a separate location, please describe how the data will be transferred to this location (Also, please ensure you have included information on this organization’s database management under the appropriate subsections of the database management plan.) 29 Executive Summary for Research Identifiable Data Version 8/2013, Updated 7/10/18 Data will NOT be housed outside KUMC and all analysis and data transformations will occur and be stored on the secure server housed within the KUMC secured data center No additional operational copies of the data will be housed for use in a separate location DATA REPORTING AND PUBLICATION 3.1 Who will have the main responsibility for notifying CMS of any suspected incidents wherein the security and privacy of the CMS data may have been compromised? Please describe and identify your organization’s policies and procedures for responding to potential breaches in the security and privacy of the CMS data Per the terms of the Data Use Agreement, the user will be responsible for reporting to CMS any breach in the security or primary of CMS data The KUMC Computer Security Incident Response policy (http://policy.ku.edu/KUMC/information-technology/incident-response) is generalizable to the CMS data files Following excerpts from the policy define the responsibilities of KUMC staff when reacting and/or responding to the various types of network and information security incidents that may occur Responsibilities All KUMC personnel and affiliates (including vendors) are required to promptly report all suspected incidents to Information Security The Chief Information Officer is granted authority to take actions necessary to protect KUMC computing resources, data and communications in the event of a security incident The Director of Information Security (or a designee in his\her absence) will be the central point of contact and coordinating authority for all security incidents The Director of Information Security is responsible for establishing a Computer Security Incident Response Team (CSIRT) for the purpose of responding to security incidents The Director of Information Security is responsible for establishing an incident classification matrix and developing the appropriate procedures necessary to respond to each level of classification (referred to as the "Computer Security Incident Response Plan") The Director of Information Security is granted authority to declare an incident and to execute the incident response plan The Chief Information Officer is responsible for notification of incidents to the Kansas Board of Regents President and CEO and the Kansas Board of Regents Chief Information Officer within 24 hours of a major security incident All communications with the media regarding a security incident must be coordinated through the University Relations department Although our institutional Computer Security Incident Response policy requires report of any issue within 24 hours, we will acknowledge CMS DUA policy that requires CMS be notified of any potential incidents within hour of discovery The PI or PI designee will be responsible for reporting to CMS of any potential incidents In addition, per our IRB SOP 4.0: Privacy and Confidentiality (http://www.kumc.edu/compliance/humanresearch-protection-program/institutional-review-board/policies-and-regulations.html), a privacy violation or a breach of confidentiality is considered an unanticipated problem and must be promptly reported to the HSC Furthermore, under the departmental system access agreement, system users must report in writing to the KUMC Privacy Official at hipaa@kumc.edu any use or disclosure of protected health information (as defined in 30 Executive Summary for Research Identifiable Data Version 8/2013, Updated 7/10/18 45 C.F.R 160.103) not covered by the Agreement that becomes known to System User, within 24 hours of its discovery 3.2 Explain how your organization’s data management plans are reviewed and approved Data management plans are submitted as part of the IRB review and approval process The IRB application form requests specific information about the type of data being used for the project, methods of transmission for data coming into KUMC, location of data storage and methods for transmitting identifiable data to non-KUMC recipient 3.3 Explain whether and how your organization’s data management plans are subjected to periodic updates during the DUA period All research at KUMC is subject to annual IRB approval through our human subjects committee In coordination with this review we will review the Data Management Plan component of the protocol annually with KUMC Information Resources to identify any environmental changes which may impact the DMP or if any potential threat is identified, the data protections are updated accordingly If these significantly affect the data management plan then those changes will be updated and sent to the responsible party at CMS Furthermore, if KUMC’s Department of Information Security revise security practices during the DUA period, the Principal Investigator, or his designee, will notify CMS and amend the DMP within business days 3.4 Please attest to the CMS cell suppression policy of not publishing or presenting tables with cell sizes less than 11 (see Item of the DUA) Yes I agree The following items are