Policies and Procedures

Organization and Operation of the Resource

Guidelines for Use of RGE-Held Data

Guidelines for Publications Reference to UPDB

Policy on Access to UPDB by For-Profit Companies


ORGANIZATION AND OPERATION OF THE RESOURCE

  1. DESCRIPTION
    1. The Utah Resource for Genetic and Epidemiologic Research (RGE) was first established by Executive Order of the Governor of Utah on July 14, 1982, and modified by a second Executive Order on February 20, 1986, as "a data resource for the collection, storage, study, and dissemination of medical and related information" for "the purpose of reducing morbidity or mortality".
    2. In recognition of the need, in relation to the types of data defined in the Executive Orders, for an entity which would protect the confidentiality of both the data contributor and the data subject as required by law, the University of Utah administers RGE to manage the collection, use and disposition of that data by research and public health projects.
    3. RGE thus coordinates collection, use, and disposition of private and/or confidential data to protect both data contributor and data subject against indiscriminate use or disclosure.
  2. DEFINITIONS
    1. Database: A collection of computerized data, organized by use or source.
      1. Simple database: Databases from a single source are simple databases.
      2. Composite database: Simple databases may be linked to databases from other contributors to create new databases, defined as composite databases.
    2. Data contributor: Any person, agency or organization which provides data to RGE.
    3. Data subject: A named or otherwise personally identified individual within the data resources of RGE.
    4. Privacy: Privacy of data subjects refers to the capacity of the subject to control information about him/herself. Protection of the privacy of data subjects is based on acknowledgment of the subject's right to control information about her/himself (most specifically through the process of informed consent).
    5. Confidentiality: Confidentiality refers to management of information that a data subject has disclosed in a relationship of trust. It holds the understanding that information will not be shared with others in ways inconsistent with the original disclosure without permission. Protection of the confidentiality of subjects is based on acknowledgment of the need to safeguard data from inappropriate disclosure.
    6. Project: A program that has RGE approval to access facilities or data held by RGE.
    7. RGE or the Resource: The Utah Resource for Genetic and Epidemiologic Research, referring to the organization, the data resources, and/or other facilities within RGE custody.
    8. User: Any person who has been authorized to access the facilities or data held by RGE.
    9. Human Database Research Oversight Committee (HDROC): the University of Utah committee charged with oversight of all research resources providing human subjects data for research by multiple users.
  3. PURPOSES OF RGE
    1. RGE's primary role is the protection of data contributor and data subject against inappropriate use of the private and/or confidential data within RGE custody.
    2. In addition to its primary role, RGE provides maintenance and up-keep of the data within its custody. Wherever possible, RGE promotes and assists in the expansion and enhancement of the data.
    3. Despite its role as regulator of use of data within its custody, RGE strives to facilitate use of that data.
    4. RGE serves as a resource on confidentiality and privacy, particularly to the Institutional Review Board (IRB).
    5. The RGE can act as a data repository for personally identifiable medical/genetic data at the University of Utah.
  4. ORGANIZATION
    1. The RGE is administered through the Office of the President of the University of Utah by the Vice President for Research. Overall policy for the RGE is developed by the RGE Review Committee then reviewed and approved by the HDROC.
    2. The Director administers, and is responsible for all activities of the RGE. He/she provides staff to RGE committees and may provide staff to projects, as requested. The Director also oversees work done by RGE agents.
      1. He/she is responsible for supervision of the RGE budget.
      2. He/she has authority to supervise RGE personnel.
      3. The Director nominates Review Committee members annually. The Director provides an annual report, budget recommendations and information for long-term planning and development to the Advisory Committee.
    3. The Director is appointed by and reports to the Vice President for Research. The Director is funded as an employee of the University.
    4. Release from service from any RGE committee or position does not affect any rights an individual otherwise has relative to University of Utah employment.
  5. OPERATION
    1. The RGE Review Committee is composed of representatives of the data contributor(s), RGE staff, personnel familiar with the facilities necessary to access the data, and others as needed.
      1. The Review Committee is charged with ensuring that each project using RGE data:
        1. has adequate procedures for maintaining the privacy of subjects and confidentiality of human subjects data;
        2. meets use standards of individual data contributors as documented;
        3. has developed appropriate procedures for efficient data access;
      2. The specific review procedures necessary to protect the data contributors and data subjects of each individual database will be determined by the Review Committee.
        1. Pilot or preliminary studies will be reviewed by the Directors of RGE and the Pedigree and Population Resource (PPR) of the Huntsman Cancer Institute at the University of Utah.
        2. Pilot or preliminary studies that involve data from the UUHSC Data Rsource Center (DRC) will also be reviewed by the representative of the DRC to the Review Committee.
        3. Proposals that require no access to names nor involve any contact of potential subjects will be reviewed by the Directors of RGE and PPR, and the relevant data contributors by mail.
    2. The Review Committee assists the Director in identification of long-term planning issues and development of policy.
    3. The Committee also acts as the advisory body by which disputes over operation of RGE may be reviewed. Unresolved problems can be appealed to the Vice President for Research.
    4. Access to and use of simple databases are controlled by the donor. When the data donor cedes control to RGE data will be administered under normal RGE policy. Maintenance and development of simple databases remain the responsibility of the contributor as long as he/she retains legal responsibility for the data.

