Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Datathon DUA version #9

Open
jraffa opened this issue Apr 5, 2018 · 5 comments
Open

Datathon DUA version #9

jraffa opened this issue Apr 5, 2018 · 5 comments

Comments

@jraffa
Copy link

jraffa commented Apr 5, 2018

I am trying to solidify a version of the DUA which could be used at datathons. Please see below and let me know if you see any issue with it.

PhysioNet Clinical Database Restricted Data Use Agreement

2018 Sydney Datathon

The contents of restricted-access clinical databases maintained by PhysioNet were derived from original data that contained protected health information (PHI), as defined by HIPAA. The providers of the data have given scrupulous attention to the task of locating and removing all PHI, so that the remaining data can be considered de-identified and therefore not subject to the HIPAA Privacy Rule restrictions on sharing PHI. Nevertheless, because of the richness and detail of the databases, they will be released only to legitimate researchers under the terms and conditions described on this page.

If you agree to all of these terms and conditions, access to restricted information within the PhysioNet Clinical Databases (e.g., MIMIC and eICU-CRD) may be granted to you as an individual. Your colleagues may obtain access to these data as individuals via the same procedure you are following.

If I am granted access to the PhysioNet Clinical Databases, I agree to the terms and conditions below:

  1. I will not attempt to identify any individual or institution referenced in PhysioNet restricted data.
  2. I will exercise all reasonable and prudent care to avoid disclosure of the identity of any individual or institution referenced in PhysioNet restricted data in any publication or other communication.
  3. I will not share access to PhysioNet restricted data with anyone else.
  4. I will exercise all reasonable and prudent care to maintain the physical and electronic security of PhysioNet restricted data.
  5. If I find information within PhysioNet restricted data that I believe might permit identification of any individual or institution, I will report the location of this information promptly by email to PHI-report@physionet.org, citing the location of the specific information in question so that it can be investigated and removed if necessary.
  6. I have requested access to PhysioNet restricted data for the sole purpose of lawful use in scientific research, and I will use my privilege of access, if it is granted, for this purpose and no other.
  7. I will indicate the general purpose for which I intend to use the database in my application.
  8. If I openly disseminate my results, I will also contribute the code used to produce those results to a repository that is open to the research community.
  9. This agreement will terminate at the end of the datathon. If I choose to continue to work with the PhysioNet Clinical Databases, I understand that I must register on PhysioNet and agree to a data use agreement which includes completing a training program in human research subject protections and HIPAA regulations, and submitting proof of having done so.

My name:
Telephone number, including country/area code (required):
E-mail:
Institution:
Title or position:

Signature:

Date:

@rgmark
Copy link

rgmark commented Apr 5, 2018 via email

@jraffa
Copy link
Author

jraffa commented Apr 5, 2018

Does the bolded change work?

PhysioNet Clinical Database Restricted Data Use Agreement

2018 Sydney Datathon

The contents of restricted-access clinical databases maintained by PhysioNet were derived from original data that contained protected health information (PHI), as defined by HIPAA. The providers of the data have given scrupulous attention to the task of locating and removing all PHI, so that the remaining data can be considered de-identified and therefore not subject to the HIPAA Privacy Rule restrictions on sharing PHI. Nevertheless, because of the richness and detail of the databases, they will be released only to legitimate researchers under the terms and conditions described on this page.

If you agree to all of these terms and conditions, access to restricted information within the PhysioNet Clinical Databases (e.g., MIMIC and eICU-CRD) may be granted to you as an individual. Your colleagues may obtain access to these data as individuals via the same procedure you are following.

