PRINCIPLES FOR ACCESSING AND USING PUBLICLY-FUNDED DATA FOR HEALTH RESEARCH

Similar documents
Data Governance in-brief

NSW Government Open Data Policy. September 2013 V1.0. Contact

DFS C Open Data Policy

NATIONAL PARTNERSHIP AGREEMENT ON E-HEALTH

Research Data Management Procedures

NSW Data & Information Custodianship Policy. June 2013 v1.0

Guidelines approved under Section 95A of the Privacy Act December 2001

POLICY FRAMEWORK AND STANDARDS INFORMATION SHARING BETWEEN GOVERNMENT AGENCIES

DGD ACT Health Data Quality Framework

ESRC Research Data Policy

Guidelines for professional indemnity insurance arrangements for midwives

Information Circular

NATIONAL INFORMATION AGREEMENT ON EARLY CHILDHOOD EDUCATION AND CARE

COMPLAINTS MANAGEMENT POLICY AND PROCEDURES

Information Governance and Management Standards for the Health Identifiers Operator in Ireland

NGV INWARD LOANS POLICY Approved by the Council of Trustees Policy Statement. Application. Context. Policy

Guide to the National Safety and Quality Health Service Standards for health service organisation boards

Report of the Information & Privacy Commissioner/Ontario. Review of the Canadian Institute for Health Information:

Security Awareness and Training

How To Govern Data Governance At The Australian Primary Health Care Research Institute

Information Management Advice 50 Developing a Records Management policy

Submission on the National Registration and Accreditation Scheme Partially Regulated Occupations

Digital Continuity Plan

Daltrak Building Services Pty Ltd ABN: Privacy Policy Manual

Management of Research Data Procedure

E-SECURITY REVIEW 2008 DISCUSSION PAPER FOR PUBLIC CONSULTATION

Submission in Response to the Personally Controlled Electronic Health Record System: Legislation Issues Paper

Community Housing Providers (Adoption of National Law) Bill 2012

The National Health Plan for Young Australians An action plan to protect and promote the health of children and young people

Curriculum Vitae Geoffrey Charles (Geoff) Sims

How To Ensure Health Information Is Protected

Consultation Paper: Standards for Effectively Managing Mental Health Complaints

A guide to the water charge (infrastructure) rules: Tier 2 requirements

Chiropractic Boards response 15 December 2008

Cloud Computing in a Government Context

Joint Position on the Disclosure of Clinical Trial Information via Clinical Trial Registries and Databases 1 Updated November 10, 2009

Safety, crime and justice : from data to policy Australian Institute of Criminology Conference

Listening to Stakeholders about Hearing Services

Standard 5. Patient Identification and Procedure Matching. Safety and Quality Improvement Guide

Standard 1. Governance for Safety and Quality in Health Service Organisations. Safety and Quality Improvement Guide

Foreword. Closing the Gap in Indigenous Health Outcomes. Indigenous Early Childhood Development. Indigenous Economic Participation.

AITSL is funded by the Australian Government. Guide to the Certification of Highly Accomplished and Lead Teachers in Australia

1.4 For information about our management of your other personal information, please see our Privacy Policy available at

Connecting your healthcare: a guide to registering for an ehealth record

Privacy Committee. Privacy and Open Data Guideline. Guideline. Of South Australia. Version 1

Proposed overarching principles for National Standards for Out of Home Care

RECORDS MANAGEMENT POLICY

The Regulation of Health Information Privacy in Australia

Entrepreneurs Programme - Business Evaluation. Version: 3

Principles and Guidelines on Confidentiality Aspects of Data Integration Undertaken for Statistical or Related Research Purposes

NORTHERN TERRITORY OF AUSTRALIA HEALTH SERVICES ACT As in force at 1 July Table of provisions

Australian Government Cloud Computing Policy

Psychologist s records: Management, ownership and access. APS Professional Practice

COURSE INFORMATION BSB61015 Advanced Diploma of Leadership and Management

Information Management: A common approach

Australian Government Cloud Computing Policy

An outline of National Standards for Out of home Care

POLICY STATEMENT 5.17

Published by the National Regulatory System for Community Housing Directorate. Document Identification: /NRSD. Publication date: January 2014

The Future Use of Electronic Health Records for reshaped health statistics: opportunities and challenges in the Australian context

