Presentation is loading. Please wait.

Presentation is loading. Please wait.

CIDER - Today’s research, Tomorrow’s treatments BMI Class Lab-1 September 8, 2010 Bijoy George, Program Manager, CBMI

Published byWarren Austin Modified over 8 years ago

Similar presentations

Presentation on theme: "CIDER - Today’s research, Tomorrow’s treatments BMI Class Lab-1 September 8, 2010 Bijoy George, Program Manager, CBMI"— Presentation transcript:

1 CIDER - Today’s research, Tomorrow’s treatments BMI Class Lab-1 September 8, 2010 Bijoy George, Program Manager, CBMI http://cbmi.wustl.edu/

2 Agenda  Introduction to CIDER  Research need  Types of clinical data in CIDER  Privacy and data security  Public Notification / Opt Out  Auditing  User responsibilities  Definition of Project  Data privileges  Process workflows  CIDER Application Login page  Hands on Lab  Quiz  Take Home Assignment

3 Clinical and Translational Research Needs  Goals: 1.Rapidly convert advances in basic science to improvements in patient care 2.Relay findings from clinical studies back to bench for further refinement of the disease management process  To achieve these goals, researchers need  to integrate diverse and complex biomedical data sets  to co-analyze and visualize the data  to reduce the barrier b/w basic science and clinical research

4 Clinical and Translational Research Needs  How were these goals achieved in the past?  It was possible to acquire the clinical data manually by reviewing an individual patient’s data from a hospital’s EMR  Time consuming and redundant process  Not feasible for studies with large patient populations  Poses significant privacy and confidentiality risks to patients

5 Research Needs 1.Review Preparatory to Research  Are there enough patients to conduct research?  Applies to prospective or retrospective studies  Defined criteria / haven’t defined it yet, but have an idea  Count of patients is sufficient 2.Prospective/Retrospective studies  Recruit patients / Need to get clinical data 3.Medical record data mining studies  Need historical clinical data for patients matching criteria  Survey identified patients for additional information

6 Quality Improvement  It is possible to do analysis and compare the performance within one hospital as well as across hospitals if data is available in one central location  Can identify the process improvement steps and can implement those to improve the patient care  Enormous opportunities to improve patient care using QC/QI initiatives

7 Problem Statement  Quality Improvement  Review Preparatory to Research  Participant Recruitment  Clinical Studies Data Acquisition  Retrospective  Prospective  Historical

8 Solution CIDER In Patient Visits Out Patient Visits

9 CIDER Clinical Investigation Data Exploration Repository  Joint venture of BJC HealthCare & WUSM  Data repository to contain patient care (inpatient and outpatient) data  Advanced query functionality through web interface  Restricted data access / Role management  Data interfaces to external CSMS systems

10 CIDER

11 Scenarios - 1  Review preparatory to research  “I can get a grant to conduct a research study using historical clinical data to find out the relationship between changes in serum PSA values and survival following treatment for Hormone Refractory Prostate Cancer (HRPC). How do I find out whether there are enough patients?“  Using CIDER, one can find out the total number of patients satisfying the above criteria quickly without getting any formal approvals for the study.

12 Scenarios - 2  Prospective studies  “I am planning to conduct a research study/protocol on the possible connection between Diabetes and Acute Coronary Syndrome (ACS) and I need at least 100 patients aged between 40 and 65, who have had ACS and had been diagnosed with Diabetes prior to ACS.”  Using CIDER, PI can find out the total number of patients satisfying the above criteria quickly without getting any formal approvals for the study.  Once the study is approved by IRB, CIDER can provide the patient details required to contact the patients.

13 Scenarios - 3  Retrospective studies  “I am planning to conduct a research study on the possible connection between Diabetes and Acute Coronary Syndrome (ACS) and I need at least 100 patients aged between 40 and 65, who have had ACS and had been diagnosed with Diabetes prior to ACS.”  Using CIDER, PI can find out the total number of patients satisfying the above criteria quickly without getting any IRB approvals for the study.  Also, can obtain de-identified data with no IRB approvals.