GUIDELINES FOR USE OF RGE-HELD DATA

These guidelines govern the operation of the Utah Resource for Genetic and Epidemiologic Research in administering the private and/or confidential data within its custody.

The purpose of the Guidelines for Use of RGE-Held Data is to delineate procedures for the acquisition, use and disposition of those data. These procedures are designed to protect the privacy and confidentiality of data subjects. In addition, the purpose of review of requests to use data include:
and serve as standards that:

  1. to assist with efficient, appropriate utilization of data;
  2. to provide information necessary for database design, development or modification;
  3. to enhance coordination of facilities and database administration.

Potential users are encouraged to consult with the RGE Director, the Pedigree and Population Resource Director, and, as necessary, the University of Utah Health Sciences Center Data Resource Center prior to designing proposals, in order to facilitate effective use of the data and prompt permission to access necessary data.

  1. APPLICATION FOR REVIEW
    1. Each project that wishes to use data in RGE custody must submit a proposal for review.
    2. Requests to use RGE data for preliminary or pilot studies may be made in a letter to proposal to the Director of RGE.
      1. The letter proposal must include a brief description of the proposed use and the data required.
      2. Preliminary or pilot studies may only request summary data, such as numbers of cases or families.
    3. Each new proposal to use RGE data must include an RGE application form which indicates:
      1. the person responsible for the project
      2. the start and end dates of the project
      3. the performance site
      4. the University account number/name (for billing)
      5. date of IRB approval (see E below)
      6. which data are to be accessed and for how long
      7. a list of all personnel who will have access to the RGE data, specifying those who will have access to individually-identifying data (if applicable), and whether or not each individual has a relationship with a for-profit company that might have an interest in the research
    4. Each new proposal to use RGE data must also include a description of the project and proposed use of the data (see F and G below.) The description should inclue descriptions of the following:
      1. procedures for data security
      2. procedures for contacting individuals (if relevant)
      3. data that will be returned to RGE (if relevant) (see H below)
      4. plan for disposition of data at the end of the project.
      5. any commercial funding (if relevant) and how data confidentiality will be protected
    5. Each project that will use human subjects or records of human subjects must also be submitted to and approved by the Institutional Review Board of the sponsoring institution. A copy of that approval must be provided to RGE prior to release of data.
    6. Access to either Dataset Specific Information or Individually Identifying Information must be specifically requested and justified. The request for access to either/both of these sets of information must include the time period for which access is requested.
    7. Very strong justification must be made for access to individual identifiers, such as names, SSNs, etc. Such requests should indicate why the project could not reasonably be conducted without such access. The period of time for access must be tied to project methodology. It should be kept as short as is reasonably possible.
    8. All projects that gather additional family information (e.g. names, birth dates/places, relationships, etc.) that are not already present in UPDB will provide that information to RGE on an annual basis.
    9. Projects conducted by Investigators outside the University of Utah
      1. Those projects requesting access to non-identifying information must complete both an RGE Database Access Application Form and a Confidential Disclosure and Information Transfer Agreement (CDITA) developed by the University of Utah Technology Transfer Office. The agreement will be signed by the Principal Investigator and a representative of his/her institution.