Release: 1. CHCCM703A Apply effective case management practice

Once you have submitted the online medical assessment you will receive an online reference number. ONLINE REFERENCE NUMBER Smartform number

RESEARCH DATA MANAGEMENT POLICY

Information Governance Strategy & Policy

Greens NSW Aboriginal and Torres Strait Islander Peoples Policy

OPERATIONAL DIRECTIVE. Data Stewardship and Custodianship Policy. Superseded By:

FINANCIAL SERVICES TRAINING PACKAGE FNB99

Cloud Computing and Records Management

Council of Australian Governments

PRIVACY POLICY. Privacy Statement

Privacy Policy on the Collection, Use, Disclosure and Retention of Personal Health Information and De-Identified Data, 2010

Australian Code for the

GUIDE TO IMPLEMENTING A REGULATORY FOOD SAFETY AUDITOR SYSTEM

Privacy and Cloud Computing for Australian Government Agencies

Crime Statistics Data Security Standards. Office of the Commissioner for Privacy and Data Protection

Casino, Liquor and Gaming Control Authority Act 2007 No 91

Privacy fact sheet 17

Position Description

Transport Accident Act No Fault Dispute Resolution Protocols 1 March 2005 (amended as from August 2008)

A BILL for AN ACT. Serial 270 Volatile Substance Abuse Prevention Bill 2004 Ms Scrymgour

The Health Information Act. Use and Disclosure of Health Information for Research

INFORMATION GOVERNANCE POLICY

Transcription:

TARGETED CONSULTATION DRAFT National Health and Medical Research Council PRINCIPLES FOR ACCESSING AND USING PUBLICLY-FUNDED DATA FOR HEALTH RESEARCH Developed by NHMRC s Prevention and Community Health Committee and the NHMRC Data Reference Group December 2014 Page 1

Principles for Accessing and Using Publicly- Funded Data for Health Research Purpose Background: Australia has many publicly-funded data holdings, including registries, administrative databases, clinical datasets and surveys, which can be used for scientific research into population health, health services and clinical care. The means of accessing these datasets or determining their fit-for-purpose to address a research question are often not well defined and this can cause confusion for researchers and data custodians. These Principles for Accessing and Using Publicly Held Data for Health Research (the Principles) provide a framework for researchers and data custodians to consider when requests or applications are made for access to existing publicly-funded datasets for the purposes of health research. The Principles should be read in conjunction with the National Statement on Ethical Conduct in Human Research (2007) 1, the Australian Code for the Responsible Conduct of Research 2 and other policies and guidance such as those outlined in Appendix A. The Principles are a guide for researchers who are requesting access to wholly or partially publicly funded datasets, and for organisations that hold publicly-funded datasets. It does not dictate a particular process that must be followed, nor restrict an organisation from using its own data access policies. Organisations holding relevant data that are not publicly-funded, such as those conducting clinical trials e.g. pharmaceutical companies, are also encouraged to consider and use the Principles. The need for the Principles: Researchers and data custodians often have different perspectives and priorities in data sharing. Priorities for custodians include adherence to legislation, privacy protection, ensuring that the suitability and limitations of the data for specific research applications are understood and the need to meet internal work demands. Researcher priorities overlap with custodian priorities, but also include expeditious study implementation, often determined by the time frames specified by research funding agencies. The Principles aim to facilitate communication between researchers and data custodians to foster a better understanding of respective roles and responsibilities, and to optimise the appropriate use of publicly-funded data for health-related research. Scope and target audience The Principles are for custodians and researchers using publicly funded health and health-related datasets, including linked datasets, whether held at national, state/territory or local level. This may include both aggregate and unit record data held in registries, administrative, survey-based and clinical datasets/databases, existing health research datasets/databases, and datasets held by universities. Health-related data include datasets that are not health-specific but which may be used to address research questions about health or health services. Not all health or health-related data are publicly funded, however it should be noted that in certain situations, data collected by private individuals or organisations may be made available to government stakeholders under particular agreements. Wherever possible, these agreements should not preclude the further use of these datasets for research. Appendix B includes a map of health data key stakeholders and a list of examples of health-related data. 1 http://www.nhmrc.gov.au/_files_nhmrc/publications/attachments/e72_national_statement_130207.pdf 2 http://www.nhmrc.gov.au/_files_nhmrc/publications/attachments/r39.pdf Page 2