14 Clinical Data  Demographics name, address, race, gender, phone number  Visits age, patient type, facility, diagnosis code, procedure code  Labs age, collection time, facility, lab test name, specimen type (e.g. serum vs CSF glucose), result  Medications age, duration, frequency, medication, route & form Aspirin 75 mg tablet, once a day by mouth (PO), indefinitely  Allergies allergen type, allergy reaction, sensitivity, severity, type, onset date  Vitals age, body site, facility, measurement, observation, value and units  Document age, document content, document name, facility and physician

15 What and how much data is in CIDER? Data since 1993 ~4.7 million patients ~25 million visits ~68 million lab results ~17 million medication orders ~12 million scanned documents ~140, 000 allergies (2009) ~50 million text documents ~130 million vitals

16 Privacy and Data Security  IRB Review  Opt Out

17 Opt Out  Option for patients to opt out of having their clinical data used for research projects  Two options  Public Website  Telephone IVR

18 Opt Out

19 Opt Out public page

20 Opt out page

21 Privacy and Data Security  IRB Review  Opt Out  Public Notification

22 Public Notification  Media release  Local newspapers

23 Privacy and Data Security  IRB Review  Opt Out  Public Notification  Data Security  Auditing

24 Auditing  Every user action is audited  Logins  Running queries to identify patient cohorts  Running queries to obtain patient data  Viewing patient data  Patient data export  Monthly / On-demand audit reports  Using reports, auditors can pinpoint who looked at a particular patient’s data  CIDER Security Oversight Committee

25 Privacy and Data Security  IRB Review  Opt Out  Public Notification  Data Security  Auditing  User responsibilities

26 User Responsibilities  Follow established rules and procedures  Obtain HIPAA/IRB approval if necessary  Do NOT share user IDs and passwords  Sign the CIDER data confidentiality agreement after completing the training and follow the agreement  User access will be revoked in case of failure to follow the rules

27 User Responsibilities  Safeguard patient privacy and protect clinical data sets  Escalate issues/questions to CIDER Administrator  Download identified data only to approved and secure location(s)  Do NOT download, move, or copy identified/limited data sets to USB drives, CDs, DVDs, other removable devices, or servers/workstations/desktops/laptops on unsecure networks  In case of questions, please email the CIDER Honest Broker at honestbroker@bmi.wustl.edu OR call the CIDER Help Desk @ 362-8853honestbroker@bmi.wustl.edu

28 User Responsibilities  What to do if data is lost or compromised? If you are a CIDER user, and you have encountered an event through which you think e-PHI (Electronic Protected Health Information) has been compromised, then please follow the procedures listed below. If you are a Washington University user Please fill-out an incident report using an incident report form from the following link. Washington University Incident Report Form and email it to incidents@wusm.wustl.eduWashington University Incident Report Form incidents@wusm.wustl.edu If you are a BJC user If you are a BJC user, and you have encountered a breach of ePHI (electronic Protected Information) e.g. laptop, USB, device lost or stolen, virus attack on research server or theft of data, please contact BJC Information System Security Services at iss@bjc.org and complete an incident report at the following link. BJC Incident Reportiss@bjc.orgBJC Incident Report

29 Privacy and Data Security  IRB Review  Opt Out  Public Notification  Data Security  Auditing  User responsibilities  Session Timeout

30 Session Timeout  The CIDER session is left alone with no user actions for 10 minutes, the system will log you off  A warning message is displayed after 8 minutes  After 2 minutes of the warning, system will log out the user  This is a security measure  Never leave sessions open without logging out from CIDER

31 Privacy and Data Security  IRB Review  Opt Out  Public Notification  Data Security  Auditing  User responsibilities  Session Timeout  Project definition and rules applied during queries

32 What is a project in CIDER?  A project is a clinical or translational research study or a quality assurance/improvement activity that requires CIDER  Project components  Principal Investigator  Collaborators  Start date / End Date  Relevant protocol documents and IRB approvals  Elements that filter data access under a project Facilities from which data will be available Level of identified data access – Data Privileges