        All projects must maintain frequent contact with the Pedigree and Population Resource at the Huntsman Cancer Institute, to ensure that the data are being used accurately.

      2. Those projects requesting access to identifying information (e.g. contact studies) must have as an active member an investigator affiliated with a Utah institution of higher education or a Utah non-profit medical research institution. The investigator must complete both an RGE Database Access Application Form and a Confidential Disclosure and Information Transfer Agreement (CDITA) developed by the University of Utah Technology Transfer Office. The agreement will be signed by the Principal Investigator and a representative of his/her institution.
      3. Reviews of these projects will also include, in addition to criteria for access to RGE data by investigators from the University of Utah;
        1. possible competition with UU research projects;
        2. availability of resources required for the project;
        3. scientific merit.
    10. Changes in project procedures that may affect the protection of the privacy and confidentiality of data subjects require a written request for amendment and RGE approval.
    11. Any agency request to use data that it had collected under a legal mandate (e.g. State Vital Statistics) and then contributed to the RGE is exempt from review. Projects or requests that intend to link these data to other RGE protected data or intend to use linked data are subject to review.
  2. RECOMMENDED PROCEDURES FOR ASSURANCE OF DATA SECURITY
    1. Data management
      1. All identifying information stored electronically will be kept separate from other project information
        1. ID numbers will replace identifying information. This will also apply to the labeling of specimens for laboratory work and to the use of protected data by collaborators at other institutions.
        2. The method of linking identification numbers to names (or other individually identifying information) will be maintained by the Principal Investigator and his or her data manager only.
      2. Electronic access to all personally identifiable data will be through a controlled database system.
      3. Each user of the data must be authorized in writing by the Principal Investigator prior to acquiring an access key ( a user name requiring a password). This key will allow access only to files and records for which the user has been approved.
      4. The number of users of the data, particularly those authorized to use individually identifying information, will be kept to the minimum necessary to accomplish the project.
    2. Physical security
      1. Computers, data files, remote terminals and printers will be housed in locked rooms where unauthorized persons do not have access.
      2. Files containing personally identifiable data will not be copied without written authorization from RGE.
      3. All copies of files containing personally identifiable data, including computer tapes and printouts, will be stored in separate, locked filing cabinets, preferably in rooms where unauthorized persons do not have access. No files will be removed from the secure facility without prior RGE written permission.
    3. Personnel security
      1. All personnel involved with personally identifiable data will sign Confidentiality Agreements, affirming they will not disclose any protected information to any person or agency. The RGE Director will maintain a list of all personnel involved in all projects using RGE data and will maintain a file containing signed Confidentiality Agreements. Project investigators are responsible for keeping the agreements current.
      2. The Principal Investigator will maintain a list of all personnel involved in the project and a file of the names of the approved users on his/her project. These will be updated annually.
      3. All new project personnel will receive a brief training session in appropriate security for personally identifiable data.
    4. Additional protocols and procedures may be required from each project by any RGE computer or data agents. These specific policies, to include such topics as security audits, information management documents, or data recovery plans will establish minimum performance requirement and demonstrate the specific safeguards employed for physical, logical and data security.
      1. Specific physical security measures for a research or data site may be required by RGE and/or its computer agent.
    5. Personnel authorized to work with any RGE data will be held accountable for discovery of the relevant RGE rules. The RGE Director, using discretionary authority, may immediately suspend an authorization based upon behavior contrary to the best interests of the RGE or the data. The suspension will be in effect pending an investigation by the RGE Review Committee. Violations of any RGE rules, especially regarding data confidentiality, will subject the individual to the appropriate disciplinary response including suspension of user privileges, notification of the Institutional Review Board and the Office of the Associate Vice President for Research Integrity and Compliance , and, as appropriate faculty discipline (see Code of Faculty Responsibility) and investigation of possible violation of state law (see Utah Code Section 26-25-5.)
