Data Requests and Release Clause Samples

Data Requests and Release. Contractor is responsible for responding to and fulfilling data product requests; and collecting payment for data products as well as services, such as data file linkages from the Data Requestors. Contractor is responsible for all CDR Program standardized agreements, updating the data request and data release policies, processing requests through the Data Governance Committee, maintaining a log of data and access requests (both denied and approved), and maintaining a log of DUA compliance monitoring and reporting activities. Contractor is responsible for developing DUA Exhibit A: Approved CDR Data Application(s) and Exhibit C: Data Submission Agreement, in collaboration with HCA and the Data Governance Committee. Contractor and HCA recognize the need to evaluate the existing Health Information Exchange Participation Agreement to ensure the growing needs of the CDR Program are met. HCA, as the Program Administrator, will sign DUAs when data is requested by a Washington State Agency, or by Contractor when requesting data as a Private Entity. Contractor will execute a DUA substantially similar to Exhibit B: Data Use Agreement, with Data Requestors for approved requests. Contractor must maintain the confidentiality of the data it collects, including direct or indirect patient identifiers. Contractor is responsible for implementing and maintaining the appropriate processes and internal controls to ensure data are accessible only to authorized Data Users in compliance with all applicable laws. Contractor, in collaboration with HCA and the Data Governance Committee, is responsible for developing policies and procedures to ensure the quality and security of data releases. The policies and procedures include user related processes, data request processes, input related processes, and data destruction procedures at the end of the project that required the data. This also includes collaborating with the Data Requestor’s Internal Review Board for research use cases, which may include the Washington State Internal Review Board (WSIRB), developing a standard confidentiality agreement, data management plan, DUA and monitoring compliance to DUAs.