Versions Compared

Version Old Version 61 New Version 62
Changes made by

Emily Kraus (Unlicensed)

Emily Kraus (Unlicensed)

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

This page houses the data governance policies and procedures developed by the NACHC data governance council. These policies and procedures can be applied to activities where data is involved but are primarily focused on data sharing that is defined as 1) NACHC receiving data from an external organization,  or 2) NACHC sharing data with an external organization.  

...

NACHC uses data either shared with NACHC by a data partner or collected by NACHC. When NACHC has received data from a data partner, NACHC acts as a data steward. Data stewardship is the collection of practices that ensure an organization’s data is accessible, usable, safe, and trusted. 

Data Shared with NACHC

There are many types of data that may be shared with NACHC including UDS data, clinical data, and membership or other health center data.

...

De-identified data is data that has been “stripped of all HIPAA defined identifiers” which includes Personally Identifiable Information (PII) and Protected Health Information (PHI). PII is a subset of PHI and the list of 18 data elements that are considered PHI are documented in the HIPAA Safe Harbor definition. "Safe Harbor" is the deidentified de-identified method that NACHC uses which means that to be considered de-identified, all 18 identifiers must be completely removed from a dataset. Any dataset with a zip code or full dates is not de-identified.

...

The terms survey and assessment are not interchangeable but both are used within NACHC. A survey generally means a longer set of questions within a research project. Assessments are generally shorter and the results are intended to be used for advocacy. Notably, the term survey triggers additional restrictions and requirements when administered within a project with federal funding. NACHC considers data from assessments to be apart of survey data and the below survey data policies. Meeting evaluation questions and tools are not considered surveys by NACHC. Clarify about Mentimeter 

Survey data is not collected without an internal review of questions and methods by an expert NACHC workgroup. Survey data may be cross sectional or repeated measures and are generally a mix of structure and unstructured.  To collect survey data from health centers, NACHC uses Qualtrics or Survey Monkey. Periodically, survey data are downloaded from those tools and stored internally and then the responses are deleted from Qualtrics or Survey Monkey. Survey data are not retained in Qualtrics or Survey Monkey in perpetuity.

...

Outside of UDS, clinical data, and survey data, NACHC receives data from health center members and financial data. Over time, these other data sources will be incorporated into the broader NACHC data governance portfolio.

Requests for Data 

NACHC receives requests for data that are either a part of a new or existing project. For clinical and UDS data, NACHC uses a central request process, referred to as a front door, to receive, review, and make determinations on requests from external organizations. Front Door instructions are available here. NACHC will only approve requests that benefit health centers and align with the NACHC vision


Sometimes requests are soliciting a data sharing partnership such as one organization hoping to partner and share data with a health center through support from NACHC.  NACHC is facilitator of information partnerships​ rather than a broker of data​. NACHC strongly prefers building an information partnership with the goal of collaboratively developing a data sharing project that is beneficial to all parties involved.  

...

When underlying data are biased, NACHC recognizes the risk that resulting models or analytic results may also be biased. NACHC prioritizes using datasets that have a representative amount of data from each group and annotating products accordingly to call attention to this important issue.

Identification of Health Centers in Work Products

In general, NACHC does not identify health centers in work products. There are some projects where identification of health centers is appropriate. When health centers need to be identified, NACHC solicits written approval to do so and engages health centers in a thorough review process. 

For some work products that present health center level findings, there could be a risk to health centers to be re-identified by other means, especially with maps or health centers that see special populations. NACHC mitigates this concern with intentional and thorough review as well as small cell suppression.

Section 5: Data Security and Privacy 

...

Federal regulations require that research projects involving human subjects be reviewed by an Institutional Review Board (IRB). According to the FDA, an IRB is an appropriately constituted group that has been formally designated to review and monitor biomedical research involving human subjects. The IRB must approve or determine the project to be exempt or approved prior to the start of any research activities. The IRB cannot provide approval or determinations for research that has already been concluded.

...

The federal regulations define both "research" and "human subject." Research is defined as a systematic investigation, including research development, testing, and evaluation, designed to develop or contribute to generalizable knowledge.Studies must be reviewed by an Institutional Review Board (IRB) only if both definitions apply.  A project may involve data from human subjects, but not meet the definition of research and would, therefore, not require an IRB review. Research is defined by federal regulations at 45 CFR 46.102 (Protection of Human Subjects 2009), as "a systematic investigation including research development, testing, and evaluation, designed to develop or contribute to generalizable knowledge."

...