  3. RECOMMENDED PROCEDURES FOR CONTACTING INDIVIDUALS
    1. No individual will be contacted by an investigator for a research project without approval of specific contacting procedures by the RGE Review Committee and the appropriate IRB.
    2. Individuals contacted through data obtained from a specific contractual contribution to RGE will not be contacted without prior approval for that process by the specific data contributor.
    3. Contact protocols for individuals to be contacted who meet some research criteria (i.e. identified through data on those individuals) but who are not previously known to the investigator are:
      1. The Utah Cancer Registry (UCR)
        1. A list of cases by UCR identification numbers will be provided to the UCR.
        2. UCR will contact each subject (or the legal guardian of the subject if a guardian has been appointed by a court) and the subject's physician, if appropriate, and request the subject's written consent to be contacted by the researcher.
        3. UCR will provide contact information to the researcher for those subjects who consent.
      2. Cancer Data Registry of Idaho (CDRI)
        1. Contact of subjects identified through CDRI data is decided on a case-by-case basis by CDRI. Specific procedures must be negotiated directly with CDRI.
      3. Genealogy records
        1. Individuals identified through the genealogy as relatives of existing subjects should be contacted only as relatives of that subject and should be so identified in the initial contact.
        2. In general, genealogical information alone may not be used as a basis for contact of individuals.
      4. Center for Medicare/Medicaid Services (CMS) [formerly Health Care Financing Administration (HCFA)] records
        1. Names of individuals to be contacted through CMS/HCFA will be provided to CMS/HCFA by RGE.
        2. CMS/HCFA will provide address information and a contact letter to RGE to be sent to potential subjects.
        3. RGE will contact potential subjects to determine their interest in participating.
        4. Names and contact information for those individuals who indicate interest will be provided to the researcher.
      5. Vital records
        1. Individuals identified through the Bureau of Vital Records, Utah Department of Health (BVR) records will be contacted by RGE.
        2. A letter will be sent explaining the reason for contact, identifying the study, and inviting the potential subject to return a form indicating her/his interest in knowing more about the study.
        3. Only names of individuals who return the form indicating an interest will be provided to the researcher.
      6. Driver License Division
        1. Individuals identified through the Driver License Division, Utah Department of Public Safety (DLD) records will be contacted by RGE.
        2. A letter will be sent explaining the reason for contact, identifying the study, and inviting the potential subject to return a form indicating her/his interest in knowing more about the study.
        3. Only names of individuals who return the form indicating an interest will be provided to the researcher.
      7. University of Utah Health Sciences Center Data Resource Center
        1. Individuals identified through use of the DRC data will be contacted by RGE/DRC or by the physician from whom the record originated.
        2. Individuals contacted by RGE will be sent a letter explaining the reason for contact, identifying the Principal Investigator, briefly describing the study, and inviting the potential subject to return a form indicating her/his interest in knowing more about the study.
          1. Only names of individuals who return the form indicating an interest will be provided to the researcher.
          2. Medical information about a given subject from the DRC will only be released to the Principal Investigator after a copy of the subject's signed consent form has been provided to the DRC.
    4. Contact of individuals who are relatives of individuals already participating in the research must be through already consented subjects in that research.
  4. ANNUAL REPORTS
    1. Investigators will submit reports annually that indicate the following:
      1. Any changes in procedures, security, etc. Such changes may require re-review of the project.
      2. An updated list of project personnel with access to personally identifiable data.
    2. All continuing projects must be reviewed annually. Data access may be denied to any investigator who fails to complete an annual review. Investigators will be sent an annual renewal form at the beginning of the month their project is due for annual review.