Principles 1. Research use of publicly held health and health-related data should be maximised a. Research can be an important use of existing publicly-funded health and health-related data. Research contributes significantly to ensuring that the most important health issues for the Australian community are addressed. b. Use of existing datasets for research should be promoted, encouraged and maximised when the public benefit is expected to outweigh any risk to privacy or confidentiality. c. Researchers should expect that the conditions of data access and licensing, a description of an organisation s data holdings, a description of the data quality and up to date and comprehensible metadata will be published and maintained. d. Publicly-funded health and health-related datasets, in non-identifiable form, should be available for research wherever legally and practically possible and should not be withheld from research. Lower risk re-identifiable data should be available either through public release or with minimal access requirements. Researchers should have the opportunity to apply to data custodians for access to high risk identifiable data. e. To maximise public benefit, key priority areas for research using publicly-funded data should be identified by researchers in collaboration with data custodians, policymakers, practitioners and the community. Major health issues and priorities determined by the NHMRC may be a useful reference point for prioritisation of access for health-related research. f. Health research using publicly-funded data should follow the principles of promoting public awareness and public engagement. This may include the publication of appropriate details of the research project, including its purpose and the datasets used at its outset and throughout the project. 2. Data custodians should recognise their responsibilities and accountabilities when providing access to data for research Custodians of publicly funded health and health-related datasets should: a. Have processes (e.g. data management plan) in place that not only cover use of the data for the purpose for which they were collected, but also any future research purposes for which they may be used. They should also include agency resource allocation for data provision. b. Manage their datasets in accordance with good management principles and encourage, support and facilitate access to data to promote high quality and sustainable research outcomes. c. Protect the privacy and confidentiality of individuals, by ensuring that data releases for research purposes are legally permitted, and accord with relevant Commonwealth and state/territory legislation and policies. d. Provide researchers with information to assess the quality of the datasets and assist the researchers to determine whether the data is fit-for-purpose to address the proposed research question(s) prior to submitting an access request. e. Provide researchers with timely access to data for research on a best endeavours basis. This should include availability of aggregate data released in the public domain, lower risk re-identifiable and confidentialised data, and the ability to apply for high risk identifiable data. Page 3

f. Be transparent and proactive about: requirements for ethics approval (if applicable) how data custodians manage their data sets how requests or applications for data access are made, assessed, and reviewed (e.g. risk assessment), and how long applications may take timelines for provision of data any charges associated with data provision processes in place to follow up on outstanding data access requests processes to follow when seeking review of decisions to deny data access how data will be made available requirements for researchers to sign confidentiality agreements 3. Researchers should recognise their responsibilities and accountabilities when accessing and using publicly held health and health related datasets Researchers using publicly funded health and health-related datasets should: a. Consult with data custodians early and check that the data are appropriate for the intended research purpose. Researchers can use the Applying the ABS Data Quality Framework 3 to help ensure the quality of the data is fit for their purpose, noting that research using this data is a secondary use from the original purpose of collection by the public organisation. b. Comply with the National Statement on Ethical Conduct in Human Research (2007) 4. c. Ensure that the identity of individuals is not disclosed to unauthorised persons, that data are kept secure and only used for the purpose for which their use is approved, and destroyed after an agreed period. Researchers should meet obligations under legislation and in signed agreements with data custodians for the use of data, including restrictions imposed on the use and sharing of data. d. Provide data custodians and their parent organisations with opportunities to review and comment on research reports, and respect concerns expressed by data custodian organisations in relation to the way their data have been used in the compilation of draft reports. Researchers should allow a reasonable amount of time for data custodians to review and comment on the draft reports. e. Publicly acknowledge in their reports and presentations the support given by data custodians. f. Be transparent about: declaring conflicts of interest source of funding avoiding misuse of data the quality of datasets, including identifying any limitations objective reporting of research findings consultation with stakeholders timeframes for research and publication of findings compliance with the terms and conditions of data provision and usage compliance with all relevant legislation, including the Privacy Act 1988 3 http://www.abs.gov.au/ausstats/abs@.nsf/latestproducts/1520.0main%20features10may%202009?opendocument&tabname=summary&p rodno=1520.0&issue=may%202009&num=&view= 4 http://www.nhmrc.gov.au/_files_nhmrc/publications/attachments/e72_national_statement_130207.pdf Page 4

