The analyses upon which this publication is based were performed under Contract Number HHSM-500-2009-00046C sponsored by the Center for Medicare and Medicaid.

Slides:



Advertisements
Similar presentations
An Essential Component of Health Systems Strengthening Presented on: May 23, 2011 Akiko Maeda Health, Nutrition & Population Network The World Bank.
Advertisements

Creating HIPAA-Compliant Medical Data Applications with Amazon Web Services Presented by, Tulika Srivastava Purdue University.
A Guide to Compliant Data Management
HIPAA: An Overview of Transaction, Privacy and Security Regulations Training for Providers and Staff.
UC BRAID: Co-creating and evaluating performance in a regional laboratory for conducting translational science UC BRAID Executive Committee: Steven Dubinett.
SAN DIEGO SUPERCOMPUTER CENTER Emerging HIPAA and Protected Data Requirements for Research Computing at SDSC Ron Hawkins Director of Industry Relations.
Are you ready for HIPPO??? Welcome to HIPAA
PERMISSION ONTOLOGY FOR INFORMED CONSENT AND HIPAA COMPLIANCE Maria Adela Grando PhD Division Biomedical Informatics, University California.
Copyright ©2011 Freedman Healthcare, LLC All Payer Claims Datasets: Big Data is Coming to Public Health Officials, Providers and Patients Near You StrataRx.
Integrating Data for Analysis, Anonymization, and SHaring Supported by the NIH Grant U54HL to the University of California, San Diego Shuang Wang,
National Cancer Institute U.S. DEPARTMENT OF HEALTH AND HUMAN SERVICES National Institutes of Health NCI Perspective on Informatics and Clinical Decision.
Information Resources and Communications University of California, Office of the President Current Identity Management Initiatives at UC & Beyond: UCTrust.
CUMC IRB Investigator Meeting November 9, 2004 Research Use of Stored Data and Tissues.
HIPAA COMPLIANCE IN YOUR PRACTICE MARIBEL VALENTIN, ESQUIRE.
Linette T Scott, MD, MPH Chief Medical Information Officer, DHCS “Population Health” HIMSS NCal Educational Program, Sacramento, CA| February 4, 2014.
August 12, Meaningful Use *** UDOH Informatics Brown Bag Robert T Rolfs, MD, MPH.
CAMP Med Mapping HIPAA to the Middleware Layer Sandra Senti Biological Sciences Division University of Chicago C opyright Sandra Senti,
Information Resources and Communications University of California, Office of the President System-Wide Strategies for Achieving IT Security at the University.
A Robust Health Data Infrastructure P. Jon White, MD Director, Health IT Agency for Healthcare Research and Quality
Enabling Data Sharing in Biomedical Research Integrating Data for analysis, Anonymization, and Sharing (iDASH) Aziz A. Boxwala, MD, PhD Division of Biomedical.
The analyses upon which this publication is based were performed under Contract Number HHSM C sponsored by the Center for Medicare and Medicaid.
Lecture 14 Policy, Legal, and Regulatory Issues in HIS (Chapters 18,19,20)
Academic Computing Daniella Meeker, PhD Director, Clinical Research Informatics SC-CTSI Assistant Professor of Preventive Medicine and Pediatrics.
HIPAA PRIVACY AND SECURITY AWARENESS.
Copyright © 2006 by The McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill Technology Education Copyright © 2006 by The McGraw-Hill Companies,
Health Information Technology Basics January 8, 2011 by Leola McNeill adapted from Information Technology Basics by June 2009, Kayla Calhoun & Dr. Frank.
 Information technology is defined as the use of computer hardware and software to manage information.  Six functions of data management: Convert.
1 Matthew J. McAuliffe, Ph.D., Chief, Biomedical Imaging Research Services Section (BIRSS) CIT Ramona Hicks, Ph.D., Program Director, Repair and Plasticity.
Confidentiality and Security Issues in ART & MTCT Clinical Monitoring Systems Meade Morgan and Xen Santas Informatics Team Surveillance and Infrastructure.
Future Use of Stored Samples & Data and the NIH Policy on GWAS and dbGaP NIAID/DAIDS Dione Washington, M.S. -- ProPEP Sudha Srinivasan, Ph.D.-- TRP Tanisha.
How Hospitals Protect Your Health Information. Your Health Information Privacy Rights You can ask to see or get a copy of your medical record and other.
Chapter 6 – Data Handling and EPR. Electronic Health Record Systems: Government Initiatives and Public/Private Partnerships EHR is systematic collection.