for Part D requests only: 3.5 The researcher agrees that the pharmacy, provider, prescriber, or health plan will not be identified in this study Yes I agree COMPLETION OF RESEARCH TASKS AND DATA DESTRUCTION 4.1 Describe your organization’s process to complete the Certificate of Disposition form and policies and procedures to dispose of data files upon completion of its research Upon study completion and review of any subsequent approvals for data re-use, the PI will work with the study team, (specifically the database administrator coordinating with campus information security and information resources personnel), to ensure the files are deleted from all physical servers and media Once this step has occurred, the PI will complete the Certificate of Disposition form and submit it to the Division Director for the Division of Information Security & Privacy Management (DISPM) at CMS in order to comply with the reporting requirements of the destruction All data retention and/or destruction activities will comply with the KUMC Research Record Management, Disposition and Retention policy (http://policy.ku.edu/KUMC/Vice-ChancellorResearch/records-ownership-retention) 4.2 Describe your organization’s policies and procedures used to protect CMS data files when individual staff members of research teams (as well as collaborating organizations) terminate their participation in research projects (which may include staff exit interviews and immediate access termination) 31 Executive Summary for Research Identifiable Data Version 8/2013, Updated 7/10/18 Per KUMC SOP 18.0 on Investigator Responsibilities, study PI is responsible for reporting personnel changes The PI, Dr Russ Waitman, will notify the IRB through a change in study team personnel In addition, the PI will make appropriate updates on eCompliance and notify Daryl Budine directly when staff members should be removed from the research team and electronic access will be terminated As an additional step for this project, Daryl Budine will review permissions on a monthly basis verifying that those with access are still employed 4.3 Describe policies and procedures your organization uses to inform CMS of project staffing changes, including when individual staff member’s participation in research projects is terminated, voluntarily or involuntarily If anyone besides the requestor, data custodian, or current DUA signatories will need to access the CMS data, the PI or his delegate of this study will promptly submit requests for signature addendums to CMS Upon approval we will then update eCompliance to add them to the study Upon approval by the IRB of their role, we will then provide the individual the appropriate access as required by their role following the KUMC Computer Security policy and procedures for username/password and network firewall and file permissions In addition, the PI or his delegate will update eCompliance within 72 hours of any changes in the roles of the research team (modification of role, deletion from the study team) Team members who are terminated will have their access revoked immediately Modified individual’s access and participation will be held until the change is approved by CMS There is an annual review of all studies and their current status The annual review includes a required verification of project staff and roles as well as their timely completion of HSC/HIPAA training, computer security, and other research trainings We are currently unaware of any existing KUMC policies regarding sponsor notification of staffing changes, but we will research this issue We will develop the detailed work instruction document that we are creating to summarize our complete procedures for working with CMS data, including detailed references to all institutional policy and procedure documents and establish these standard operating procedures and policies in collaboration with KUMC Human Subjects Protection and Office of Compliance 4.4 Describe your organization’s policies and procedures to ensure original data files are not used following the completion of the project The PI, Dr Russ Waitman, will inform the study team of the termination of the study upon which Daryl Budine will terminate access to the data files and destroy the files All data retention and/or destruction activities will comply with the KUMC Research Record Management, Disposition and Retention policy (http://policy.ku.edu/KUMC/Vice-Chancellor-Research/records-ownership-retention), which states that department will securely dispose of the documents in a manner consistent with the terms for secure disposal in the research agreement Therefore, research records that have met the applicable retention guidelines will be securely destroyed after the study completion and Dr Waitman and Mr Adagarla will complete the certificate of disposition for CMS (https://www.cms.gov/Medicare/CMS-Forms/CMS-Forms/downloads/cms10252.pdf) PRA Disclosure Statement According to the Paperwork Reduction Act of 1995, no persons are required to respond to a collection of information unless it displays a valid OMB control number The valid OMB control number for this information collection is 0938XXXX The time required to complete this information collection is estimated to average two hours per response, including the time to review