CODI Gatekeeping Policies and Procedures
Individuals have a right to expect that their personal health and medical information will be protected from unauthorized use. To ensure patient privacy and confidentiality, the creators of the CODI database will restrict access to, and use of, information stored in the database according to the following policies and procedures. Please refer to CODI Technical Security and Confidentiality Procedures for an additional listing of the safeguards that have been established to ensure the integrity, reliability, accuracy and security of data in CODI.
Ethical Use of Data
- Those with access to CODI are expected to respect the confidentiality and privacy of individuals whose records they access, to observe any restrictions that apply to data to which they have access, and to abide by applicable laws or policies with respect to access, use, or disclosure of information.
- Individuals handling medical information will be required to sign an institutional Pledge of Confidentiality.
- Everyone involved in the management of patient data, including all those who will have access to data in CODI, must complete training in privacy issues and human research subject protection. Training is offered regularly at FHCRC and UW.
- Patient care and research participant information is strictly confidential and its use and disclosure are regulated by Center policies and federal and state law, including the Washington Health Care Information Act (RCW Chapter 70.02). Such information may also be subject to contractual restrictions. Any party or individual requiring access to data considered confidential must obtain that information only through procedures appropriate to the nature of that information and as permitted by applicable law, agreements, and Center policies.
- Unauthorized dissemination of confidential information is strictly prohibited, including the disclosure or distribution of data in any medium, except as required by an employee's job responsibilities. Also forbidden is access to or use of any such data for one's own personal gain or profit, for the personal gain or profit of others, or to satisfy one's personal curiosity or that of others.
- It is the responsibility of all parties and individuals to handle and dispose of confidential information obtained, original or reproduced, according to the designated procedures of the institution for which they work.
- Responsibility for linkage of de-identified patient data to other data sets through individual identifiers is the responsibility of authorized and legally-accountable individuals with an obligation to ensure confidentiality.
- Any breach of confidentiality, misuse of data, or unauthorized release of information may result in disciplinary action, including discharge from employment, termination of contractual arrangements, and/or medical privileges and pursuit of legal action.
- The ability to access data in CODI will be restricted to parties or individuals who have authorized responsibilities with the data. People will only have access to information legitimate to their role. Predefined user groups and permission levels will ensure restricted and appropriate access and allow update, query, and reporting functions to be predefined for each user group.
- Each database user will be required to have a unique user name and password and will be held accountable for all actions taken under that user name. Passwords must be changed at regular, frequent intervals and must meet minimum established standards (e.g., same password cannot be re-used and passwords must be a minimum length, cannot match common words, and must include a mix of characters).
- Individuals without clinical responsibilities will be required to enter an IR file number at login to gain access to the system. Those whose protocols do not involve patient accrual will not be able to view patient-identifiable data.
- The database will create an audit trail of all updates and specific user actions, as well as audit trail entries related to viewing of patient records. All attempts to access the database will be logged as to date and time, identity of the user, IP address from which query was initiated, patient identifiers and tables queried, and whether permission was granted or denied. Logs will be reviewed on a periodic basis to monitor access and compliance.
- Authorized database users will have the ability to lock records so that changes to the database (i.e., inserts, updates, deletions) cannot subsequently be overwritten by unauthorized personnel.
- Database flags will be used to identify patients who consent to future research, as well as those who do not wish to participate in long-term clinical follow-up or research. If a patient changes his/her mind on these issues at a later date, his/her database flag(s) will be reset appropriately. Similarly, patients who consent to these activities may revoke their permission at any future time and their database flags will be reset.
- For patient data imported into CODI under a waiver of authorization, initial approach for study enrollment must be made through the patient's Primary Care Physician (PCP), unless otherwise permitted in an IRB-approved protocol (see below). A database flag will be used to differentiate among PCPs who occasionally refuse to approach their patients for research, those who consistently refuse, and those who refuse based on study type (e.g., no treatment studies but prevention studies OK).
- Individuals with IRB-approved protocols wishing to recruit patients must provide a copy of the protocol with approved application cover sheet to the database administrator before access to patient contact information is given.
Use of Data in Research
- Data in CODI may be used by authorized personnel for clinical care and in IRB-approved research studies.
- Individuals with research access to data in CODI may only use those data for their originally-stated purpose. When the data are no longer required to fulfill that purpose, they must be destroyed or disposed of in a confidential manner.
- Data accessed or received from CODI for research may not be repackaged or redistributed in any form and no new "permanent" research databases may be established using such data.
- Information collected during the course of health care and medical treatment may be disclosed to clinical investigators and health care researchers without a requirement for informed consent, if approved by an Institutional Review Board.
- Once published, files and reports based on aggregate data in CODI may be cited without review or approval.
- If data in CODI are used in a research analysis or report, the provenance of the original data must be acknowledged in that report.
- The Fred Hutchinson Cancer Research Center, University of Washington Medical Center, Seattle Children's, Seattle Cancer Care Alliance, the Cancer Consortium, or their staffs are not responsible for damages, injury, or loss due to the use of data in CODI.
- Patients have the right to a written notice of the information security practices involved with processing and storing their data. Pursuant to a written request, patients should be able to inspect their data and challenge its accuracy at any time.
- Per HIPAA regulations, patients have the right to request and receive a written report detailing each instance of access to their medical information in CODI.