ICETE 2012 Joint Conference on e-Business and Telecommunications Hotel Meliá Roma Aurelia Antica, Rome, Italy July
Copyright © 2009 by The McGraw-Hill Companies, Inc. All Rights Reserved. McGraw-Hill Chapter 6 The Privacy and Security of Electronic Health Information.
Eliza de Guzman HTM 520 Health Information Exchange.
Patient Confidentiality and Electronic Medical Records Ann J. Olsen, MBA, MA Information Security Officer and Director, Information Management Planning.
AHRQ’s Role in Building Evidence to Advance the Accessibility and Usability of Health IT Tiffani J. Bright, PhD Senior Staff Fellow, Health IT September.
Working with Health IT Systems Protecting Privacy, Security, and Confidentiality in HIT Systems Lecture b This material (Comp7_Unit7b) was developed by.
The Culture of Healthcare Privacy, Confidentiality, and Security Lecture d This material (Comp2_Unit9d) was developed by Oregon Health and Science University,
Service Level Agreements Service Level Statements NO YES The process of negotiating and defining the levels of user service (service levels) required.
Integrating a Federated Healthcare Data Query Platform With Electronic IRB Information Systems Shan He IPHIE 2010.
Component 3-Terminology in Healthcare and Public Health Settings Unit 16-Definitions and Concepts in the EHR This material was developed by The University.
Adoption and Use of Electronic Medical Records (in Federally Qualified Health Centers) and Supporting an ASP Community Care Network of Virginia, Inc.
Tom Furlani, Center for Computational Research University at Buffalo, October 15, 2015 Coexisting with Protected Health Information at CCR.
Teamplay Connect, compare, collaborate.
This material was developed by Oregon Health & Science University, funded by the Department of Health and Human Services, Office of the National Coordinator.
Use of Data from the Electronic Medical Record in Research Opportunities & Pit Falls Kristin West.
The U. S. Health Care System Challenges, Opportunities and Solutions Fifth National HIPAA Summit Clinical Data Standards and the Creation of an Interconnected,
Chapter 3 Pre-Incident Preparation Spring Incident Response & Computer Forensics.
HIPAA TRIVIA Do you know HIPAA?. HIPAA was created by?  The Affordable Care Act  Health Insurance companies  United States Congress  United States.
Component 6- Health Management Information Systems Unit 5-2 Clinical Decision Support Systems This material was developed by Duke University, funded by.
Health Management Information Systems Clinical Decision Support Systems Lecture b This material Comp6_Unit5b was developed by Duke University, funded by.
1 Copyright © 2009, 2006, 2003, 2000, 1997, 1994 by Saunders, an imprint of Elsevier Inc. Chapter 23 Nursing Informatics.
Tony Pan, Stephen Langella, Shannon Hastings, Scott Oster, Ashish Sharma, Metin Gurcan, Tahsin Kurc, Joel Saltz Department of Biomedical Informatics The.
CSE 5810 Biomedical Informatics and Cloud Computing Zhitong Fei Computer Science & Engineering Department The University of Connecticut CSE5810: Introduction.
Copyright © 2009 by The McGraw-Hill Companies, Inc. All Rights Reserved. McGraw-Hill/Irwin Chapter 6 The Privacy and Security of Electronic Health Information.
EECS David C. Chan1 Computer Security Management Session 1 How IT Affects Risks and Assurance.
Sachin H. Jain, MD, MBA Office of the National Coordinator for Health IT United States Department of Health and Human Services The Nation’s Health IT Agenda:
© 2016 Chapter 6 Data Management Health Information Management Technology: An Applied Approach.
An Introduction to Electronic Health Records
MUSC i2b2 Jean Craig, Biomedical Informatics
ModelChain: Decentralized Privacy-Preserving Healthcare Predictive Modeling Framework on Private Blockchain Networks Tsung-Ting Kuo, Chun-Nan Hsu, and.
DATA SECURITY FOR MEDICAL RESEARCH
Detection and Analysis of Threats to the Energy Sector (DATES)
Amanda L. Do, MPH1,2, Ruby Y. Wan, MS1,2, Robert W
Walden University Carrie Vanzant February 7, 2010
Introduction to D4Science
Omnibus Care Plan (OCP) Care Coordination System
FDA Sentinel Initiative
Introduction to the PACS Security
Presentation transcript:

