UTH BIG

• BIG-Arc Home
• DATA
  • CDW Data Overview
  • Make a data request
  • Make an image request
• Information for Collaborators
  • Collaborators Overview
• Information for Researchers
  • Researchers Overview
  • UTH BIG Clinical Data Warehouse
• Information for Students
  • Students Overview
  • Former Students
  • Student Works and Publications
• Projects
  • Our Projects
  • COHRI BigMouth
  • eMPI
  • ACT Network
  • Past Projects
• Services
  • Our Services
  • Enhanced Subject Recruiting
  • UT/MH Image Request Core
  • Access to Clinical Data
  • REDCap
  • Additional IT Services
• Team
• Contact Us
  • Contact Information
  • Make a data request

All data access or search requests can be made by completing our Data Request form.

Image access requests can be made by completing our Image Request form.

Data Access requests - where the researcher may search through the database themselves - must be made by completing the Request to Access Protected Health Information form.

Request access to ENACT/i2b2 here: ACT Request Form.

All data that is received by the requester must be stored in a secure manner which conforms to the UTHealth Policies for PHI data.

Depending on the complexity of the request, a fee may be charged to cover the costs of extracting the data. You will be given a quote before any work is started.

 

 Data Extract Requester Role and Responsibilities

The release of health information data to a requester requires additional conditions to ensure compliance with established policy, FERPA and HIPAA. The data requester must adhere to the following requirements:

1)      Data Requests for the purpose of research must include the following:

          a.  IRB approval ID, OR

          b.  a waiver of authorization granted by the IRB, OR

          c.  an IRB preparatory review permission document

 2)      Requests for information for clinical purposes must include:

         a.  detailed description of intended use of the data

3)      De-identified information from the health information system is not to be used or disclosed outside    of the scope of the requester’s project. 

4)      The requester must ensure use and disclosure of protected health information complies with UTHCHS privacy policies and the Standards for Privacy of Individually Identifiable Health Information 45 CFR§ 160, 162, 164. 

5)      Procedures to adequately protect received data at all times from unauthorized access are known and implemented during the course of the project.

6)      Disposal of received data by the researcher is in accordance with the procedure outlined below once the research project is completed

 Data Disposal Procedure

Computer systems store data on a variety of storage media (e.g., hard drives, floppy disks, CD-ROMs, tapes, memory). It is important that data delivered to the requester be securely removed from the media once the project has ended in order to prevent unauthorized disclosure and/or use.  Moving a file to the ‘Recycle Bin’ or performing the format function on external media does not ensure complete erasure of the data.  Instead, proven data shredding software product must be used to guarantee data is erased and no longer retrievable at a later date.

These open source software applications meet the data shredding requirement and should be used to delete all versions of the requested data.

1)      Fileshredder          www.fileshredder.org

2)      R-Wipe & Close    www.r-wipe.com