1 / 45

Agenda

Agenda. Introduction to CIDER Research need Types of clinical data in CIDER Privacy and data security Public Notification / Opt Out Auditing User responsibilities Definition of Project Data privileges Process workflows CIDER Application Login page Hands on Lab Quiz

cael
Download Presentation

Agenda

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Agenda • Introduction to CIDER • Research need • Types of clinical data in CIDER • Privacy and data security • Public Notification / Opt Out • Auditing • User responsibilities • Definition of Project • Data privileges • Process workflows • CIDER Application Login page • Hands on Lab • Quiz • Take Home Assignment

  2. Clinical and Translational Research Needs • Goals: • Rapidly convert advances in basic science to improvements in patient care • Relay findings from clinical studies back to bench for further refinement of the disease management process • To achieve these goals, researchers need • to integrate diverse and complex biomedical data sets • to co-analyze and visualize the data • to reduce the barrier b/w basic science and clinical research

  3. Clinical and Translational Research Needs • How were these goals achieved in the past? • It was possible to acquire the clinical data manually by reviewing an individual patient’s data from a hospital’s EMR • Time consuming and redundant process • Not feasible for studies with large patient populations • Poses significant privacy and confidentiality risks to patients

  4. Research Needs • Review Preparatory to Research • Are there enough patients to conduct research? • Applies to prospective or retrospective studies • Defined criteria / haven’t defined it yet, but have an idea • Count of patients is sufficient • Prospective/Retrospective studies • Recruit patients / Need to get clinical data • Medical record data mining studies • Need historical clinical data for patients matching criteria • Survey identified patients for additional information

  5. Quality Improvement • It is possible to do analysis and compare the performance within one hospital as well as across hospitals if data is available in one central location • Can identify the process improvement steps and can implement those to improve the patient care • Enormous opportunities to improve patient care using QC/QI initiatives

  6. Problem Statement • Quality Improvement • Review Preparatory to Research • Participant Recruitment • Clinical Studies Data Acquisition • Retrospective • Prospective • Historical

  7. Solution In Patient Visits CIDER Out Patient Visits

  8. CIDER Clinical Investigation Data Exploration Repository • Joint venture of BJC HealthCare & WUSM • Data repository to contain patient care (inpatient and outpatient) data • Advanced query functionality through web interface • Restricted data access / Role management • Data interfaces to external CSMS systems

  9. CIDER

  10. Scenarios - 1 • Review preparatory to research • “I can get a grant to conduct a research study using historical clinical data to find out the relationship between changes in serum PSA values and survival following treatment for Hormone Refractory Prostate Cancer (HRPC). How do I find out whether there are enough patients?“ • Using CIDER, one can find out the total number of patients satisfying the above criteria quickly without getting any formal approvals for the study.

  11. Scenarios - 2 • Prospective studies • “I am planning to conduct a research study/protocol on the possible connection between Diabetes and Acute Coronary Syndrome (ACS) and I need at least 100 patients aged between 40 and 65, who have had ACS and had been diagnosed with Diabetes prior to ACS.” • Using CIDER, PI can find out the total number of patients satisfying the above criteria quickly without getting any formal approvals for the study. • Once the study is approved by IRB, CIDER can provide the patient details required to contact the patients.

  12. Scenarios - 3 • Retrospective studies • “I am planning to conduct a research study on the possible connection between Diabetes and Acute Coronary Syndrome (ACS) and I need at least 100 patients aged between 40 and 65, who have had ACS and had been diagnosed with Diabetes prior to ACS.” • Using CIDER, PI can find out the total number of patients satisfying the above criteria quickly without getting any IRB approvals for the study. • Also, can obtain de-identified data with no IRB approvals.

  13. Clinical Data • Demographics • name, address, race, gender, phone number • Visits • age, patient type, facility, diagnosis code, procedure code • Labs • age, collection time, facility, lab test name, specimen type (e.g. serum vs CSF glucose), result • Medications • age, duration, frequency, medication, route & form • Aspirin 75 mg tablet, once a day by mouth (PO), indefinitely • Allergies • allergen type, allergy reaction, sensitivity, severity, type, onset date • Vitals • age, body site, facility, measurement, observation, value and units • Document • age, document content, document name, facility and physician

  14. What and how much data is in CIDER? • Data since 1993 • ~4.7 million patients • ~25 million visits • ~68 million lab results • ~17 million medication orders • ~12 million scanned documents • ~140, 000 allergies (2009) • ~50 million text documents • ~130 million vitals

  15. Privacy and Data Security • IRB Review • Opt Out

  16. Opt Out • Option for patients to opt out of having their clinical data used for research projects • Two options • Public Website • Telephone IVR

  17. Opt Out

  18. Opt Out Opt Out public page

  19. Opt out page

  20. Privacy and Data Security • IRB Review • Opt Out • Public Notification

  21. Public Notification • Media release • Local newspapers

  22. Privacy and Data Security • IRB Review • Opt Out • Public Notification • Data Security • Auditing

  23. Auditing • Every user action is audited • Logins • Running queries to identify patient cohorts • Running queries to obtain patient data • Viewing patient data • Patient data export • Monthly / On-demand audit reports • Using reports, auditors can pinpoint who looked at a particular patient’s data • CIDER Security Oversight Committee

  24. Privacy and Data Security • IRB Review • Opt Out • Public Notification • Data Security • Auditing • User responsibilities

