Privacy Act of 1974; System of Records Notice
Notice To Establish A New System Of Records.
In accordance with the requirements of the Privacy Act of 1974 (5 USC 552a), the Agency for Healthcare Research and Quality (AHRQ) within the Department of Health and Human Services is establishing a new system of records, “Online Application Ordering for Products from the Healthcare Cost and Utilization Project (HCUP).” This online electronic ordering system will streamline and facilitate the dissemination of HCUP databases and software to qualified researchers and result in a more efficient process for both the public and the Agency. The HCUP program and the system of records for the online application ordering process are more thoroughly described in the Supplementary Information section and System of Records Notice (SORN), below.
Table of Contents Back to Top
- FOR FURTHER INFORMATION CONTACT:
- SUPPLEMENTARY INFORMATION:
- I. Background on New System of Records, “Online Application Ordering for HCUP Products From the Healthcare Cost and Utilization Project (HCUP)”
- A. AHRQ's Research Mission
- B. The HCUP Databases
- C. The Ordering Process for HCUP Databases and Software
- II. The Privacy Act
- SYSTEM NUMBER: 09-35-0003.
- SYSTEM NAME:
- SECURITY CLASSIFICATION:
- SYSTEM LOCATION:
- CATEGORIES OF INDIVIDUALS COVERED BY THE SYSTEM:
- CATEGORIES OF RECORDS IN THE SYSTEM:
- AUTHORITY FOR MAINTENANCE OF THE SYSTEM:
- PURPOSE(S) OF THE SYSTEM:
- ROUTINE USES OF RECORDS MAINTAINED IN THE SYSTEM, INCLUDING CATEGORIES OF USERS AND THE PURPOSES OF SUCH USES:
- POLICIES AND PRACTICES FOR STORING, RETRIEVING, ACCESSING, RETAINING, AND DISPOSING OF RECORDS IN THE SYSTEM—
- RETENTION AND DISPOSAL:
- SYSTEM MANAGER AND ADDRESS:
- RECORD ACCESS PROCEDURE:
- CONTESTING RECORD PROCEDURES:
- RECORD SOURCE CATEGORIES:
- EXEMPTIONS CLAIMED FOR THIS SYSTEM:
DATES: Back to Top
Effective 30 days after publication. HHS/AHRQ may publish an amended System of Records Notice (SORN) in light of any comments received.
ADDRESSES: Back to Top
Written comments should be sent to: HCUP Project Officer, Agency for Healthcare Research and Quality, 540 Gaither Rd., Rockville, MD 20852 OR to Email: HCUP@AHRQ.GOV.
FOR FURTHER INFORMATION CONTACT: Back to Top
HCUP Project Officer, Agency for Healthcare Research and Quality, 540 Gaither Rd., Rockville, MD 20852, 301-427-1410, or HCUP@AHRQ.GOV,
SUPPLEMENTARY INFORMATION: Back to Top
I. Background on New System of Records, “Online Application Ordering for HCUP Products From the Healthcare Cost and Utilization Project (HCUP)” Back to Top
AHRQ is establishing this new system of records to cover personally-identifiable information (PII) about individuals who purchase HCUP databases and software products for scientific research purposes through a new online ordering system. AHRQ's research mission, the HCUP databases, and the online ordering process for HCUP databases and software products are explained in more detail below.
A. AHRQ's Research Mission
The Healthcare Research and Quality Act of 1999 (“the Act”), Public Law 106-129, amended Title IX of the Public Health Service act to establish AHRQ. The Act requires that AHRQ enhance the quality, appropriateness, and effectiveness of health services, and enhance access to such services, through the establishment of a broad base of scientific research and through the promotion of improvements in clinical and health systems practices, including the prevention of diseases and other health conditions. AHRQ promotes health care quality improvement by conducting and supporting:
(1) Research that develops and presents scientific evidence regarding all aspects of health care;
(2) Synthesis and dissemination of available scientific evidence for use by patients, consumers, practitioners, providers, purchasers, policy makers, and educato; and,
(3) Initiatives to advance private and public efforts to improve health care quality.