      Data analysis only status: Projects that are no longer receiving new data from UPDB may elect to have an abbreviated annual review that will allow them to continue to use data already obtained from UPDB for analysis only. Access to new data requires a new application and study description.

    3. At the project end date, or at five years, whichever comes first, all projects will be completely re-reviewed. A new application form must be submitted, reviewed and approved by the RGE Review Committee.

      Projects that have no active access to data will file a data analysis only annual report.

  5. SCIENTIFIC PUBLICATION REVIEW
    1. All manuscripts for publication referring to RGE or the data must be reviewed and approved by RGE prior to publication. This review is intended to ensure that specific data contributor confidentiality guidelines are met.
    2. Purposes
      1. To deal with specific confidentiality issues in the publication;
      2. To ensure that the publication matches the specifics of the approved project;
      3. To ensure appropriate portrayal of the RGE and its data contributors.
    3. Procedures
      1. All manuscripts to be submitted for publication (including abstracts, letters, editorials, etc.) must be submitted to the Director when they have been accepted for publication. Manuscripts should be submitted for review before editing of page proofs to limit changes at that point. Manuscripts will be reviewed by the Director, and by a representative of any data contributor whose agreement with RGE so specifies.
      2. When a full committee review is necessary, copies of each manuscript will be distributed to all members of the RGE Review committee. Whenever possible, a decision or a required modification request will be communicated to the lead author within 15 working days.
      3. Since agreements with data contributors require prior confidentiality approval of publications, the RGE is obligated to expedite reviews in a timely and productive manner Upon receipt of a manuscript, the RGE's failure to confer with the lead author within 15 working days will constitute an automatic approval. A negative decision requires a notice of denial to the lead author with the reasons for the decision. The reasons will be specific and will include suggested improvements for amending the manuscript.
    4. Names, initials, or any other personally-identifying information pertaining to the individuals or families within RGE data will not be used in any public presentation or be released by RGE users to any public media, in accordance with but not limited to Utah Code Section 26-25-4
  6. OTHER PUBLICATION REVIEWS
    1. All press releases, interviews, public presentations, or other public media disclosures referring to RGE or the data within it must conform to guidelines developed by the RGE staff and committees.
      1. Violation of the guidelines may constitute grounds for discontinuing a project's access to RGE data.
    2. Media reviews are required to protect the privacy rights of the individuals named in RGE data as well as to protect the data contributors from any unwanted publicity regarding their contributions.
    3. Procedures
      1. The RGE staff or review committee should be contacted by any user prior to public media disclosures relating to the use or existence of the genealogical dataset. Guidelines will be provided that will assist the user in determining the appropriate release of information (what, when, to whom), terminology used in such disclosures, and the necessity for prior reviews.
      2. Media inquiries about the relationship between the RGE and those data contributors with agreements covering publicity regarding their contributions should be referred to the Vice President for Research.
    4. Names, initials, or any other personally-identifying information pertaining to the individuals or families within RGE data will not be used in any public presentation or be released by RGE users to any public media, in accordance with but not limited to Utah Code Section 26-25-4.
  7. DISPOSITION OF DATA AT THE END OF THE PROJECT

    At the conclusion of any project using personally identifiable data, the Principal Investigator will make provision for the disposition of that data, as described by one of the following.

    1. The investigator wishes to continue working with the data. A proposal to that effect will be submitted for review.
    2. Data will be reposited for:
      1. cataloging and storage only (renewed access requires a new proposal and review)
      2. cataloging and linkage to (an)other dataset(s) (renewed access requires permission of donors of datasets to which data was linked, a new proposal and review)
    3. Data may be destroyed, in accordance with the guidelines of the granting agency and/or the University of Utah.
  8. RGE AGENTS OR REPRESENTATIVES
    1. Purpose
      1. The RGE has the right to enter into agreements with other organizations or consultants for the purpose of securing services for the RGE or its project investigators.
      2. These services may involve providing the technical facilities or expertise to collect, store, computerize, and/or otherwise physically control or link, and manipulate the data in RGE custody.
    2. Limitations
      1. Any organization or consultant that provides services to the RGE becomes an agent on behalf of the RGE and is bound by the RGE Bylaws, Policies and Procedures, and all other applicable statutes, policies or procedures. The RGE maintains its legal custody of and authority for all RGE data and will refrain from doing business with any organization or consultant that fails to abide by RGE's rules.
      2. The RGE will not abdicate or relinquish, to any other party, the responsibility for managing, protecting, or coordinating the data within RGE.
  9. ACCESS TO DATA
    1. By named individuals
      1. Each agency that contributes data to the RGE may designate in the provider agreement those portions of the data which may be disclosed to the data subject.
      2. If no specific provision exists, the data subject is required to obtain written permission from the contributing agency or to obtain the information from the agency directly.
    2. By subpoena
      1. RGE data are not subject to subpoena (Utah Code, Section 26-25-3).