Appendix A Alignment with existing data policies and guidance The Guide complements existing data principles, policies and guidance documents including but not limited to: Name Link to website Relevance to Principles Australian Government Information Management Office (AGIMO) Australian Public Service Big Data Strategy http://www.finance.gov.au/sites/default/files/big- Data-Strategy_0.pdf Details the whole-of-government-approach to the use of big data. This approach can be used to provide better access to Australian government data for research. Australian Public Service Better Practice Guide for Big Data A Good Practice Guide to Sharing Your Data with Others High Level Principles for Data Integration Involving Commonwealth Data for Statistical and Research Purposes National Aboriginal and Torres Strait Islander Health Data Principles The NHMRC open access policy for dissemination of research findings http://www.finance.gov.au/sites/default/files/aps- Better-Practice-Guide-for-Big-Data.pdf http://www.nss.gov.au/nss/home.nsf/nss/e6c05ae 57C80D737CA25761D002FD676?opendocument http://www.nss.gov.au/nss/home.nsf/pages/high+ Level+Principles+for+Data+Integration+- +Content?OpenDocument www.aihw.gov.au/workarea/downloadasset.aspx?i d=6442472790 http://www.nhmrc.gov.au/grants/policy/disseminatio n-research-findings Aims to address the key considerations for government agencies when growing their capability in big data and big data analytics. It is intended initially as an introductory and educative resource for agencies looking to introduce a capability and the specific challenges and opportunities that accompany such an implementation. It is also relevant to those in industry, research and academia who can work as partners with government. It states that further work is required to provide specific guidance and approaches for managing the responsible use of the data and data analytics to address vulnerabilities in relation to privacy, security, acquisition of data and the application of insights obtained from data. Provides a basic framework for data sharing agreements, including key factors to consider when developing data sharing agreements. It is designed to assist government data custodians, data providers and data users as well as assisting staff working on, or contributing to, data sharing projects. Outlines seven principles that facilitate linkage of social, economic and environmental data for statistical and research purposes. Organisations with significant responsibilities in Aboriginal and Torres Strait Islander (ATSI) health data should apply these principles and establish meaningful partnerships with Aboriginal and Torres Strait Islander Australians. The principles set out a culturally respectful foundation for the collection, storage and use of ATSI Australian s health and health-related information. To maximise the benefits from research, the open access policy requires that any publication arising from NHMRC supported research must be deposited into an open access institutional repository within a twelve month period from the data of publication. Page 5

The Australian Research Council (ARC) Open Access Policy State/territory policies such as: The DataVic Access Policy OpenGov NSW Data Portal The Commissioners for Law Enforcement Data Security (CLEDS): http://www.arc.gov.au/applicants/open_access.htm http://www.data.vic.gov.au/cms/policy/285/) http://data.nsw.gov.au http://www.cleds.vic.gov.au/content.asp?a=cleds Home To maximise the benefits from research, publications resulting from research activities must be disseminated as broadly as possible to allow access by other researchers and the wider community and must be deposited into an open access institutional repository within a twelve month period from the date of publication. Provides lists of NSW and Victorian Government datasets that are accessible on line. CLEDS establishes standards and protocols of access to and release of law enforcement data. NHMRC s Ethical Considerations in Quality Assurance and Evaluation Activities (2014) http://www.nhmrc.gov.au/_files_nhmrc/publications/ attachments/e111_ethical_considerations_in_qualit y_assurance_140326.pdf This advice is designed to assist organisations in deciding the appropriate level of oversight for quality assurance and evaluation. Organisations should consider this guidance when developing policies/advice on quality assurance activities, particularly as related to the triggers for ethical review. Alignment with broader legislation, regulations and policies 5 The Guide also complements a range of broader legislation, regulations and policies, including but not limited to: Name Link to website Reason for relevance to Guide The Australian Institute of Health and Welfare Act 1987 (AIHW Act) http://www.aihw.gov.au/privacy-of-data/ The AIHW's main functions relate to the collection and production of health-related and welfare-related information and statistics, and are specified in s.5 of the Act. The Act stipulates that the AIHW operates under a strict privacy regime which has its basis in s.29 of the Act. From the perspective of both subjects and providers of information held by AIHW, a major strength of s.29 is that it specifically imposes on recipients of data released by AIHW the same confidentiality obligations applying to AIHW staff. These include a specific restriction on being required to divulge or communicate any of that information to a court (s.29(1)(e)). 5 Reviews of data access policies should be undertaken at regular intervals to ensure continued compliance with relevant legislation, regulations and policies. Page 6