If I am granted access to the PhysioNet Clinical Databases, I agree to the terms and conditions below:

  1. I will not attempt to identify any individual or institution referenced in PhysioNet restricted data.
  2. I will exercise all reasonable and prudent care to avoid disclosure of the identity of any individual or institution referenced in PhysioNet restricted data in any publication or other communication.
  3. I will not share access to PhysioNet restricted data with anyone else.
  4. I will exercise all reasonable and prudent care to maintain the physical and electronic security of PhysioNet restricted data.
  5. If I find information within PhysioNet restricted data that I believe might permit identification of any individual or institution, I will report the location of this information promptly by email to PHI-report@physionet.org, citing the location of the specific information in question so that it can be investigated and removed if necessary.
  6. I have requested access to PhysioNet restricted data for the sole purpose of lawful use in scientific research, and I will use my privilege of access, if it is granted, for this purpose and no other.
  7. I will indicate the general purpose for which I intend to use the database in my application.
  8. If I openly disseminate my results, I will also contribute the code used to produce those results to a repository that is open to the research community.
  9. This agreement will terminate and I must delete all PhysioNet restricted data from my devices or accounts at the end of the datathon. If I choose to continue to work with the PhysioNet Clinical Databases, I understand that I must register on PhysioNet and agree to a data use agreement which includes completing a training program in human research subject protections and HIPAA regulations, and submitting proof of having done so.

My name:
Telephone number, including country/area code (required):
E-mail:
Institution:
Title or position:

Signature:

Date:

@rgmark
Copy link

rgmark commented Apr 6, 2018 via email

@jraffa
Copy link
Author

jraffa commented Mar 26, 2019

This year, the Australians would like to use a common DUA for ANZICS (their database), and the Physionet databases. I am meeting with them next week, and they have proposed for the datathon in June:

To me it looks like all the clauses are covered when compared to what we used last year. Please let me know if something is amiss.

Also, is the correct PHI reporting e-mail address report@physionet.org or PHI-report@physionet.org

=====

This NDA has been developed specifically for the ANZICS Critical Care Datathon held on 22nd and 23rd June 2019 in Brisbane, Australia. The contents of the clinical databases to be made available at the ANZICS Critical Care Datathon have been derived from original data that contained protected health information. The providers of the data have given scrupulous attention to the removal all public health information, so that the remaining data can be considered de-identified. Nevertheless, because of the richness and detail of the databases, they will be released only to legitimate researchers under the terms and conditions described on this page.

The term ‘datasets’ below refers to all data provided at the 2019 ANZICS Critical Care Datathon by the following data custodians:

  • Physionet (contact email: report@physionet.org phi-report@physionet.org)

    • MIMIC III - Medical Information Mart for Intensive Care III
    • Philips eICU-CRD
  • Australian and New Zealand Intensive Care Society (contact email: anzics.core@anzics.com.au)

    • ANZICS Adult Patient Database,
    • ANZICS Critical Care Resources Registry
    • ANZ Paediatric Intensive Care Registry
  • Australasian Rehabilitation Outcomes Centre (AROC) (contact email: ???)

  • Queensland Health (contact email: ???)

If I am granted access to the datasets provided at The ANZICS Critical Care Datathon, I agree to the following terms:

  1. I have requested access to the datasets for the sole purpose of lawful use in scientific research.
  2. I will use my privilege of access, if it is granted, for this purpose and no other.
  3. I will not attempt to identify any individual or institution referenced in the datasets.
  4. I will exercise all reasonable and prudent care to avoid disclosure of the identity of any individual or institution referenced in the datasets in any publication or other communication.
  5. I will not share access to the datasets with anyone else.
  6. I will exercise all reasonable and prudent care to maintain the physical and electronic security of the datasets.
  7. If I find information within the datasets that I believe might permit identification of any individual or institution, I will report the location of this information promptly to the relevant data custodian, citing the location of the specific information.
  8. If I openly disseminate my results, I will also contribute the code used to produce those results to a repository that is open to the research community.
  9. At the end of the Datathon, I will delete the datasets from my devices or accounts unless prior agreement has been reached with the relevant data custodian.
  10. If I continue to work with any of the datasets after the Datathon, I will comply with the relevant policies regarding data access, data use, publication procedures and research training as specified by each data custodian.

Name:
Telephone number, incl. country/area code:
E-mail:
Institution:
Date:

====

@tompollard
Copy link
Member

the correct email is phi-report@physionet.org

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

3 participants