B. The HCUP Databases
AHRQ created a family of health care databases and related software tools and products known as the Healthcare Cost and Utilization Project (HCUP, pronounced “H-Cup”) to conduct and support its research activities. HCUP was developed through a Federal-State Industry partnership and sponsored by AHRQ; it includes the largest collection of longitudinal hospital care data in the United States, with all-payer, encounter-level information beginning in 1988. The HCUP databases are annual files that contain anonymous information from hospital discharge records for inpatient care and certain components of outpatient care, such as emergency care and ambulatory surgeries. The project currently releases six types of databases created for research use on a broad range of health issues, including cost and quality of health services, medical practice patterns, access to health care programs, and outcomes of treatments at the national, state, and local market levels. HCUP also produces a large number of software tools to enhance the use of administrative health care data for research and public health use. The software tools use information available from a variety of sources to create new data elements, often through sophisticated algorithms, for use with the HCUP databases.
C. The Ordering Process for HCUP Databases and Software
To support AHRQ's mission to improve health care through scientific research, HCUP databases and software tools are disseminated to users outside of HHS through a mechanism known as the HCUP Central Distributor, which is operated by a private contractor. Databases and software disseminated through the HCUP Central Distributor are referred to as “restricted access public release files;” they are publicly available, but only under restricted conditions. The HCUP Central Distributor enables qualified researchers to access uniform research data across multiple states with the use of one application process, consisting of the following:
(1) HCUP Application. All persons wanting access to the HCUP databases must complete the application process. For state databases, a description of the individual's planned use of the HCUP data will be reviewed to confirm that it is consistent with the data use restrictions that apply to the data. As an alternative to the online ordering form, paper versions of application packages will continue to be available for download at http://www.HCUP-us.AHRQ.gov/tech_assist/centdist.JSP.
(2) HCUP Data Use Agreement Training. All persons wanting access to the HCUP databases must complete this online training course. The purpose of the training is to emphasize the importance of data protection, reduce the risk of inadvertent violations, and describe the individual's responsibility when using HCUP data. The training course can be accessed and completed online at http://www.HCUPus.AHRQ.gov/tech_assist/dua.JSP.
(3) HCUP Data Use Agreement (DUA). All persons wanting access to the HCUP databases must sign a data use agreement. Each database has a unique DUA; an example DUA for the Nationwide Inpatient Sample database is available at http://www.HCUP-us.AHRQ.gov/team/NISDUA.JSP.
HCUP databases are released to researchers outside of AHRQ after the completion of required training and submission of an application that includes a signed HCUP Data Use Agreement (DUA). In addition, before restricted access public release state-level databases are released, the user is asked for a brief description of their research to ensure that the planned use is consistent with HCUP policies and with the HCUP data use requirements. Fees are set for databases released through the HCUP Central Distributor depending on the type of database. The fees for sale of state-level data are determined by each participating Statewide Data Organization and reimbursed to those organizations.
II. The Privacy Act Back to Top
The Privacy Act (5 U.S.C. 552a) governs the means by which the United States Government collects, maintains, and uses personally identifiable information (PII) in a system of records. A “system of records” is a group of any records under the control of a Federal agency from which information about individuals is retrieved by name or other personal identifier. The Privacy Act requires each agency to publish in the Federal Register a system of records notice (SORN) identifying and describing each system of records the agency maintains, including the purposes for which the agency uses PII in the system, the routine uses for which the agency discloses such information outside the agency, and how individual record subjects can exercise their rights under the Privacy Act (e.g., to determine if the system contains information about them).
SYSTEM NUMBER: 09-35-0003. Back to Top
“Online Application Ordering for Products from the Healthcare Cost and Utilization Project (HCUP)”.
Servers: The servers hosting the system will be housed at the Social & Scientific Systems data center located in Ashburn, VA.
Portals: This system will be accessed via the Internet.
System Software: System software will be maintained by Social & Scientific Systems, Silver Spring, MD.
