Schell Scott R
Cancer Institute of New Jersey, Division of Surgical Oncology, Robert Wood Johnson Medical School/University of Medicine and Dentistry New Jersey, New Brunswick, New Jersey 08903, USA.
Surg Infect (Larchmt). 2006 Feb;7(1):37-44. doi: 10.1089/sur.2006.7.37.
Enforcement of the Health Insurance Portability and Accountability Act (HIPAA) began in April, 2003. Designed as a law mandating health insurance availability when coverage was lost, HIPAA imposed sweeping and broad-reaching protections of patient privacy. These changes dramatically altered clinical research by placing sizeable regulatory burdens upon investigators with threat of severe and costly federal and civil penalties. This report describes development of an algorithmic approach to clinical research database design based upon a central key-shared data (CK-SD) model allowing researchers to easily analyze, distribute, and publish clinical research without disclosure of HIPAA Protected Health Information (PHI).
Three clinical database formats (small clinical trial, operating room performance, and genetic microchip array datasets) were modeled using standard structured query language (SQL)-compliant databases. The CK database was created to contain PHI data, whereas a shareable SD database was generated in real-time containing relevant clinical outcome information while protecting PHI items. Small (< 100 records), medium (< 50,000 records), and large (> 10(8) records) model databases were created, and the resultant data models were evaluated in consultation with an HIPAA compliance officer.
The SD database models complied fully with HIPAA regulations, and resulting "shared" data could be distributed freely. Unique patient identifiers were not required for treatment or outcome analysis. Age data were resolved to single-integer years, grouping patients aged > 89 years. Admission, discharge, treatment, and follow-up dates were replaced with enrollment year, and follow-up/outcome intervals calculated eliminating original data. Two additional data fields identified as PHI (treating physician and facility) were replaced with integer values, and the original data corresponding to these values were stored in the CK database. Use of the algorithm at the time of database design did not increase cost or design effort.
The CK-SD model for clinical database design provides an algorithm for investigators to create, maintain, and share clinical research data compliant with HIPAA regulations. This model is applicable to new projects and large institutional datasets, and should decrease regulatory efforts required for conduct of clinical research. Application of the design algorithm early in the clinical research enterprise does not increase cost or the effort of data collection.
《健康保险流通与责任法案》(HIPAA)于2003年4月开始实施。该法案旨在确保在保险覆盖范围丧失时健康保险的可获得性,同时对患者隐私实施了广泛而全面的保护。这些变化给临床研究带来了巨大改变,给研究者带来了相当大的监管负担,并面临严厉且代价高昂的联邦和民事处罚威胁。本报告描述了一种基于中央密钥共享数据(CK-SD)模型的临床研究数据库设计算法方法的开发,该方法使研究人员能够轻松分析、分发和发表临床研究,而无需披露受HIPAA保护的健康信息(PHI)。
使用符合标准结构化查询语言(SQL)的数据库对三种临床数据库格式(小型临床试验、手术室绩效和基因微芯片阵列数据集)进行建模。创建CK数据库以包含PHI数据,同时实时生成一个可共享的SD数据库,其中包含相关临床结果信息,同时保护PHI项目。创建了小型(<100条记录)、中型(<50000条记录)和大型(>10^8条记录)模型数据库,并与HIPAA合规官员协商对所得数据模型进行评估。
SD数据库模型完全符合HIPAA法规,所得“共享”数据可自由分发。治疗或结果分析不需要唯一的患者标识符。年龄数据精确到单一年龄,将89岁以上的患者归为一组。入院、出院、治疗和随访日期替换为入组年份,并计算随访/结果间隔,消除原始数据。另外两个被确定为PHI的数据字段(主治医生和医疗机构)替换为整数值,与这些值对应的原始数据存储在CK数据库中。在数据库设计时使用该算法不会增加成本或设计工作量。
临床数据库设计的CK-SD模型为研究者提供了一种算法,用于创建、维护和共享符合HIPAA法规的临床研究数据。该模型适用于新项目和大型机构数据集,并应减少临床研究所需的监管工作。在临床研究企业早期应用设计算法不会增加成本或数据收集工作量。