instructions, search existing data resources, gather the data needed, and complete and 32 Executive Summary for Research Identifiable Data Version 8/2013, Updated 7/10/18 review the information collection If you have comments concerning the accuracy of the time estimate(s) or suggestions for improving this form, please write to: CMS, 7500 Security Boulevard, Attn: PRA Reports Clearance Officer, Mail Stop C4-26-05, Baltimore, Maryland 21244-1850 33 Executive Summary for Research Identifiable Data Version 8/2013, Updated 7/10/18 COLLABORATOR CHECKLIST Please note –This checklist is for guidance purposes only and for organizations that are involving an additional organization as part of their research study The checklist identifies data safeguard practices and considerations of the collaborating organization that should be indicated in the data requestor’s Data Management Plan All questions may not apply but are dependent upon the data sharing arrangement between the organizations involved in the research study (* Information that should be indicated for each collaborating organization that will have access to RIF or nonidentifiable files.) A Access to Identifiable and De-identifiable Files What is the name of the collaborating organization?* Collaborating organizations include the University of Iowa, University of Wisconsin, Medical College of Wisconsin, Marshfield Clinic Research Foundation, University of Minnesota, University of Nebraska Medical Center, University of Texas Health Science Center San Antonio, University of Texas Southwestern Medical Center, Indiana University / Regenstrief Institute, University of Missouri, ABOUT Network, and Vasculitis PPRN (University of Pennsylvania and University of South Florida College of Medicine) How will the collaborating organization access the CMS data (secure VPN, a physical copy on site at the collaborating organization, traveling to the DUA holder’s site, etc.)?* The collaborators will use secure VPN to access KUMC server to execute i2b2 via web client or to submit software analyses programs for execution by the KUMC team Who are the researchers from the collaborating organization? Indicate if each researcher will have access to raw data, analytic files, or output with cell sizes less than 11 (Please ensure that these individuals and data access rights are listed in the Project Staff list.)* University of Iowa - Elizabeth Chrischilles: Yes access to analytic files and output with cell sizes less than 11 - Bradley McDowell: Yes access to analytic files and output with cell sizes less than 11 - Elena Letuchy: Yes access to analytic files and output with cell sizes less than 11 - Jennifer Schlichting: Yes access to analytic files and output with cell sizes less than 11 - Bjarni Haraldsson: Yes access to analytic files and output with cell sizes less than 11 - Ingrid Lizarraga: No access to raw data, analytic files, or output with cell sizes less than 11 - Jeremy Stoltenberg: Yes access to analytic files and output with cell sizes less than 11 - Nicholas Rudzianski: Yes access to analytic files and output with cell sizes less than 11 - Ryan Carnahan: Yes access to analytic files and output with cell sizes less than 11 (Added 10/4/17) - Mary Schroeder: Yes access to analytic files and output with cell sizes less than 11 (Added 10/4/17) - Cole Chapman: Yes access to analytic files and output with cell sizes less than 11 (Added 10/4/17) University of Wisconsin - Amy Trentham-Dietz: Yes access to analytic files and output with cell sizes less than 11 - Larry Hanrahan: No access to raw data, analytic files, or output with cell sizes less than 11 (Added 1/13/17) Medical College of Wisconsin - Joan Neuner: Yes access to analytic files and output with cell sizes less than 11 - George Kowalski: Yes access to analytic files and output with cell sizes less than 11 Marshfield Clinic and Research Foundation 34 Executive Summary for Research Identifiable Data - Version 8/2013, Updated 7/10/18 Robert Greenlee: No access to analytic files and output with cell sizes less than 11 Adedayo Onitilo: No access to raw data, analytic files, or output with cell sizes less than 11 University of Minnesota - Anne Blaes: Yes access to analytic files and output with cell sizes less than 11 University of Nebraska Medical Center - Ann Berger: Yes access to analytic files and output with cell sizes less than 11 University of Texas Health Science Center, San Antonio - Amelie Ramirez: Yes access to analytic files and output with cell sizes less than 11 - Dan Hale: No access to analytic files and output with cell sizes less than 11 (Deleted 1/13/17) - Angela Bos: Yes access to analytic files and output with cell sizes less than 11 (Deleted 1/13/17) - Paula Shireman: Yes access to analytic files and output with cell sizes less than 11 (Added 5/23/17) - Dean Bernocchi: Yes access to analytic files and output with cell sizes less than 11 (Added 5/23/17) - Pamela Kittrell: Yes access to analytic files and output with cell sizes less than 11 (Added 5/23/17) - Alex Bokov: Yes access to analytic files and output with cell sizes less than 11 (Added 5/23/17) - David Ruppert: Yes access to analytic files and output with cell sizes less than 11 (Added 5/23/17) - Laura Manuel: Yes access to analytic files and output with cell sizes