CATEGORIES OF INDIVIDUALS COVERED BY THE SYSTEM:
The system will contain personally identifiable information (PII) about individual researchers who purchase HCUP databases through use of an HCUP online application that includes payment of a fee and execution of a Data Use Agreement placing restrictions on use of the HCUP data.
CATEGORIES OF RECORDS IN THE SYSTEM:
The system will contain the following categories of records and PII data elements:
(1) HCUP Application Form, containing the individual's contact information (name, address, telephone number and email address), a coded number indicating that the individual completed the required HCUP Data Use Agreement Training, and a description of the individual's planned use of the HCUP data.
(2) Transaction Records, containing information on the database and/or software order and contact information for purchaser. Credit card numbers or bank account information from electronic orders will not be stored in the system after the transaction is complete.
(3) HCUP Data Use Agreement (DUA), containing the individual's signature and contact information.
AUTHORITY FOR MAINTENANCE OF THE SYSTEM:
PURPOSE(S) OF THE SYSTEM:
HHS/AHRQ will use PII from this system for the following purposes:
(1) Business Transaction: Contact information will be used to communicate with the individual and to ship the data to the individual (e.g., on a disk or other media). The description of the individual's planned use of the HCUP data will be reviewed to confirm that it is consistent with the data use restrictions that apply to the data.
(2) Payment Transaction: Credit card and bank account information will be used to complete orders for HCUP databases and software products. Credit card and e-check transactions collected by the HCUP information system will be transmitted securely to a PCI-compliant payment gateway for approval. The payment gateway will process the transaction and cause the funds to be transferred when the order is completed.
(3) Enforcement of the HCUP Data Use Agreement (DUA): The individual's signature and contact information on the HCUP DUA and the coded number on the application form indicating completion of HCUP Data Use Agreement Training will be used in the event that the individual violates the DUA, to enforce the data use restrictions. Most of these restrictions have been put in place to safeguard the privacy of individuals and establishments represented in the data. For example, data users can only use the data for research, analysis, and aggregate statistical reporting and are prohibited from attempting to identify any persons in the data.
ROUTINE USES OF RECORDS MAINTAINED IN THE SYSTEM, INCLUDING CATEGORIES OF USERS AND THE PURPOSES OF SUCH USES:
The system may disclose records containing PII to parties outside HHS for the following routine uses:
(1) Records may be disclosed to agency contractors who have been engaged by the agency to assist in accomplishment of the HHS function relating to the purposes of this system of records and who need to have access to the records in order to assist HHS.
(2) Records may be disclosed to the Department of Justice (DOA a court, or an adjudicatory body when:
- The agency or any component thereof, or
- Any employee of the agency in his or her official capacity, or
- Any employee of the agency in his or her individual capacity where DOJ has agreed to represent the employee, or
- The United States Government, is a party to litigation or has an interest in such litigation and, by careful review, HHS determines that the records are both relevant and necessary to the litigation and that the use of such records by the DOJ, court or adjudicatory body is compatible with the purpose for which the agency collected the records.
(3) Records may be disclosed to another federal agency or an instrumentality of any governmental jurisdiction within or under the control of the United States (including any State or local governmental agency), that administers, or that has the authority to investigate, potential fraud, waste or abuse in federally funded programs, when disclosure is deemed reasonably necessary by HHS to prevent, deter, discover, detect, investigate, examine, prosecute, sue with respect to, defend against, correct, remedy, or otherwise combat fraud, waste or abuse in such programs.
(4) Records may be disclosed to appropriate federal agencies and Department contractors that have a need to know the information for the purpose of assisting the Department's efforts to respond to a suspected or confirmed breach of the security or confidentiality of information maintained in this system of records, when the information disclosed is relevant and necessary for that assistance.
The system may also disclose PII data for any of the uses authorized directly in the Privacy Act at 5 U.S.C. 552a(b)(2) and (b)(4)-(11).
POLICIES AND PRACTICES FOR STORING, RETRIEVING, ACCESSING, RETAINING, AND DISPOSING OF RECORDS IN THE SYSTEM—
Information will be collected via the online ordering application, fax, or email. Electronic records are stored in databases on magnetic tape, on magnetic disk and in secure electronic files at the contractor's location (Social & Scientific Systems in Ashburn, VA) and at the tape storage facility: Storage Village White Flint, North Bethesda, MD.