33 Data Privileges  Data Privilege  Anonymized  De-identified  Limited  Identified (Requires IRB Approval)

34 Data Privileges  Anonymized: Data that has no physical link to data that can be used to identify an individual’s identity.  De-identified: Data that is not individually identifiable, but might be used to re-identify the patient to provide additional clinical information.  Limited: Data that has a limited set of identifiable patient information as defined under HIPAA.  Identified: Data with one or more associated protected health identifiers that might be used to identify an individual’s identity.

35 Data privileges Patient Code not associated to patient identity in database

36 What is a project in CIDER?  A project is a clinical or translational research study or a quality assurance/improvement activity that requires CIDER  Project components  Principal Investigator  Collaborators  Start date / End Date  Relevant protocol documents and IRB approvals  Elements that filter data access under a project Facilities from which data will be available Level of identified data access – Data Privileges ‘Other’ project rules

37 Other Project Rules  Security measures for vulnerable populations  Age of the patients over the age of 89  Minors (patients with age < 18)  Special rules  Access to SSN Needs approval from IRB  QA/QI Projects Includes opt-out patients’ data Can include data from all facilities without individual IRB approvals

38 Process workflows  User activation workflow  Project creation workflow

39 User Activation CIDER System CIDER System Collaborator Principal Investigator CIDER Administrator Request account activation Need approval from supervisor Approve request Verify HIPAA details Activate account I am working with Dr. Fraser. I need access to CIDER for research purpose. Please activate my account. I am working with Dr. Fraser. I need access to CIDER for research purpose. Please activate my account. Yes, she is working with me and she needs access to CIDER. Ok. She has successfully completed her HIPAA training AND CIDER user training. Activating her account. 1 2 3 Notification to user and PI

40 Project Creation CIDER System CIDER System Collaborator Principal Investigator CIDER Administrator Request for Project activation Need approval from PI Approve request Verify Project details Activate Project I am requesting a project on behalf of Dr. Fraser. The provided project details are correct. Please activate the requested project. Ok. Based on the IRB Details, identified privileges can be granted for this project. Activating the project. 1 2 3 Notification to PI & creator

41 Hands on Lab  Learning objectives  Familiarize with the CIDER login page  Please remember it is accessible only within WUCON  Have your user account activated  If you have a WUSTLKEY, you can migrate to it and start using WUSTLKEY once your account is activated  Learn how to request a new project and submit for approval (Lab Assignment)

42 CIDER URL  https://cider.cbmi.wucon.wustl.edu/cider/ https://cider.cbmi.wucon.wustl.edu/cider/

43 Take Home Lab Assignment  Request a project to be established in CIDER and have it approved before the beginning of the next class on 09/15/10.  Please make sure you have a meaningful title for the project and a brief description of what you are planning to do using this project.  Please select my name as the PI; ‘George Bijoy’  Please specify the project attributes as follows  Start Date: 09/08/2010  End Date: 12/31/2010  Data Privilege = De identified

44 Quiz  Please write your First name and Last Name on the quiz answer sheet to get proper credit  Please circle the best answer choice for each question  Please turn in the completed assignments to me before the end of the class  We will go over the answers and you will get your answer papers graded in the next class

45 Q & A  Please feel to contact me any time  Email: bgeorge@wustl.edubgeorge@wustl.edu

Download ppt "CIDER - Today’s research, Tomorrow’s treatments BMI Class Lab-1 September 8, 2010 Bijoy George, Program Manager, CBMI"

Similar presentations

Online Course Module 6 Guidelines for Contacting Patients START Click to begin…

Online Course Module 6 Guidelines for Contacting Patients START Click to begin…
CRYSTAL CLINIC ORTHOPAEDIC CENTER

CRYSTAL CLINIC ORTHOPAEDIC CENTER
Online Course Privacy Contacting Patients and Verification START Click to begin…

Online Course Privacy Contacting Patients and Verification START Click to begin…
Privacy and Information Security Training (2006-07) VUMC Privacy Website www.mc.vanderbilt.edu/privacy.