The Census and Statistics Act 1905 The National Health Information Agreement The National Statement on Ethical Conduct in Human Research (2007) The Australian Code for the Responsible Conduct of Research http://www.comlaw.gov.au/details/c2006c00178 http://meteor.aihw.gov.au/content/index.phtml/ite mid/182135 http://www.nhmrc.gov.au/_files_nhmrc/publication s/attachments/e72_national_statement_130207.p df http://www.nhmrc.gov.au/_files_nhmrc/publication s/attachments/r39.pdf This provides the Australian Statistician with the authority to conduct statistical collections. The Act requires the Australian Bureau of Statistics (ABS) to maintain the confidentiality of information collected under the Act. This is an agreement between the Australian Government and state/territory government health authorities to coordinate the development, collection and dissemination of health information in Australia, including the development, endorsement and maintenance of national data standards. Specifies a requirement for consent of participants of human research projects including use of a person s data for research purposes. Discusses the responsibilities of institutions and researchers in management of research data and primary materials. Ethical Considerations in Quality Assurance and Evaluation Activities The Privacy Act 1988 (note Section 95) http://www.nhmrc.gov.au/_files_nhmrc/publication s/attachments/e111_ethical_considerations_in_qu ality_assurance_140326.pdf http://www.austlii.edu.au/au/legis/cth/consol_act/p a1988108/s95.html Assist organisations in deciding the appropriate level of oversight for quality assurance (QA) and evaluation. Chapter 2.3 of the National Statement on Ethical Conduct in Human Research, 2007 refers to this document. Gives permission to the CEO of the NHMRC, with the approval of the Commissioner, to issue guidelines for the protection of privacy by agencies in the conduct of medical research. The Freedom of Information Act 1982 http://www.comlaw.gov.au/details/c2012c00231 Allows members of the public rights of access to official documents of the Government of the Commonwealth and of its agencies. Functions and powers given by this Act are to be performed and exercised, as far as possible, to facilitate and promote public access to information, promptly and at the lowest reasonable cost. The Parliament also intends to increase recognition that information held by the Government is to be managed for public purposes, and is a national resource. The National Health Act 1953 http://www.comlaw.gov.au/details/c2013c00083 An Act relating to the provision of pharmaceutical, sickness and hospital benefits, and of medical and dental services. Section 135A Officers to Observe Secrecy prescribes the conditions under which information collected under this Act may be communicated to any person about the affairs of a third person. Subsection 3 of this section describes the limited situations when information can be communicated. Subsection 4 deems that an authority or person receiving information under subsection 3 is subject to the Page 7

same obligations and liabilities as if they were an Officer under the Act and cannot communicate the information to any other authority or person. Section 135AA Privacy Guidelines requires the establishment of privacy guidelines that apply a further set of privacy obligations on Commonwealth agencies in relation to the information collected under the Medical Benefits Scheme and the Pharmaceutical Benefits Scheme. The Health Insurance Act 1973 http://www.comlaw.gov.au/details/c2014c00550 An Act providing for payments by way of medical benefits and payments for hospital services and for other purposes. Section 130 Officers to Observe Secrecy prescribes the conditions under which information collected under this Act may be communicated to any person about the affairs of a third person. Subsection 3 of this section describes the limited situations when information can be communicated. Subsection 4 deems that an authority or person receiving information under subsection 3 is subject to the same obligations and liabilities as if they were an Officer under the Act and cannot communicate the information to any other authority or person. The Privacy Guidelines for the Medicare Benefits and Pharmaceutical Benefits Programs http://www.oaic.gov.au/privacy/applying-privacylaw/legally-binding-privacy-guidelines-andrules/privacy-guidelines-for-the-medicare-benefitsand-pharmaceutical-benefits-programs-issuedmarch-2008-effective-from-1-july-2008 Applies a further set of privacy obligations on Commonwealth agencies in relation to the information collected under the Medical Benefits Scheme and the Pharmaceutical Benefits Scheme. State/Territory government legislation including privacy acts, health records acts, public health acts and other relevant legislation. For example, in NSW: The Privacy and Personal Information Protection Act 1998 The Health Records and Information Privacy Act 2002 The Social Security (Administration) Act 1999 http://www.austlii.edu.au/au/legis/nsw/consol_act/ papipa1998464/ http://www.austlii.edu.au/au/legis/nsw/consol_act/ hraipa2002370/ http://www.comlaw.gov.au/details/c2013c00127 The Privacy and Personal Information Protection Act 1998 provides for the protection of personal information and for the protection of the privacy of individuals generally. The Health Records and Information Privacy Act 2002 makes provision for the protection of health records and information; and for other purposes. An Act to provide for the administration of the social security law, and for related purposes. Page 8