Credit card or e-check information will not be stored in the information system's database after the transaction is completed. For those who cannot used the online application, the transaction can be completed with payments by check, purchase order, or wire transfer handled by fax or mail, and for these transactions, credit card or e-check information is destroyed when the order is completed.
The application and HCUP Data Use Agreement records will be retrieved by registrant/user name or User ID number.
The identifiable information collected will be transmitted to the hosting server via an encrypted Secure Socket Layer (SSL) connection. Access to the database housing the identifiable information is accomplished through individual authorized administrative accounts. The server housing the identifiable information is located in a data center owned by Social & Scientific Systems and is located in Ashburn, VA. The data center is protected via 24/7 guards at all entrances, video monitoring systems, biometric hand readers, cage locks, and system firewalls.
- The information stored is captured and transmitted over an SSL connection for secure encrypted transmission.
- Access to the database is only permissible at the administrator level and is done so either (a) in order to fulfill the applicants request, (b) for system maintenance, or (c) in the event of a DUA violation.
- The server housing the system is located in a secure facility with 24/7 guards at the entrance points, camera monitoring systems, biometric hand readers, and cage locks.
The information collected by the electronic form will be stored in a SQL Server 2008 database. Data stored in the database will remain there indefinitely until requested by AHRQ. SSS performs nightly backups of the database. The backups are encrypted and stored offsite. At the conclusion of the contract, the information system as well as a current copy of the database can be provided to AHRQ by request.
The information system uses a defense-in-depth strategy when it comes to user access. Users are assigned individual credentials along with role based least-privileged user account (LUA). The LUA approach ensures that users follow the principle of least privilege and always log on with limited user accounts. This strategy also aims to limit the use of administrative credentials to administrators, and then only for administrative tasks.
RETENTION AND DISPOSAL:
Information in the application and Data Use Agreement will be retained for approximately twenty years, and may be kept longer if needed for enforcement, audit, legal, or other agency purposes. Retention is necessary for enforcement of data restrictions in the event of a Data Use Agreement violation. Storage will be in an electronic format that is encrypted, backed up, and stored in two secure locations.
PII related to the business transaction will be retained for up to 90 days so that a public user can return to their password protected account and complete their order. If a user forgets his/her password, the system will reset it and convey that information via email.
Information related to the payment process will not be retained after the transaction has been completed. Payment options will include credit card, e-check, check, purchase order or wire transfer. Information to complete credit card and e-check transactions will be collected by the information system and transmitted securely to a PCI-compliant payment gateway for approval. The payment gateway product will process the transaction and cause the funds to be transferred when the transaction is captured at the time of shipment. Credit card or e-check information will not be stored in the information system's database. Payments by check, purchase order, or wire transfer will be handled by fax or mail.
SYSTEM MANAGER AND ADDRESS:
HCUP Project Officer, Center for Delivery, Organization, and Markets, 540 Gaither Road, Rockville, MD 20850, Telephone: 301-427-1410, HCUP@AHRQ.GOV.
Individuals wishing to know if this system contains records about them should write to the System Manager.
RECORD ACCESS PROCEDURE:
Individuals seeking access to records about them in this system should follow the same instructions indicated under “Notification Procedure” and indicate the record(s) to which access is sought (i.e., application form or HCUP Data Use Agreement).
CONTESTING RECORD PROCEDURES:
Individuals seeking to contest the content of information about them in this system should follow the same instructions indicated under “Notification Procedure.” The request should reasonably identify the record, specify the information contested, state the corrective action sought, and provide the reasons for the correction, with supporting justification.
RECORD SOURCE CATEGORIES:
All information will be collected directly from the individual applicants/users of the Web site, when they complete the online application forms.
EXEMPTIONS CLAIMED FOR THIS SYSTEM:
Dated: May 21, 2013.
Carolyn M. Clancy,
[FR Doc. 2013-12671 Filed 5-30-13; 8:45 am]
BILLING CODE 4160-90-M