Privacy and Information Security Training ( ) VUMC Privacy Website
1 The HIPAA Privacy Rule and Research This presentation will probably involve audience discussion, which will create action items. Use PowerPoint to keep.

1 The HIPAA Privacy Rule and Research This presentation will probably involve audience discussion, which will create action items. Use PowerPoint to keep.
National Health Information Privacy and Security Week Understanding the HIPAA Privacy and Security Rule.

National Health Information Privacy and Security Week Understanding the HIPAA Privacy and Security Rule.
HIPAA – Privacy Rule and Research USCRF Research Educational Series March 19, 2003.

HIPAA – Privacy Rule and Research USCRF Research Educational Series March 19, 2003.
The Health Insurance Portability and Accountability Act of 1996– charged the Department of Health and Human Services (DHHS) with creating health information.

The Health Insurance Portability and Accountability Act of 1996– charged the Department of Health and Human Services (DHHS) with creating health information.
What is HIPAA? This presentation was created by The University of Arizona Privacy Office, The Office for the Responsible Conduct of Research on March 5,

What is HIPAA? This presentation was created by The University of Arizona Privacy Office, The Office for the Responsible Conduct of Research on March 5,
Informed Consent.

Informed Consent.
2014 HIPAA Refresher Omnibus Rule & HIPAA Security.

2014 HIPAA Refresher Omnibus Rule & HIPAA Security.
ClinPortal A Clinical Data Management Solution. What is ClinPortal?  Web-based, data collection tool  Developed at Washington University School of Medicine.

ClinPortal A Clinical Data Management Solution. What is ClinPortal?  Web-based, data collection tool  Developed at Washington University School of Medicine.
UTHSC IRB Donna Hollaway, RN, CCRC 11/30/2011 Authority to Audit 45 CFR 46.109(e) An IRB shall conduct continuing review of research covered by this.

UTHSC IRB Donna Hollaway, RN, CCRC 11/30/2011 Authority to Audit 45 CFR (e) An IRB shall conduct continuing review of research covered by this.
Health Insurance Portability Accountability Act of 1996 HIPAA for Researchers: IRB Related Issues HSC USC IRB.

Health Insurance Portability Accountability Act of 1996 HIPAA for Researchers: IRB Related Issues HSC USC IRB.
Data Security for Healthcare Facilities Debbie Abbott Health Information Consultant Resolutions (Int) Pty Ltd.

Data Security for Healthcare Facilities Debbie Abbott Health Information Consultant Resolutions (Int) Pty Ltd.
Project Update : Claims/Clinical Linkage Project MHDO Board of Directors June 6, 2013.

Project Update : Claims/Clinical Linkage Project MHDO Board of Directors June 6, 2013.
© Copyright 2014 Saul Ewing LLP The Coalition for Academic Scientific Computation HIPAA Legal Framework and Breach Analysis Presented by: Bruce D. Armon,

© Copyright 2014 Saul Ewing LLP The Coalition for Academic Scientific Computation HIPAA Legal Framework and Breach Analysis Presented by: Bruce D. Armon,
1 Enterprise Security Your Information Security and Privacy Responsibilities © 2008 Providence Health & Services This information may be replicated for.

1 Enterprise Security Your Information Security and Privacy Responsibilities © 2008 Providence Health & Services This information may be replicated for.
HIPAA Privacy & Security EVMS Health Services 2004 Training.

HIPAA Privacy & Security EVMS Health Services 2004 Training.
Columbia University Medical Center Health Insurance Portability and Accountability Act of 1996 (“HIPAA”) Privacy & Information Security Training 2009.

Columbia University Medical Center Health Insurance Portability and Accountability Act of 1996 (“HIPAA”) Privacy & Information Security Training 2009.

Similar presentations

Ads by Google