PUBLICLY FUNDED HEALTH DATASETS STAKEHOLDER MAP Appendix B Data users and/or providers Government departments Includes but is not limited to departments and policy makers in areas of: Social Services Health and human services Ageing Industry Prime Minister and Cabinet Veterans Affairs Treasury Defence Communication Education State government departments of health and other relevant departments/agencies University faculties/schools of health and/or medicine (or equivalent), plus other researchers or research organisations Public and private hospitals, private service providers, clinical registries Council of Australian Governments and relevant subcommittees Other State and Territory Governments and Agencies, State government Births, Deaths and Marriage registries General public, NGOs Government agencies Includes but is not limited to agencies and policy makers in areas of: Health and welfare Statistics Research funding Safety and quality in health care Cancer Nutrition ATSI Health Productivity Sports Antarctic Research Expeditions Scientific and Industrial Research Defence Science and Technology Examples of health-related data Ambulance data Crime data Demographic data Geographic data Police data Road safety data Sales data Social Security data Education data Sporting performance data Immigration data Page 9

Appendix C Glossary Term Identifiable data 6 Re-identifiable data 6 Non-identifiable data 6 Health and Health related data Privacy Confidentiality Public benefit Definition Data where the identity of a specific individual can reasonably be ascertained. Examples of identifiers include the individual s name, image, date of birth or address Data from which identifiers have been removed and replaced by a code, but it remains possible to re-identify a specific individual by, for example, using the code or linking different data sets Data which have never been labelled with individual identifiers or from which identifiers have been permanently removed, and by means of which no specific individual can be identified. A subset of non-identifiable data are those that can be linked with other data so it can be known that they are about the same data subject, although the person s identity remains unknown. Includes any data required to inform health research/health status. This includes health data sets as well as data sets linked to data where the primary issue is health (e.g. socio economic status, education, occupational health and safety) The right or expectation that personal and other identifying information will not be disclosed. The treatment of information that an individual has disclosed in a relationship of trust and with the expectation that it will not be used or divulged to others in ways that are inconsistent with the understanding of the original disclosure, without permission 7. Advantage gained for parts or the whole of society from accessing and using data for research purposes. Provision of data that will contribute to the generation of knowledge that will benefit the general community or lead to the formation of policies and practices to benefit the Australian population Fit-for-purpose The quality of the dataset is sufficient to be able to address the research question(s). Publicly-funded data Data Management Plan Data whose collection and maintenance rely on funding from the government at relevant jurisdictional levels. Datasets established through publically funded modes, for example publicly funded health services. The creation, collection, management, use and disposal of agency data is governed by a number of legislative and regulatory requirements. Government data needs to be managed in a way that ensures it is discoverable, accessible and useable. 8 This should also include how the agency will address resource allocation in order to provide data. 6 NHMRC s National Statement on Ethical Conduct in Human Research (2007) (Updated March 2014) https://www.nhmrc.gov.au/book/chapter-3-2-databanks 7 Population Health Research Network (PHRN) Glossary (current as at September 2011) - http://www.phrn.org.au/media/27174/phrn%20glossary.pdf 8 Australian Government Information Management Office (AGIMO) Australian Public Service Big Data Strategy http://www.finance.gov.au/sites/default/files/big-data-strategy_0.pdf Page 10

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information