GUIDELINES FOR PUBLICATIONS REFERENCE TO UPDB

Datasets within the Utah Population Database come from a variety of sources. Agreements with each data contributor may involve specific requirements for acknowledgment of the origin of the data. The purpose of these guidelines is to outline certain limitations and/or requirements for those acknowledgments in publications using UPDB data. Any publication referring to the Utah Population Database, the data contained therein, or the Resource for Genetic and Epidemiologic Research (RGE) must be reviewed and approved by RGE prior to publication. In order to facilitate rapid review and approval, authors are strongly encouraged to adhere to the following guidelines:

ALL DATASETS

Names, initials or any other personally identifying information pertaining to individuals or families within UPDB will not be used in any public presentation or be released by RGE users to any public media, in accordance with but not limited to Utah Code Section 26-25-4.

UTAH CANCER REGISTRY

  1. Only descriptive, nonconfidential data shall be published or presented by individuals or institutions obtaining data from the Registry.
  2. All data published shall acknowledge the Utah Cancer Registry as the data source for information contained in the publications or presentations as follows: This research was supported by the Utah Cancer Registry, which is funded by Contract No. HHSN2612013000171 from the National Cancer Institute's SEER Program with additional support from the Utah State Department of Health and the University of Utah.

FAMILY HISTORY INFORMATION

  1. The preferred description is: "genealogical records of the descendants of the Utah pioneers."
  2. Data should be referred to as obtained from the Utah Resource for Genetic and Epidemiologic Research.
  3. If necessary, the source of "family histories" or "historical records" should be identified as the Utah Genealogical Society.
  4. If necessary, data should be referred to as "historical and vital records", "family histories", or "genealogies compiled by the Utah Genealogical Society" not "LDS Church Genealogical Records", "Mormon Genealogies" or "LDS Membership information". The word "member" should be avoided whenever possible, as it gives the impression that RGE holds membership records, which it does not.

HUNTSMAN CANCER INSTITUTE AT THE UNIVERSITY OF UTAH

Partial support for all datasets within the Utah Population Database is provided by the University of Utah Huntsman Cancer Institute and the Huntsman Cancer Institute Cancer Center Support grant, P30 CA2014 from the National Cancer Institute.

POLICY ON ACCESS TO UPDB BY FOR-PROFIT COMPANIES

  1. Any person applying for access to UPDB on an approved project will be required to divulge any relationship with any for-profit company which might have an interest in the research being conducted with UPDB access. The effect of that relationship on the request for access will be determined by the RGE Advisory Committee on a case by case basis.
  2. Access to the genealogical dataset:
    1. Projects applying to RGE for access to UPDB will be required to identify their source(s) of funding.
      1. Funding for projects supported by for-profit companies must have provision for a principal investigator at the University of Utah, and the source of the principal investigator's funding must be identified as such. A specific contractual agreement between the for-profit company and the University of Utah will be required before project approval. That agreement must specify which researchers have access to genealogical data and which research results will be provided to the for-profit company.
      2. Principal investigators at the University of Utah may not also be employees of the for-profit companies.
    2. No individually identifying information from the genealogical dataset will be made available to any for-profit company or its employees. Individually identifying information from the genealogical dataset includes names and pedigree/family structure.
    3. Information derived from non-profit research use of the genealogical dataset may be provided to for-profit companies under the following conditions:
      1. Linkage studies or other such analyses involving individually identifying information must be conducted by the University of Utah principal investigator;
      2. No information that could identify any individual or family in the genealogical dataset is provided to any for-profit company or its employees;
      3. No contact is made by the for-profit company or its employees with individuals that would imply that those individuals were identified through the genealogical dataset;
      4. No representation of the relationship between the for-profit company and the genealogical dataset is made that would allow it to be construed to imply that a commercial entity has access to the data.
  3. Access to vital records:
    1. Access to Health Department records that are not linked to other datasets must be obtained through the Bureau of Vital Records and Health Statistics.
    2. Access to Health Department records linked to other datasets is subject to all RGE requirements for access by for-profit companies.
  4. Access to Utah Cancer Registry records
    1. Access to Registry records that are not linked to other datasets must be obtained through the Registry.
    2. Access to Registry records linked to other datasets is subject to all RGE requirements for access by for-profit companies.