  25. User Responsibilities • Follow established rules and procedures • Obtain HIPAA/IRB approval if necessary • Do NOT share user IDs and passwords • Sign the CIDER data confidentiality agreement after completing the training and follow the agreement • User access will be revoked in case of failure to follow the rules

  26. User Responsibilities • Safeguard patient privacy and protect clinical data sets • Escalate issues/questions to CIDER Administrator • Download identified data only to approved and secure location(s) • Do NOT download, move, or copy identified/limited data sets to USB drives, CDs, DVDs, other removable devices, or servers/workstations/desktops/laptops on unsecure networks • In case of questions, please email the CIDER Honest Broker at honestbroker@bmi.wustl.edu OR call the CIDER Help Desk @ 362-8853

  27. User Responsibilities • What to do if data is lost or compromised? If you are a CIDER user, and you have encountered an event through which you think e-PHI (Electronic Protected Health Information) has been compromised, then please follow the procedures listed below. If you are a Washington University user Please fill-out an incident report using an incident report form from the following link. Washington University Incident Report Formand email it to incidents@wusm.wustl.edu If you are a BJC user If you are a BJC user, and you have encountered a breach of ePHI (electronic Protected Information) e.g. laptop, USB, device lost or stolen, virus attack on research server or theft of data, please contact BJC Information System Security Services at iss@bjc.org and complete an incident report at the following link. BJC Incident Report

  28. Privacy and Data Security • IRB Review • Opt Out • Public Notification • Data Security • Auditing • User responsibilities • Session Timeout

  29. Session Timeout • The CIDER session is left alone with no user actions for 10 minutes, the system will log you off • A warning message is displayed after 8 minutes • After 2 minutes of the warning, system will log out the user • This is a security measure • Never leave sessions open without logging out from CIDER

  30. Privacy and Data Security • IRB Review • Opt Out • Public Notification • Data Security • Auditing • User responsibilities • Session Timeout • Project definition and rules applied during queries

  31. What is a project in CIDER? • A project is a clinical or translational research study or a quality assurance/improvement activity that requires CIDER • Project components • Principal Investigator • Collaborators • Start date / End Date • Relevant protocol documents and IRB approvals • Elements that filter data access under a project • Facilities from which data will be available • Level of identified data access – Data Privileges

  32. Data Privileges • Data Privilege • Anonymized • De-identified • Limited • Identified (Requires IRB Approval)

  33. Data Privileges • Anonymized: Data that has no physical link to data that can be used to identify an individual’s identity. • De-identified: Data that is not individually identifiable, but might be used to re-identify the patient to provide additional clinical information. • Limited: Data that has a limited set of identifiable patient information as defined under HIPAA. • Identified: Data with one or more associated protected health identifiers that might be used to identify an individual’s identity.

  34. Data privileges Patient Code not associated to patient identity in database

  35. What is a project in CIDER? • A project is a clinical or translational research study or a quality assurance/improvement activity that requires CIDER • Project components • Principal Investigator • Collaborators • Start date / End Date • Relevant protocol documents and IRB approvals • Elements that filter data access under a project • Facilities from which data will be available • Level of identified data access – Data Privileges • ‘Other’ project rules

  36. Other Project Rules • Security measures for vulnerable populations • Age of the patients over the age of 89 • Minors (patients with age < 18) • Special rules • Access to SSN • Needs approval from IRB • QA/QI Projects • Includes opt-out patients’ data • Can include data from all facilities without individual IRB approvals

  37. Process workflows • User activation workflow • Project creation workflow

  38. User Activation I am working with Dr. Fraser. I need access to CIDER for research purpose. Please activate my account. CIDER System Request account activation 1 Collaborator Yes, she is working with me and she needs access to CIDER. Need approval from supervisor Approve request 2 Principal Investigator Ok. She has successfully completed her HIPAA training AND CIDER user training. Activating her account. Verify HIPAA details Activate account 3 Notification to user and PI CIDER Administrator

  39. Project Creation CIDER System I am requesting a project on behalf of Dr. Fraser. Request for Project activation 1 Collaborator The provided project details are correct. Please activate the requested project. Need approval from PI Approve request 2 Principal Investigator Ok. Based on the IRB Details, identified privileges can be granted for this project. Activating the project. Verify Project details Activate Project 3 Notification to PI & creator CIDER Administrator

  40. Hands on Lab • Learning objectives • Familiarize with the CIDER login page • Please remember it is accessible only within WUCON • Have your user account activated • If you have a WUSTLKEY, you can migrate to it and start using WUSTLKEY once your account is activated • Learn how to request a new project and submit for approval (Lab Assignment)

  41. CIDER URL • https://cider.cbmi.wucon.wustl.edu/cider/

  42. Take Home Lab Assignment • Request a project to be established in CIDER and have it approved before the beginning of the next class on 09/15/10. • Please make sure you have a meaningful title for the project and a brief description of what you are planning to do using this project. • Please select my name as the PI; ‘George Bijoy’ • Please specify the project attributes as follows • Start Date: 09/08/2010 • End Date: 12/31/2010 • Data Privilege = De identified

  43. Quiz • Please write your First name and Last Name on the quiz answer sheet to get proper credit • Please circle the best answer choice for each question • Please turn in the completed assignments to me before the end of the class • We will go over the answers and you will get your answer papers graded in the next class

  44. Q & A • Please feel to contact me any time • Email: bgeorge@wustl.edu

More Related