less than 11 (Added 5/23/17) University of Texas Southwestern Medical Center - Barbara Haley: No access to raw data, analytic files, or output with cell sizes less than 11 Indiana University / Regenstrief Institute - Paul Dextor: No access to analytic files and output with cell sizes less than 11 - Faye Smith: Yes access to analytic files and output with cell sizes less than 11 - Evgenia Teal: Yes access to analytic files and output with cell sizes less than 11 - Nate Ring: Yes access to analytic files and output with cell sizes less than 11 - Raven Carter: Yes access to analytic files and output with cell sizes less than 11 - Andrea Radford: Yes access to analytic files and output with cell sizes less than 11 University of Missouri - Abu Saleh Mohammad Mosa: Yes access to analytic files and output with cell sizes less than 11 ABOUT Network – University of South Florida - Rebecca Sutphen: No access to analytic files and output with cell sizes less than 11 - Kristian Lynch: No access to analytic files and output with cell sizes less than 11 - Colleen Maguire: No access to analytic files and output with cell sizes less than 11 - Elizabeth Clark: No access to analytic files and output with cell sizes less than 11 Vasculitis PPRN – University of Pennsylvania & - Peter A Merkel: No access to analytic files and output with cell sizes less than 11 - Jeffrey Krischer: No access to analytic files and output with cell sizes less than 11 - Cristina Burroughs: No access to analytic files and output with cell sizes less than 11 What binding agreements are required of the researchers from the collaborating organization?* 35 Executive Summary for Research Identifiable Data Version 8/2013, Updated 7/10/18 All team members from the GPC institutions are bound by the GPC Network Infrastructure and Data Sharing Agreement and researchers from the ABOUT and Vasculitis PPRNs in University of South Florida College of Medicine and University of Pennsylvania are bound by EICA What training is required of researchers from the collaborating organization?* All researchers are required to have Human Subjects Training How will the collaborating organization notify the DUA holder of changes in staff who are participating on the research team?* Any personnel changes in a collaborating organization will be reported to the DUA holder by the lead or senior investigator at the participating organization who have signed the addendum to the DUA Upon receipt of the notification, data access privileges will be revoked accordingly Will the researchers from the collaborating organization abide by the DUA holder’s project rules or the policies of their employing organization?* Yes B Access to RIF Will the collaborating organization have access to RIF?* No If yes, please provide the following required details: a Will the collaborating organization have the ability to download and store a copy of the CMS data? Click here to enter text b Does the collaborating organization intend to backup the data? If so, has the collaborating organization developed a backup arrangement and are the back-up copies maintained at a second location? Click here to enter text c Who is responsible for maintaining the security and distribution of the CMS data at the collaborating organization? Click here to enter text d Does the collaborating organization maintain an inventory of the CMS data files that are maintained by the collaborating organization? Click here to enter text e How will the collaborating organization tailor and restrict data access? Click here to enter text f Please describe the collaborating organization’s physical and technical safeguards used to protect CMS data files (including physical access and logical access to the files) Click here to enter text g Please describe the collaborating organization’s infrastructure, operating systems, and hardware that will be used to secure the CMS data Click here to enter text h How will the collaborating organization dispose of electronic copies of the data? Click here to enter text C Physical Copies of RIF Please note - if the collaborating organization will maintain a separate copy of the CMS data, the collaborating organization is required to complete a full Data Management Plan 36 Executive Summary for Research Identifiable Data Version 8/2013, Updated 7/10/18 Will a separate copy of the CMS data be housed at the collaborating organization’s location? No How will the collaborating organization receive the CMS data (shipment from the DUA holder, collaborating organization will request an additional copy directly from CMS, POC from the collaborating organization will transport the data, etc.)? Collaborating organizations will not receive CMS data 37 ... (2) continue our cohort characterization efforts for ALS, breast cancer, and obesity, and (3) provide an efficient resource to support additional cohort characterization activities approved by CMS... claims data for all patients residing in the eleven states The reason for requesting the use of multiple years of data for the pre-defined patient cohort (i.e., ALS, breast cancer, obesity) is... methodological basis, we seek to expand the data completeness of our patients’ health care processes and outcomes and understand the information gain for our complete and comprehensive population by