The analyses upon which this publication is based were performed under Contract Number HHSM C sponsored by the Center for Medicare and Medicaid Services, Department of Health and Human Services. Current issues and challenges in sharing biomedical human subjects data OASIS 2014 Lucila Ohno-Machado, MD, PhD Division of Biomedical Informatics University of California San Diego Oasis 2014

Personalized Healthcare Which therapies work best for individual patients?

Person-Centered Outcomes Research Genome –Sequencing data Phenotype –Personal monitoring Blood pressure, glucose –Personal health records –Behavior monitoring Adherence to medication, exercise Environment –Air sensors, food quality –Location Source: DOE

Where does knowledge come from? Controlled studies with strict eligibility criteria Does this apply to me? Hopefully, but we need a lot of data to answer this question: We need to build infrastructure to access large data repositories –Lower the barriers to share data We need to share tools to analyze the data –Algorithms and computational facilities

Big Data, Medium Data, and Small Data Data integration across biological scales Data annotation and harmonization Data ‘anonymization’ and privacy preservation

Data for Personalized Medicine Prevention, Diagnosis and Therapy –Genetic predisposition –Biomarkers –Pharmacogenomics –Health records –Sensors Handling Protected Health Information – Secure Electronic Environment Electronic Health Records Genetic Data

Sharing Data Sharing data today – Data sharing plans required Little incentive to actually share – One model: users download data – Yes/No decision on sharing Data use agreements across institutions – Pairwise, limited and complicated – Specific to a particular study – Resources for sharing are limited – Security/privacy constraints are hard for small institutions to follow

Mission “A national center for biomedical computing that develops new algorithms, open-source tools, computational infrastructure, and services that will enable biomedical and behavioral researchers nationwide to integrate Data for Analysis, ‘anonymization,’ and Sharing”

Vision

Models for Data Sharing Cloud Storage: data exported for computation elsewhere – Users download data from the cloud Cloud Compute and Virtualization: computation goes to the data – Users analyze data in the cloud – Users download virtual machines

Three Different Models for Data Sharing 1.Users download data 2.Users compute in a central facility 3.Users install software that operates on their data and transmits results of operations (e.g., queries, analyses)

Model 1: Users download data “De-identification” may be necessary Encrypted transmission Data Use Agreement Central Lawyers from the University of California helped write – Data Contributor Agreement Who can have access for what purpose – Data User Agreement Terms of use iDASH serves as ‘agent’ for the data

Model 2: Users compute in central facility Securing the privacy of human subjects data including biometrics such as genomes There are known security issues with commercial clouds (business associate liability agreement mitigates some risks) A protected cloud compute environment is capable of operating on genomes and clinical data We have built this cloud environment in iDASH

Infrastructure Security for Human Subjects Data HIPAA (Health Insurance Portability and Accountability Act) compliant computing environment Segmentation (Zones) of projects & functionality Physical and environmental protection of compute hardware Access control with Two Factor Authentication Secure (encrypted tunnel) system access and upload capability Centralized logging, intrusion detection Proxies and filters Hardened (secured) system configurations

Model 3: Computation goes to the data Some health systems cannot host data outside their facilities (e.g., VA) Software can be sent to those facilities in order to build an overall model (e.g., regression)

University of California Research eXchange UC-ReX 1.UC Davis 2.UC Irvine 3.UC Los Angeles 4.UC San Diego 5.UC San Francisco Funded by the UC Office of the President to the NIH-funded CTSAs Integration of Clinical Data Warehouses from 5 University of California Medical Centers and affiliated institutions (>10 million patients) – Aggregate and individual-level patient data will be accessible according to data use agreements and IRB approval – Distributed models to adjust for confounders Objectives – Monitor patient safety – Improve outcomes – Promote research

Acknowledgements Slides contributed by the iDASH team Division of Biomedical Informatics Funding by NIH AHRQ PCORI UCOP UCSD