Confidentiality and Data Use

Download: docx | pdf

Centers for Birth Defects Research and Prevention (CBDRP)

CONFIDENTIALITY AND DATA USE ACKNOWLEDGMENT FORM

As a member of the <State> Center for Birth Defects Research and Prevention (CBDRP) I understand that I may have access to confidential personally identifiable data. CBDRP data are covered by a Certificate of Confidentiality from the CDC, as provided in Section 301(d) of the Public Health Service Act (42 U.S.C. § 241(d)). The Principal Investigator (PI) from each Center is responsible for tracking the use of the CBDRP data at their Center and assuring that each person who has access to the data understands and has acknowledged the expectations regarding maintenance and use of these confidential data. There is a confidentiality training slide presentation accessible on SharePoint covering these expectations that should be reviewed prior to signing this document. This form describes the expectations associated with accessing CBDRP data and acknowledges your receipt of this information.

1. All respondents are assured that the confidentiality of their responses in this study will be maintained, and that the privacy of research subjects is protected by the withholding of, from all persons not connected with the study, any personally identifying characteristics of the research subjects. Personally identifying information that may be available as part of the CBDRP data to which you are granted access includes, but is not limited to: names; personal dates (except year) such as birthdates; contact information including phone numbers, email addresses, and residential information (except state); and specific combinations of rare birth defects.

2. Confidential information should not be observed by or given to persons not authorized to have access to CBDRP data.

1. All records that identify persons, or from which persons could be identified, should be maintained in locked containers or on encrypted, password-protected computer systems.

2. The keys or means of access to these containers or systems should not be given to anyone other than CBDRP authorized staff.

3. Transfer of data should happen only via secure channels (e.g., CDC’s Secure Access Management System (SAMS), sFTP, encrypted flash drive), and not via email or un-encrypted flash drives.

4. Additional requirements for safeguarding the identity of persons may be implemented.

5. Any real or perceived breach of data security should be reported to all CBDRP PIs within 24 hours of discovery to facilitate required incident reporting to the IRB.

3. The CBDRP Data Sharing Committee ensures proper use of the CBDRP data. No analysis of data or dissemination of findings from the CBDRP research studies may occur without approval from the committee for a specific research purpose. Instructions for submission of research proposals are specified in the Data Sharing Guidelines.

1. The Data Sharing Committee must approve all manuscripts, abstracts, or public presentations based on CBDRP data before they can be submitted for consideration. It is the responsibility of the first author to ensure that any additional site-specific approval processes are followed, including but not limited to the CDC clearance process.

4. CBDRP staff should not attempt to identify any individual person whose information is contained in the CBDRP data unless required for CBDRP activities authorized by the Data Sharing Committee.

5. Data should not be distributed, copied, or shared with any person(s) other than those designated by the PI of the Center.

6. At the conclusion of the use of CBDRP data, data and any other material requested by the sponsoring Center PI are to be returned or destroyed. Electronic files containing data or output from any computer equipment used to gain access to and/or to analyze CBDRP data should be deleted according to best practices determined by the sponsor Center’s institution and confirmed by the Center PI. If data or material reside outside the sponsor Center’s institution, confirmation of data or material destruction includes email or written correspondence to the Center PI that data or material have been destroyed per the Center PI’s request.

My signature on this form acknowledges that I have read and understood the expectations associated with accessing CBDRP data.

Name (Typed/Printed)

Signature Date

Center PI Signature Date

File Type	application/vnd.openxmlformats-officedocument.wordprocessingml.document
Author	Ailes, Elizabeth (CDC/DDNID/NCBDDD/DBDID)
File Modified	0000-00-00
File Created	2024-07-20