TN-POPnet FAQs
See below for answers to common questions about TN-POPnet and the Enterprise Data Warehouse (EDW) maintained by the Center for Biomedical Informatics (CBMI) that helps to support it.
How do TN-POPnet protect patient’s privacy?
TN-POPnet protect patient privacy for every patient, every time through vetted cybersecurity systems as follows:
- TN-POPnet data resides on the encrypted hard drives on the UTHSC ITS servers that
are physically housed in the UTHSC ITS department data center.
- UTHSC and the UTHSC Office of Cybersecurity apply the controls spelled out by the
HIPAA security rule in protecting patients. The Office of Cybersecurity does not stop
there but instead implements robust security controls across the Campus that exceed
the direction of the HIPAA security rule and diligently identify, protect, detect,
respond, and recover from any cyber risks. The Office of Cybersecurity and ITS is
available to discuss in detail any specific concerns or technical details a data provider/participating
organization requests.
- Data in the OMOP common data model employed by TN-POPnet on the UTHSC ITS department
data center is only accessible by the Tennessee Population Health Consortium (TN-PHC)
team.
- Data custodians (TN-PHC) and system owners coordinate with the Office of Cybersecurity
to apply appropriate security controls that protect the data according to the classification
label and overall impact level recorded in the official data classification table.
- In adherence to the UTHSC policies, the TN-PHC workforce undergoes periodic HIPAA
Privacy and Information Security Awareness Training.
- Continuous monitoring of the security, usage, access patterns of data and systems occur via automated solutions or manual processes that identify threats to the confidentiality, integrity, and availability of the data and systems to include normal system operations, installing of updates, and ensures changes are managed.
- Data security is further ensured through the following protocols:
- Awareness: UTHSC, through the Office of Human Subjects Protections and the IRB, mandates
all the research personnel undertake CITI training to understand the logistics of
HIPAA and the importance of ethics in conducting research.
- Logistical Security:
- Data in Transit: Users communicate with TN-POPnet applications via Secure Shell (SSH)
and Secure Sockets Layer (SSL, i.e. https) protocols.
- Data at Rest: TN-POpnet uses Oracle Data Management Systems with transparent data
encryption (TDE). Non-Oracle databases (MySQL & PostgreSQL) are encrypted using PGP
encryption. All encryption uses AES256 algorithms which meet or exceed NIST standards
(c.f. FIPS 140-2).
- Data Transfer- All data transfers will be conducted per UTHSC ITS policies. Datasets
will be transferred either through Microsoft 365 OneDrive, or secure platforms as
mandated by UTHSC ITS or encrypted email using UTHSC’s Microsoft Outlook. Large datasets
with identifiable information will be transferred through UTHSC approved methods and
encrypted devices. Any changes in UTHSC IT security policies and procedures will be
relayed to clients and implemented immediately.
- Data in Transit: Users communicate with TN-POPnet applications via Secure Shell (SSH)
and Secure Sockets Layer (SSL, i.e. https) protocols.
- Incident Management and Reporting: Data security related incidents, if identified
or if reported by a client will be immediately reported to UTHSC ITS - Office of Cybersecurity.
TN-PHC will follow all UTHSC ITS policies in regard to incident management and develop
contingency plans accordingly.
- For any dataset with identifiable information or limited datasets extracted per request
from the researcher the following policies will be adhered to:
- IRB approval will be needed for access to datasets extracted from the TN-POPnet.
- Post completion of the research, researchers will follow UTHSC policies on data destruction in accordance with current protocols as delineated by the UTHSC ITS.
- IRB approval will be needed for access to datasets extracted from the TN-POPnet.
- Awareness: UTHSC, through the Office of Human Subjects Protections and the IRB, mandates
all the research personnel undertake CITI training to understand the logistics of
HIPAA and the importance of ethics in conducting research.
Why does TN-POPnet require provision of identifies patient data?
- The data is not de-identified prior to being provided to UTHSC, this is because,
- TN-POPnet link patient data across health systems and some health systems provide
data from more than one EHR system (e.g. Cerner, Allscripts, Eclinical works). This
results in patient duplication i.e., if a patient visits various hospitals with different
EHR systems, then he/she is assigned 3 different unique identifiers (MRN) in their
respective systems and when the data is integrated duplication would be prevalent.
Since the same data is being brought as it is into the TN-POPnet, we have developed
de-duplication methods to correctly identify the MRNs.
- Also, in a given EHR system a patient might be assigned multiple unique identifiers
(MRNs), which in turn contribute to duplication. So, we have processes to identify
the duplicates or unused MRNs and replace them with the active MRNs.
- After these deduplication efforts, to meet the de-identification requirements of the United States Health Insurance Portability and Accountability Act (HIPAA) privacy rule, we create synthetic ids for every patient identifier and replace the former with the latter. We also maintain a (separate, password protected) cross-walk table which is used to re-identify the patients; this re-identification process is only performed based on IRB approval and only for project-specific approvals. The entire process requires advanced to expert-level SQL expertise.
- TN-POPnet link patient data across health systems and some health systems provide
data from more than one EHR system (e.g. Cerner, Allscripts, Eclinical works). This
results in patient duplication i.e., if a patient visits various hospitals with different
EHR systems, then he/she is assigned 3 different unique identifiers (MRN) in their
respective systems and when the data is integrated duplication would be prevalent.
Since the same data is being brought as it is into the TN-POPnet, we have developed
de-duplication methods to correctly identify the MRNs.
Who at UTHSC is responsible for data security and management of TN-POPnet?
The Office of Cybersecurity and the IT infrastructure fall under Ammar Ammar, Chief Information Security and Technology Officer The TN-POPnet falls under the TN-PHC, directed by Jim Bailey, MD, MPH, Executive Director and Professor of Medicine and Preventive Medicine, UTHSC.
Does TN-POPent clearly identify individual IRB approved projects and assure that project
owners only have access to data for which they have IRB approval?
- TN-POPnet has a process in place to track all data extractions requests received for
TN-POPnet from the UTHSC researcher, clinician, or both and/or affiliates who have
access to TN-PHC services at UTHSC.
- Data is extracted strictly per IRB-approved protocol and provided to the UTHSC researcher
by a UTHSC ITS-approved secure data transfer method.
- Data is extracted per IRB-approved protocol and provided to the UTHSC researcher by a UTHSC ITS-approved secure data transfer method.
References: