The URL can be used to link to this page

Home My WebLink About121718_ca14 615 Sheridan Street Port Townsend, WA 98368 � �etnson www.JeffersonCountyPublicHealth.org Public Health Consent Agenda October 16,2018 JEFFERSON COUNTY BOARD OF COUNTY COMMISSIONERS AGENDA REQUEST TO: Board of County Commissioners Philip Morley, County Administrator FROM: Vicki Kirkpatrick, Director DATE: SUBJECT: Agenda Item — Facility Review Case Reporting System Data Use Agreement with the Michigan Public Health Institute; February 1, 2018 — December 31, 2020; 0$ STATEMENT OF ISSUE: Jefferson County Public Health requests Board approval of the Facility Review Case Reporting System Data Use Agreement with the Michigan Public Health Institute; February 1, 2018 — December 31, 2020; 0$ ANALYSIS/STRATEGIC GOALS/PRO'S and CON'S: Jefferson County Public Health has contracted with the Michigan Public Health Institute since 2008. This agreement was put in place to establish the terms and conditions for the collection, storage and use of data obtained from the case reviews of child deaths submitted by the Child Death Review (CDR) team from Jefferson County Public Health. Changes to the agreement include: 1) changing the name of the Child Death Review Case Reporting System to the National Fatality Review Case Reporting System (NFR-CRS); 2) adding Fetal and Infant Mortality Review (FIMR) questions for FIMR teams in 29 states; 3) updating the list of elements in Appendix B (HIPAA Required Elements to De-Identify Case Data) that are removed in de- identified data downloads per Version 5.0 changes; 4) updating Appendix E (NCFRP Data Dissemination Policy and Guidelines) to propose that cases included in researcher de-identified data sets will include all cases that are at least 24 months from the end of the calendar year for the preceding January-December time frame. FISCAL IMPACT/COST BENEFIT ANALYSIS: There is no exchange of money associated with this agreement. RECOMMENDATION: JCPH management request approval of the Facility Review Case Reporting System Data Use Agreement with the Michigan Public Health Institute; February 1, 2018 — December 31, 2020; 0$ REVIE D BY: AiLtipi . WS* i •'Morley, C '`1 Administr Date Community Health Environmental Health Developmental Disabilities Water Quality 360-385-9400 360-385-9444 360-385-9401 (f) Always working for a safer and healthier community (f) 360-379-4487 FATALITY REVIEW CASE REPORTING SYSTEM DATA USE AGREEMENT BETWEEN THE MICHIGAN PUBLIC HEALTH INSTITUTE AND Jefferson County Public Health This data use agreement is entered into on February 1, 2018 between the Michigan Public Health Institute (MPHI) (known hereafter as "Receiver") and the Jefferson County Public Health (known hereafter as "Holder"). The purpose of this agreement is to establish the terms and conditions for the collection, storage and use of data obtained from the fatality case reviews submitted by the Jefferson County Public Health Fatality Review(FR)team and entrusted to the Receiver as the National Fatality Review Case Reporting System (NFR-CRS). A. The Receiver 1. The Receiver is a non-profit private agency. It has a Cooperative Agreement with the Maternal and Child Health Bureau, Health Resources and Services Administration, U.S. Department of Health and Human Services,to manage the National Center for Fatality Review and Prevention (NCFRP). As part of this agreement,the Receiver is to manage a standardized, web-based reporting system for state and local fatality review teams. 2. The Receiver is responsible for the development of the NFR-CRS, training and liaison to state and/or county agencies participating in the system, technical assistance in using the system, and analysis and dissemination of national FR data generated by the system. The Receiver is responsible for the maintenance of the servers, including firewall protection and other securities, and for data storage and data access by users of the NFR-CRS. 3. The Receiver holds a Federalwide Assurance (FWA)that is a written commitment to protect human research subjects by complying with federal regulations and maintaining adequate programs and procedures for the protection of human subjects. This FWA specifies adherence to the Code of Federal Regulations Title 45 Public Welfare Part 46 Protection of Human Subjects, and the use of the Belmont Report as an ethics guideline. The NCFRP including the NFR-CRS is reviewed annually by the Receiver's Institutional Review Board. Copies of the panel decision letters are available to the Holder. 4. The Receiver complies with the federal privacy requirements specified in the HIPAA Privacy and Security Rules (45 CFR Parts 160, 162 and 164, Standards for Privacy of Individually Identifiable Health Information). The Receiver has appointed a Privacy Officer and a Security Officer, developed and adopted HIPAA-compliant privacy and security policies and procedures, and staff receive training in these policies and procedures. The Receiver's Privacy Officer annually reviews the NCFRP, including the NFR-CRS, for adherence to HIPAA regulations and MPHI policy. Copies of the review decision letters are available to the Holder. B. The Holder 1. The Holder is the lead for the local Child Death Review(fatality/mortality review)team pursuant to RCW 70.05.170(3). 2. The data are entered and owned by the Holder. The Holder's staff conducts child death reviews (child mortality reviews) in Washington State pursuant to RCW 70.05.170, which authorizes the Holder to conduct those reviews. (See Appendix A) C. Washington State Department of Health (DOH) 1. Pursuant to RCW 70.05.170(4), DOH will: a. Serve as a liaison between the the Holder Child Death Review(CDR) staff and the Receiver. b. Facilitate access to the NFR-CRS for the Holder's staff c. Collect data sharing agreements from the Holders for the Receiver. d. Communicate with the Holder CDR staff on issues related to the NFR-CRS. e. Act as the state administrator of the NFR-CRS. f Provide technical assistance to the Holder CDR staff g. Respond to data requests. 2. DOH will have access to the identifiable Washington State data. D. Purpose of and Type of Data 1. The Fatality Review teams in Washington State are supplying data to the NCFRP in order to: a. Provide the state and local FR teams with a comprehensive FR case reporting system for collecting, analyzing and reporting on their reviews of fetal, infant, and child deaths. b. Permit comparability of FR data within and between local FR teams and states. c. Use data collected to promote policy, programs, services and laws to prevent fetal, infant, and child deaths at the local, state and national levels. d. Use data collected to better identify and address health disparities. E. Data Entry and Transmittal 1. Data are submitted by the Holder to the Receiver only via the Internet, using the NFR- CRS, ©Michigan Public Health Institute. The Receiver will provide paper forms to the Holder upon request; however all data is obtained by the Receiver through the Internet. 2. The Holder is complying with its applicable state laws and policies in making the determination of the specific data to be entered into this system and of the persons it authorizes to enter and transmit the data. Relevant Holder state FR statutes or promulgated rules are set out in Appendix A. 3. Only persons selected by the Holder and provided with a password by DOH or the Receiver will have access to the NFR-CRS for data entry and submission as a data entry user. 4. The Receiver will create and administer data entry user accounts upon request of DOH or the Holder, or accounts can be created and maintained by the assigned administrators of this reporting system upon request of the Holder. 5. Accounts are locked out when a user attempts but fails to log in successfully 5 times in 10 minutes; such accounts remain locked out until released by NCFRP staff or assigned Holder administrators. 6. Accounts are automatically logged out after 60 minutes when there is no transmission to the server. 7. The Receiver, DOH and/or the Holder's assigned administrator may terminate a user's access to the system at any time. 2 F. Data Storage 1. All data submitted via the Internet using the NFR-CRS are stored on a server located within the MPHI Data Center. 2. Data are stored on this server indefinitely unless the Holder terminates the data use agreement. 3. The Receiver ensures the security of these servers in the following ways: a. Data transmitted to and from the web server uses a load balancer with an integrated web application firewall. This device negotiates the best possible TLS encryption method(we do fallback to TLS < 1.2 for backwards compatibility)to enable secure, encrypted communications between MPHI servers and the site requestor. The certificate authority is GoDaddy and is renewed annually. A failover pair of stateful firewalls and intrusion prevention systems (IPSes) are utilized. The application is divided into separate web and database tiers with a stateful firewall inspecting traffic between the tiers. b. The servers are in a physically secure location with restricted access and a complete automatic temperature alarm system and fire sprinkler protection system. The server rooms have separate air conditioning systems, and electrical supplies are backed up with uninterruptible power supplies, which are backed up by a diesel generator for long term power outages. c. When the MPHI Data Center is closed during non-business hours,the building is locked, an electronic alarm system is activated, and access into the building is permitted only through the use of electronic reader cards. The MPHI Data Center is also equipped with a video surveillance system. d. The Receiver continuously updates virus-scanning software on all servers and workstations. e. A small group of Receiver authorized staff have access to the server room for server management and maintenance. These staff abide by strict confidentiality agreements. These individuals will be identified and their signed confidentiality agreements provided upon request of the Holder. f. Custodial and building maintenance staff are not allowed in the server area except in the presence of authorized Receiver staff. g. The Receiver staff regularly audit database servers to ensure there are no security violations. 4. For disaster recovery, the Receiver's network servers are backed-up nightly online to disk storage and replicated to disk in a second location nightly. Daily backups are kept on disk for 30 days. Data is sent to encrypted tape weekly, and weekly backups are kept off- site for 30 days. Monthly backups are saved on the encrypted backup tapes for 7 years. The tapes are delivered in locked containers via courier and stored off-site in a physically secure location. 5. The Receiver is not responsible for any damage caused by viruses originating from any places not attributable to the Receiver. 6. It is strongly suggested that the Holder have consistent/comparable security practices in place for data that is downloaded from the servers back to the Holder or back to the Holder's identified users. G. Access to the FR Data on the Servers 3 1. Receiver staff managing the server and NFR-CRS will onlyaccess the data submitted g g by the Holder in the event that there are unforeseen problems with the database that need troubleshooting, correction or upgrading or during development of NFR-CRS releases or upgrades. Receiver staff will not amend, addend, alter or erase any information contained in data files without prior written authorization. 2. Identifiers will be removed from data downloads based on the permission levels for each of the Holder and Receiver. This removal of data elements is a software program feature of the NFR-CRS. 3. NCFRP staff will have access only to data submitted by the Holder and its authorized data entry persons that have case identifiers removed using the HIPAA standards listed in Appendix B, unless in the event of unforeseen problems with the database that require troubleshooting or during development of NFR-CRS releases or upgrades. 4. The Holder will identify the level of access to data of its authorized persons at the local level. Data will be accessible to the Holder via the Internet. 5. It is strongly suggested that the Holder have signed confidentiality statements from all of its authorized users (see Appendix C as an example statement). 6. The Holder will provide the Receiver with the written names and contact information for persons with permission to access data in the event the Receiver is asked by the Holder to create logins. 7. Any breach of security or unintended disclosure known by the Receiver will be reported immediately to the appropriate Receiver supervisors, Privacy Officer, Security Officer, and Research Integrity Officer. The Holder will then be notified of the event and steps will be taken in coordination with the Holder to mitigate harm and cure the breach of security within thirty days. As stated in Section A, the privacy protocols and policies in place at the Receiver are in compliance with HIPAA and meet or exceed federal standards. 8. Any breach of security or unintended disclosure known by the Holder will be reported immediately to the Receiver, and steps will be taken in coordination with the Holder to mitigate harm. H. Permitted Data Uses 1. Data housed at the Receiver are not subject to the Freedom of Information Act(FOIA) and, as such, no data submitted by the Holder will be released by the Receiver in response to any FOIA request. The Holder will address any FOIA request made to the Holder. 2. All data accessed by and released to the Holder are the responsibility of the Holder. Any subsequent breaches of security or confidentiality once the Holder obtains the data are the responsibility of the Holder. 3. The Holder will comply with its applicable state laws and policies in determining the specific data the Receiver is allowed to disclose. 4. The Receiver will not release any data that includes identifiable characteristics as defined by HIPAA (Appendix B)to any persons or organizations, except in circumstances provided in writing by the Holder. 5. The Receiver may release de-identified data only in accordance with the MPHI IRB/Privacy approved data dissemination policy(Appendix E). 4 6. All reports released by the Receiver and the Holder shall be developed with adequate provision for the accuracy, reliability and integrity of the data. I. Ownership 1. The Receiver acknowledges that all fatality review data submitted by the Holder and by the Holder's designated data entry persons shall be and remain the sole property of the Holder. 2. The Holder acknowledges that the NFR-CRS and all of its software platform applications are the copyrighted property of the Receiver. J. Agreement Terms and Termination 1. This agreement applies to all activities occurring between February 1, 2018 and December 31, 2020. 2. This agreement may be terminated by the Holder or Receiver under the following circumstances: a. If the Holder wishes to terminate its relationship with the Receiver for any reason. b. If the Holder of data can no longer participate in the Internet web system due to changes in laws or funding for FR programs. c. If the Receiver of data no longer receives funding to serve as the NCFRP. 3. Upon termination of this agreement, the Receiver, shall, upon request of the Holder, remove all of the Holder's fatality review case data stored on the server. Fatality review data stored on backup tapes cannot be removed in the event of the Holder's termination but will never be reported or disseminated by the Receiver. 4. Any subcontractors or other agents hired by the Receiver or Holder must agree to the same restrictions and conditions that apply through this agreement. 5. All Receiver staff with access to the data submitted by the Holder will sign a confidentiality agreement(Appendix D). 6. The Receiver agrees to maintain an insurance rider to provide additional liability insurance, beyond that normally required for MPHI programs. Appendix A: Relevant State FR Statutes or Promulgated Rules for the Collection, Analysis and Distribution of FR Data Appendix B: HIPAA Required Elements to De-Identify Case Data Appendix C: Holder Confidentiality Agreements Appendix D: MPHI Confidentiality Agreement Appendix E: NCFRP Data Dissemination Policy& Guidelines for Requesting De-identified Dataset 5 IN WITNESS WHEREOF,the parties hereto execute this agreement as follows: Michigan Public Health Institute Data Receiver By: Date: Jefferson County Public Health Data Holder By: David Sullivan, Chairman Jefferson County Board of Commissioners Date: ATTEST: By: Carolyn Gallaway,Deputy Clerk of the Board APPROVED AS 0 RM ONLY: By: L -C / / Z 2///g PhilipHunsucker,Chief Civil Deputy ros tm g Attorney 6 Appendix A Relevant State FR Statutes or Promulgated Rules for the Collection,Analysis and Distribution of FR Data RCW 70.05.170 Child Mortality Review http://app.leg.wa.gov/RCW/defaultaspx?cite=70.05.170 (1)(a) The legislature finds that the mortality rate in Washington state among infants and children less than eighteen years of age is unacceptably high, and that such mortality may be preventable. The legislature further finds that, through the performance of child mortality reviews, preventable causes of child mortality can be identified and addressed, thereby reducing the infant and child mortality in Washington state. (b) It is the intent of the legislature to encourage the performance of child death reviews by local health departments by providing necessary legal protections to the families of children whose deaths are studied, local health department officials and employees, and health care professionals participating in child mortality review committee activities. (2) As used in this section, "child mortality review" means a process authorized by a local health department as such department is defined in RCW 70.05.010 for examining factors that contribute to deaths of children less than eighteen years of age. The process may include a systematic review of medical, clinical, and hospital records; home interviews of parents and caretakers of children who have died; analysis of individual case information; and review of this information by a team of professionals in order to identify modifiable medical, socioeconomic, public health, behavioral, administrative, educational, and environmental factors associated with each death. (3) Local health departments are authorized to conduct child mortality reviews. In conducting such reviews, the following provisions shall apply: (a) All health care information collected as part of a child mortality review is confidential, subject to the restrictions on disclosure provided for in chapter 70.02 RCW. When documents are collected as part of a child mortality review, the records may be used solely by local health departments for the purposes of the review. (b) No identifying information related to the deceased child, the child's guardians, or anyone interviewed as part of the child mortality review may be disclosed. Any such information shall be redacted from any records produced as part of the review. (c) Any witness statements or documents collected from witnesses, or summaries or analyses of those statements or records prepared exclusively for purposes of a child mortality review, are not subject to public disclosure, discovery, subpoena, or introduction into evidence in any administrative, civil, or criminal proceeding related to the death of a child reviewed. This provision does not restrict or limit the discovery or subpoena from a health care provider of records or documents maintained by such health care provider in the ordinary course of business, whether or not such records or documents may have been supplied to a local health department pursuant to this section. This provision shall not restrict or limit the discovery or subpoena of documents from such witnesses simply because a copy of a document was collected as part of a child mortality review. (d) No local health department official or employee, and no members of technical committees established to perform case reviews of selected child deaths may be examined in any 7 administrative, civil, or criminal proceeding as to the existence or contents of documents assembled, prepared, or maintained for purposes of a child mortality review. (e) This section shall not be construed to prohibit or restrict any person from reporting suspected child abuse or neglect under chapter 26.44 RCW nor to limit access to or use of any records, documents, information, or testimony in any civil or criminal action arising out of any report made pursuant to chapter 26.44 RCW. (4) The department shall assist local health departments to collect the reports of any child mortality reviews conducted by local health departments and assist with entering the reports into a database to the extent that the data is not protected under subsection (3) of this section. Notwithstanding subsection (3) of this section, the department shall respond to any requests for data from the database to the extent permitted for health care information under chapter 70.02 RCW. In addition, the department shall provide technical assistance to local health departments and child death review coordinators conducting child mortality reviews and encourage communication among child death review teams. The department shall conduct these activities using only federal and private funding. (5) This section does not prevent a local health department from publishing statistical compilations and reports related to the child mortality review. Any portions of such compilations and reports that identify individual cases and sources of information must be redacted. [2010 c 128 § 1; 2009 c 134 § 1; 1993 c 41 § 1; 1992 c 179 § 1.] 8 Appendix B HIPAA Required Elements to De-Identify Case Data* The NFR-CRS supports two types of data downloads: identified and de-identified. NCFRP staff and researchers who have been approved by the NCFRP will receive only de-identified data. The NFR-CRS variables that will be removed in de-identified downloads are listed below. The NFR-CRS contains many free text fields (most often in the `specify' or `describe' text fields). The NFR-CRS also provides users the opportunity to provide more detail surrounding the circumstances of the death in Section 0: Narrative text field. When the Narrative, `specify,' and/or `describe' text fields are included in a de-identified download, the Narrative, `describe,' and `specify' text fields SHOULD NOT contain any HIPAA Identifiers. HIPAA Identifiers include names; all geographical subdivisions smaller than a state; all elements of dates (except year) for dates directly related to an individual; phone numbers; fax numbers; electronic mail addresses; social security numbers; medical record numbers; health plan beneficiary numbers; account numbers; certificate/license numbers; vehicle identifiers and serial numbers; device identifiers and serial numbers; web universal resource locators; interne protocol address numbers; biometric identifiers; full face photographic images; and any other unique identifying number, characteristic or code. Identifying information can be entered into the NFR-CRS element fields in the list below, including free text fields associated with the listed fields,because all the listed fields and their related text fields will be removed from every de-identified download. However, users should be instructed by the Holder not to enter any identifying information in other free text fields, including Section 0: Narrative text field,because these text fields may be included in de-identified downloads. NCFRP cannot review free text fields in de-identified downloads to assure that they contain no HIPAA Identifiers. HIPAA Required Elements to De-Identify Case Data The NFR-CRS elements listed below will be removed for all persons accessing de-identified case data: Introduction: Case Definition Case number County of review Review team number Sequence of review Death certificate number Birth certificate number Medical examiner/Coroner number *Source: Code of Federal Regulations Section 164.514(b)(2)(i). 9 Date FR team notified of death Section A: Child Information Child first name Child middle name Child last name Child name:unknown Date of birth: month,day,and year Date of birth:unknown Date of death: month and day Date of death:unknown Residential address:unknown Residential address: street Residential address: apartment Residential address: city Residential address:county Residential address: zip County of death Mother's first name Mother's middle name Mother's last name Mother's maiden name Mother's name:unknown Father's first name Father's middle name Father's last name Father's name:unknown Mother's residendence address: same as child Mother's residence address:unknown Mother's residence address:street Mother's residence address: apartment Mother's residence address city Mother's residence address:zip Mother's residence address: county Mother's discharge date from hospital Date of infant's last discharge date Section E:Incident Information Date of incident Date of incident: same Date of incident:unknown Incident county Section M:Review Meeting Process Date of first FR meeting Section N:SUID and SDY Case Registry Date of first Advanced Review meeting Date of SUID Case Registry data entry complete Section P:Form Completed By Form completed by—Person's name Form completed by—Title Form completed by—Agency Form completed by—Phone Form completed by—Phone extension Form completed by—Email 10 Form completed by-Date Date of quality assurance completed by State My FR Outcomes My FR Outcomes—Person's name My FR Outcomes- Team of review *Source: Code of Federal Regulation Section 164.514(b)(2)(i). 11 Appendix C Holder Confidentiality Agreements Sample Confidentiality Statement for State and Local Users of the Fatality Review Case Reporting System By signing this Agreement, I agree to the following when I access any and all components of the Fatality Review Case Reporting System 1. I will comply with all laws, regulations,policies and procedures as set by the State of 2. I will safeguard the confidentiality of all confidential information to which I have access. I will not carelessly handle confidential information. I will not in any way divulge, copy, release, sell, loan, review, alter or destroy any confidential information except as within the scope of my duties. 3. I will only access confidential information for which I have a need to know and I will use that information only as needed to perform my duties. 4. I will safeguard and will not disclose my user name and password unless authorized by the state administrator of the reporting system. I understand that my user name and password allows me to access confidential information for my team on the Fatality Review Case Reporting System. I understand that the State administrator may revoke my access to the data system if my responsibilities change. * 5. I will promptly report activities by any individual or entity that I suspect may compromise the availability, integrity, security, or privacy of confidential information. 6. I understand that the ownership in any confidential information referred to in this Agreement is defined by State statute. 7. I understand that violating applicable laws and regulations may lead to other legal penalties imposed by the judicial system. Signature: Date: Print Name: * If your state already has confidentiality statements in place, you might consider replacing this form with your own, but adding statement four from above. 12 Appendix D MPHI Confidentiality Agreement Confidentiality Agreement for Michigan Public Health Institute Staff Assigned to Privacy-Sensitive Projects As described in the Michigan Public Health Institute (MPHI) Employee Handbook, all MPHI employees have the responsibility to maintain the accuracy, availability, completeness, and confidentiality of the business information,trade secrets, and data to which they have access. Due to the nature of its work, MPHI has access to, stores,uses, and discloses data(including Protected Health Information as defined by the HIPAA Privacy Rule). Any or all of the following factors may require that use and disclosure of these data be restricted in various ways: 1. Federal,tribal, state and local laws and regulations. Examples include: the HIPAA and HITECH, which govern the privacy and security of health information and the Common Rule that governs Institutional Review Boards and research with human subjects. 2. MPHI policies, procedures and training, including project-specific protocols. 1 3. Contractual agreements between MPHI and project partners and clients. MPHI employees must annually sign this agreement to demonstrate that they are aware of their obligations to protect the confidentiality and security of the data to which they have access. By signing this agreement, I agree to the following: 1. I will comply with all laws, regulations, contractual agreements, MPHI policies and procedures, and project-specific protocols related to my assigned duties. I understand that I may be required to complete additional training related to these obligations. 2. I will safeguard and will not disclose my work related password(s), access code(s), or any other work related authorization(s). I understand that MPHI may at any time revoke my password(s), access code(s), other authorization(s), or access. 3. At all times during my employment, I will safeguard the confidentiality of all information to which I have access. I will not carelessly handle information. I will not in any way divulge, copy, release, sell, loan, review, alter, or destroy any information except as properly authorized within the scope of my assigned duties at MPHI. 4. I will only access information for which I have a need to know and I will use that information only as needed to perform my legitimate duties as an employee of MPHI. 5. I will not misuse information. 6. I will promptly report activities by any individual or entity that I suspect may compromise the availability, integrity, security, or privacy of information held by MPHI. I understand that reports made in good faith about suspect activities will be held in confidence to the extent permitted. 7. I understand that I have no right or ownership interest in any information referred to in this agreement. 8. I understand that my failure to comply with this Agreement may result in disciplinary action up to and including termination of my employment. I understand that violating 13 applicable laws and regulations may lead to other legal penalties imposed by the judicial system, such as fines and/or imprisonment. 9. I understand and accept that signing this agreement is a condition of my employment and those obligations under this Agreement will continue after termination of my employment. Employee Signature: Date: Print Employee Name: Supervisor Signature: Date: Print Supervisor Name: 1 I understand that it is my responsibility to read the Privacy and Confidentiality Policy and any associated policies and understand its terms. If I have any questions concerning information contained in the policy, I will bring them to the attention of my supervisor, manager,or Privacy Officer. 14 Appendix E NCFRP Data Dissemination Policy& Guidelines for Requesting De-identified Dataset DATA DISSEMINATION POLICY Mission The purpose of the Fatality Review Case Reporting System(NFR-CRS) of the National Center for Fatality Review and Prevention(NCFRP) is to systematically collect, analyze, and report on information surrounding stillbirths and deaths of individual infants and children around the country. The information can then be used at the local, state, and national levels to inform improvement in maternal and child health and safety and to prevent deaths. The data collected with the System includes the following: • information about the child, family, supervisor and perpetrator; • the types of action taken during the investigation; • the scene, incident, and background information on the cause of death, including the risk and protective factors; • the services provided or needed as a result of the death; • a descriptions of the teams' recommendations, as well as the policies, practices, and other actions taken to prevent other fetal, infant, and child deaths; and • factors affecting the quality of the case review. The web-based NFR-CRS was first implemented in May 2004 in 14 pilot states. Version 1 was made available for widespread use in January 2005. Since 2005, the software has been upgraded several times, including the addition of several new questions, most nobably to support the Sudden Unexpected Infant Death Case Registry and the Sudden Death in the Young Case Registry. Effective with Version 5, the NFR-CRS collects detailed informaton about fetal and infant deaths. Updated information on the number of participating states, number of entered cases and number of cases migrated into the system from older state reporting systems is available from NCFRP. The NFR-CRS is supported primarily by the HRSA Maternal and Child Health Bureau and secondarily by the US Centers for Disease Control and Prevention. Data submitted by states resides on servers at the Michigan Public Health Institute (MPHI). Data Sources Data collected by the NFR-CRS are the result of multi-disciplinary processes that bring together state and/or community agencies to share information on maternal health, fetal, infant and child death events and to identify the risk factors in these deaths. Data entered into the System may include, but are not limited to, information gathered from the following data sources: birth certificates, death certificates, law enforcement records, medical records, autopsy reports, child protective services reports, and Emergency Medical Services run reports. Fatality Review Programs in States Fatality review programs vary by jurisdiction and state with respect to case selection; the maximum age of children whose deaths are reviewed (0-14, 0-17, 0-25, etc.); and the average 15 time between review and death(ranges from 1 to 36 months). Due to these variances, the data are not universally consistent from site to site or state to state. Because most states do not review or enter every fetal, infant and child fatality into the System, the NFR-CRS should not be directly compared with vital statistics data nor should it be used to compute incidence rates. All of these distinctions among sites and states and limitations must be accounted for and noted in any analysis of the data. More information about fatality review programs and case selection can be found at http://www.nfrp.org. Prior to the development of the NFR-CRS, local FIMR programs had been using a variety of systems to collect and report their data. Typically, most FIMR information is collected from maternal interviews, birth and death certificates, autopsy reports, hospital records including labor and delivery, newborn, neonatal and pediatric care units, emergency department, and outpatient records including prenatal care,pediatric well baby and sick baby visits, and other service providers such as WIC,public health, home visits, and department of human and social services records. FIMR data is meant to complement other population data. Collection of FIMR data into the NFR-CRS did not begin until 2018. Data Ownership Fatality review data entered into the NFR-CRS are owned by the individual program that entered it(per the data use agreement executed between each local program or state and MPHI/NCFRP). Requests for de-identified, individual case report data will be submitted to the NCFRP Data Dissemination Committee,per guidelines contained in this document.. For any research request that proposes to identify data by state in any published or publicly released analysis or results, local programs and states will be provided an opportunity to have their state's data excluded from the study. Data Inclusion Cases included in the de-identified dataset will include all cases that are at least 24 months from the end of the calendar year for the preceding January-December time frame. For example, the death cohort from calendar year 2015 (deaths that occurred in January-December 2015) and earlier will be made available in a researcher de-identified dataset on January 1, 2018. The death cohort from calendar year 2016 and earlier will be made available in a researcher de- identified dataset on January 1, 2019. Cases migrated from previous fatality review reporting systems into the NFR-CRS will not be included in a standard dataset but may be provided upon further consultation between the researcher and NCFRP. Removal of Identifiable Data Elements for Dataset No data file that includes HIPAA-defined personally identifiable elements is available to researchers. Although states often enter HIPPA-defined personally identifiable data elements (child's name, address, date of birth, date of death, date and time of incident, and incident county) into the NFR-CRS, all personally identifiable data elements will be removed from any dataset made available to researchers. The data elements that will be removed from the dataset are listed in Attachment 1 of the Application for Access to De-identified Dataset(Application for Data). The "Narrative" field contained in Section 0 of the Case Report form will only be released to researchers under special circumstances. 16 Although no HIPAA defined personally identifiable data elements should be included in the Narrative field of Section 0, should there by ANY identifying elements contained in this section, it is to be considered an inadvertent disclosure and (1) shall not be used or disclosed by researchers, (2) shall be immediately deleted by researchers and(3) be immediately reported to MPHUNCFRP with written confirmation by the researchers that the confidential information cannot be used. If any HIPAA personally identifying data elements are included in other free text fields in the researcher dataset, it is also considered to be an inadvertent disclosure and the confidential information(1) shall not be used or disclosed by researchers, (2) shall be immediately deleted by researchers and (3) be immediately reported to MPHUNCFRP with written confirmation by the researchers that the confidential information cannot be used. To further protect anonymity of states,NCFRP will create and provide a unique code for each state for each approved research project so that researchers can evaluate variation and control for potential bias in the dataset without identifying the individual states.NCFRP will retain the coding key. Permitted Data Uses NCFRP may use de-identified case report data for its own research and reports. NCFRP only has access to de-identified case report data;NCFRP does not have to obtain permission from the Data Dissmination Committee (see Guidelines below) in order to have access to the de-identified data. NCFRP has access to all de-identified data entered into the NFR-CRS and is not limited to only those cases in the researcher dataset. The NCFRP may report aggregated, de-identified data identified by state to requesting parties such as agencies or organizations without state permission. The NCFRP will only report aggregated data with cell counts of six or more cases. Requests by researchers for de-identified datasets must be made in accordance with the Guidelines for Requesting De-identified Dataset(Guidelines), below, and NCFRP will only release de-identified datasets in accordance with the Guidelines.. Required Fees A fee may be charged to each applicant for preparation of the requested dataset. The amount of the fee will be determined by NCFRP staff. An estimate of any fee will be provided to the applicant upon a preliminary review of the proposal by staff. Fees will be determined based on a price equal to the number of staffing hours estimated to prepare the dataset using the federally approved MPHI MOBUS rates. Fees must be paid in full prior to the release of the dataset to the applicant. NCFRP reserves the right to waive fees in certain situations. Data Quality In order to standardize the collection and interpretation of data elements, the NFR-CRS contains a comprehensive Data Dictionary that is readily available online when entering cases into the System or as a standalone PDF document that can be used by fatality review teams during review meetings. Additionally,NCFRP is readily available to provide technical assistance about the Case Report tool and is in constant communication with states about data and reporting questions. Since the data are owned by the individual participating states, states are responsible for cleaning data records, and states vary in the degree to which they review data for inconsistencies, incompleteness, or inaccuracies. NCFRP has found that data quality appears to improve with increased time and training on the System. The Case Report tool contains by 17 design some subjective questions to engage team discussion(e.g., "Was the death preventable?" or"Did a person or persons other than the child do something that caused or contributed to the death?"). The subjective nature of some of the questions can, however, make data analysis more problematic. Finally, although teams record in the System which agencies participated in the fatality review, the primary data source for each data element is not collected as part of the Case Report tool. If there is a discrepancy in information shared by the different agencies at the review meeting, it is up to the fatality review teams to determine the best answer and there is no set primacy rule for data sources. More information about the NFR-CRS and limitations on the use of the data can be found in the February 2011 Supplement to Injury Prevention (Covington TM. The US national child death review case reporting system. Injury Prevention 2011; 17 Suppl 1:i34-i37). 18 GUIDELINES FOR REQUESTING DE-IDENTIFIED DATASET Researchers affiliated with eligible Receiving Institutions may apply for access to a de-identified dataset. The Receiving Institution must be an institution of higher education, research organization, non-profit agency or government agency that either employs or contracts with the Investigator. The Institution must be registered with the U.S. Office for Human Research Protections. Any release of data will be subject to a signed Contract for Access to and Use of Data(Contract for Data) between NCFRP and an authorized representative of the Receiving Institution. The Contract for Data is set out after these Guidelines. An Application for De-identified Dataset(Application for Data)must identify a principal investigator(PI). The PI serves as the primary point of contact for all communications involving the Contract for Data. The PI must sign the Contract for Data, by which the PI assumes responsibility for compliance with all terms of the Contract for Data by employees of the Receiving Institution, including the day-to-day security of the electronic data and all printed output derived from the files. Each additional researcher who will have access to the NCFRP dataset must be identified on the Application for Data and must sign the Confidentiality Agreement attached (Attachment 3). The applicants may not release or permit others to release the dataset in whole or in part to any persons other than those identified in the Application for Data. Access to the dataset is also subject to the following requirements: 1. The researchers given access to the Center's dataset may not conduct analyses of the data for purposes other than those described in the approved Application for Data. Applicants will not alter the approved use of the data in the research design unless they have notified and obtained written permission for the alteration from NCFRP. 2. The PI must obtain IRB approval for the proposed research. Letters of approval must be submitted to NCFRP prior to release of data for approved analyses. 3. All data shared are and shall at all times remain the sole property of the state and local county teams which performed the fatality reviews that are the source of the data. States have the right of first refusal to participate in this research project if the PI plans to publish or publicly release any analysis or results that identifies individual states. It is permissible, however,to list the states included in the dataset, as long as no data are attributed to specific states, and the states have authorized this acknowledgement. States will be asked whether they wish to be specifically acknowledged in any project publication or presentation. 4. The researchers must not attempt nor permit others to attempt to use the dataset to learn the identity of any decedent. If the identity of a decedent should be inadvertently discovered by the PI or any other individual,the PI must make no use of this knowledge, permit others to use the knowledge, or inform anyone else of this knowledge, and must inform NCFRP of the discovery so it can prevent future discoveries of this nature. 5. Although no HIPAA defined personally identifiable data elements should be included in the free text fields or the Narrative field of Section 0, should there be ANY identifying elements in these variables, it is considered to be an inadvertent disclosure and (1) shall not be used or disclosed by researchers, (2) shall be immediately deleted by researchers and(3) be immediately reported to MPHI/NCFRP with written confirmation by the researchers that the confidential information cannot be used. 19 6. No data will be released that identifies data by state jurisdiction without the explicit approval of the state(s). 7. Only aggregated data with cell counts of six or more cases will be released and reported in any analysis. Cells less than six cases will be aggregated with other like cells. 8. All oral and written presentations or other distribution of information resulting from the use of this dataset must be developed with adequate provision for the accuracy, reliability and integrity of the data. 9. All oral and written presentations or other distribution of information resulting from the use of the requested data must be submitted to NCFRP for review at least two weeks prior to presentation or submission to a journal or other source of publication. The purpose of this review is to determine whether the research was completed in the manner specified in the Application and whether the analysis is in the spirit of Fatality Review and the NCFRP mission, and to permit NCFRP to have advance notice of potential issues pertaining to the analysis and/or results. Any additional or other use of these data will be considered a breach of the Contract for Data, unless agreed upon in writing by both parties beforehand. 10. NCFRP may terminate its contract with the recipient if the recipient is in violation of any condition of the contract and such violation is not remedied within 30 days after the date of written notice of the violation. Furthermore, failure to comply with the contract terms will result in the disqualification of the PI, along with any collaborators implicated in the violation, from receiving additional NCFRP data. 11. All presentations and publications making use of this dataset must be provided to NCFRP in a timely manner so that it is a repository of the various uses of the data. 12. All presentations or other distribution resulting from use of the requested dataset must include an acknowledgement of the participating states and NCFRP. They must include the following language: "This dataset was provided by the NCFRP, which is funded in part by Grant Number UG7MC28482 from the U.S. Department of Health and Human Services (HHS), Health Resources and Services Administration(HRSA) and in part by the US Centers for Disease Control and Prevention Division of Reproductive Health. The contents are solely the responsibility of the authors and do not necessarily represent the official views of NCFRP, HHS or the participating states. The following states contributed data from their fatality review: (list states)." 13. Within three years of completion of the project, all hard copies of the dataset generated by the researchers must be destroyed with a cross-cut shredder or returned to NCFRP, and all electronic data must be destroyed/deleted within the same time frame. Written confirmation that the dataset has been destroyed is required. 14. All installations of the data must have electronic security measures in place to prevent unauthorized access, by electronic or physical means,to the confidential data provided or to output from that data. Data Inclusion Cases included in the de-identified dataset will include all cases that are at least 24 months from the end of the calendar year for the preceding January-December time frame. For example,the death cohort from calendar year 2015 (deaths that occurred in January-December 2015) and earlier will be made available in a researcher de-identified dataset on January 1, 2018. The death cohort from calendar year 2016 and earlier will be made available in a researcher de- identified dataset on January 1, 2019. Cases migrated from previous fatality review reporting 20 systems into the NFR-CRS will not be included in a standard dataset but may be provided upon further consultation between the researcher and NCFRP. Application Process To request a de-identified dataset from the NCFRP, the PI must complete the Application for Data, including a detailed proposal to NCFRP describing the purpose of the data request, methods for study, and mechanisms that will be used to keep the data secure (see Application form). Upon receipt,the Data Dissemination Committee (consisting of representatives of participating states, scientists, members of the NCFRP National Center Advisory Committee, and other relevant individuals)will evaluate the application on the basis of the following criteria: • Quality of the research question(s) and objectives for use of the dataset; • Whether the requested data elements are clearly described and whether access to those elements is necessary for the research questions; • Applicant's understanding of the strengths and limitations of the database and analysis plan that is appropriate for this type of dataset; • Qualifications of researchers who will have access to the dataset; • Sufficiency of safeguards in place to maintain the data security, confidentiality, and prevent unauthorized access to data and evidence that the institution is registered with the U.S. Office for Human Research Protections; • Extent to which the proposal is in accordance with the mission of Fatality Review, which is to better understand how and why children die and use the findings to take action that can prevent other deaths and improve the health and safety of children; • Whether NCFRP is conducting similar research or has plans to do so; and • Whether anticipated presentations,publications, or other dissemination of results from the research is consistent with the NCFRP mission. At a minimum, the Committee will review applications on a quarterly basis. All applicants will be notified in writing by NCFRP of the Committee's decision. Proposals will be scored using the above criteria and given one of three grades: 1. Rejected for not meeting the criteria 2. Preliminary approval but requesting revision 3. Approved After approval by the Committee,NCFRP will inform the states participating in the NFR-CRS of the Committee's decision. For any research request that proposes to identify data by state in any published or publicly released analysis or results, states will be notified and given the opportunity to have their state's data excluded from the study(Attachment 2). States will also be asked whether they wish to be specifically acknowledged in any project publication or presentation. Requests for more information about the data file and the process for obtaining permission to access the dataset should be directed to: National Center for Fatality Review and Prevention 2479 Woodlake Circle, Suite 380 21 Okemos, MI 48864 Phone : (800) 656-2434 Fax : (517) 324-7365 Email : info@ncfrp.org 22 NATIONAL CENTER FOR FATALITY REVIEW & PREVENTION CASE REPORTING SYSTEM Application for De-identified Dataset Please complete information electronically. I. Data A. For what year or years of the NCFRP Case Reporting System are data requested? 2004 2005 2006 2007 2008 2009 2010 2011 2012 2013 2014 2015 Note: States have different timeframes for when cases are reviewed and entered into the NFR- CRS. Only cases that have been identified and approved by the states as being complete and clean will be included in the de-identified dataset. NCFRP surveys states on an annual basis to make this determination. Cases migrated from previous fatality review reporting systems into the NFR-CRS will not be included in a standard dataset, but may be provided upon further consultation between the researcher and NCFRP. II. Investigator/researchers A. Identify the Principal Investigator who will carry out the duties described in the Guidelines and provide his/her curriculum vitae as an attachment: Name: Title: Institution: Department: Street address: City: State: Zip: Phone: Email address: 23 B. Identify each additional researcher/collaborator/co-investigator that will have access to the dataset and provide the curriculum vitae for each: Name: Title: Institution: Department: Street address: City: State: Zip: Phone: Email address: C. Describe the specific responsibilities the PI and other investigator(s)will have in conducting and completing the proposed research: PI role: Investigator 2: Investigator 3: [Add additional description for additional investigators.] III. Description of proposed research project In no more than five pages (excluding the list of variables), provide a detailed study protocol that includes the following: A. Title of project. B. Describe the research question(s) and objectives for the study. C. Describe the significance and rationale for the research. D. Describe the funding source(s) for the research. E. Describe the study design and methods. The response should be a coherent narrative that links the sample,the variables requested, and the analysis plan to the research questions. The narrative response is expected to be at least one page long, and, in addition to the narrative description, the response must include the following: 1. Description of the sample set requested using the Case Report form as a guide (for example, "infants only," or"children ages 0-4 with motor vehicle as cause of death"). 24 2. List of variables needed to carry out the study using the Case Report form (attached to Application Packet) as the guide. 3. Analysis plan and software that will be used. 4. Discussion of how limitations of the data and data quality issues will be addressed and will likely impact the study and your conclusions. The NCFRP database is a unique set of information, and researchers are urged to read the attached article from Injury Prevention, in particular the sections that describe in detail the "Limitations" and "Strengths" of the data. 5. Discussion of how the study will handle small data numbers and missing and incomplete data. F. Estimated timeframe for study start and completion. G. Anticipated presentations, publications, or other dissemination of results. Please be as specific as possible. Reminder: Per the Guidelines for Use of Data, all oral and written presentations or other distribution of information resulting from the use of the requested data must be submitted to NCFRP for review at least two weeks prior to presentation or submission to a journal or other source of publication to determine whether the research was completed in the manner specified in the Application, whether the analysis is in the spirit of Fatality Review and the NCFRP mission, and to permit NCFRP to have advance notice of potential issues pertaining to the analysis and/or results. 25 IV.. Data Security All users of the NCFRP dataset must have electronic security measures in place to prevent access to the confidential dataset from unauthorized individuals. A. Where will the data reside and how will data be shared among researchers? Describe the physical transmission. B. Security details: In the table below,provide a comprehensive list of all devices on which the dataset will be installed and indicate the electronic security measures that will be applied to each device. For those devices that have access to the Internet, all four of the electronic security measures must be in place for this data request to be approved. For non-Internet devices, firewall protection is not required. If co-investigators at different institutions from the PI will also have physical control of the data, complete a table for each such co-investigator's institution. Device type Internet Indicate Does the ID workstation, device have Electronic security measures laptop, server, access to the portable media,or Internet?(Y/N) other device Password Restricted Virus Firewall login directory protection protection The device access Anti-virus Firewall requires a The software is technology login ID and directories installed on is in place password at containing the device. for devices startup and the data are (Y/N) that are after a period restricted to connected to of inactivity. authorized the Internet. (Y/N) users who (Y/N) have logged in to the device. (YIN) 1 2 3 4 26 C. Physical security: In addition to electronic security,the devices on which the dataset have been copied must be physically secured to prevent theft of the device. Describe below the physical security measure in place for each device. If co-investigators at different institutions from the PI will also have physical control of the data, complete the table for each such co-investigator's institution and describe how data will be securely transferred between institutions. Location of Device Description of physical security ID Indicate building name and office Examples are offices are locked when unoccupied; storage in number secure cabinets when the device is not in use; and monitored access to the building where the data are stored. 1 2 3 4 V. Receiving Institution A. Identify the Receiving Institution, as that term is described in the Guidelines. B. Provide the IRB assurance number. C. Describe your Institution in detail. What kind of work does it do? Include the type of organization, its profit/non-profit status, and primary sources of revenue. D. Provide evidence in an attachment that your institution is registered with the U.S. Office for Human Research Protections. E. Describe your plans to obtain IRB approval for this study using the NCFRP data. F. Describe your Institution's experience in overseeing the use of sensitive research data by its staff. Please give specific examples. G. Describe any known breaches of sensitive research data by your organization and the steps taken to remedy the breach. 27 Application signatures: Signature of Principal Investigator Date Signature of Representative of Receiving Institution Date Title 28 MICHIGAN PUBLIC HEALTH INSTITUTE National Center for Fatality Review and Prevention Contract for Access to and Use of Data This contract specifies the conditions for release of National Center for Fatality Review and Prevention(NCFRP) Fatality Reporting System data, research, and reports for legitimate public health or related research. The intent of this contract is to foster such research and to prevent misrepresentation of the data. This Contract for Access to and Use of Data(Contract for Data) is between 1 1 (Investigators), and Michigan Public Health Institute/National Center for Fatality Review and Prevention(NCFRP). This Contract for Data is for the study entitled [ 1, as described in the Application for De- identified Dataset, dated [ 1, which is attached hereto and made part of this contract as Appendix A. The Investigators are responsible for ensuring that all work under this study including the work of additional researchers, collaborators, and co-investigators complies with all applicable federal, state, local and international laws and regulations; and that the work is performed in a professional manner to the highest academic standards. Investigators agree to the following requirements for the use of the dataset and assure compliance with the requirements. 1. This agreement applies to all activities occurring between the date of signing and 18 months after that date. 2. No one will be permitted to use this dataset to conduct analyses other than those described in the Application for Access to and Use of Data that accompanies this statement. 3. IRB approval of the Receiving Institution will be obtained, and documentation of that approval will be provided to NCFRP prior to release of any dataset. 4. Investigators understand that all data shared are and shall at all times remain the sole property of the state and local teams which performed the fatality reviews that are the source of the data. 5. NCFRP will seek permission from the participating states for release of the data for the project described in the Application for Data if said states are to be named in the 29 analysis or results. States have the right of first refusal to participate in this research project if applicant intends to identify state jurisdiction in any published or publicly released analysis or results. 6. Neither the dataset nor any part of it will be released to any persons other than those identified in the approved Application for Data. 7. Investigators and all other researchers with access to the dataset will not attempt nor permit others to attempt to use the dataset to learn the identity of any decedent. If the identity of a decedent should be inadvertently discovered, Investigators will make no use of this knowledge, nor will they permit others to use the knowledge. Investigators will inform NCFRP of the discovery so it can prevent future discoveries. Investigators will not inform anyone else of the discovery of identity. 8. Investigators understand that not all deaths of children in the states have been reviewed by child death review teams and that not every fatality review team in the country participates in the NFR-CRS. 9. Investigators understand that data will only be reported at an aggregated level and no data will be released that identifies data by state jurisdiction without explicit state permission. Aggregated data must have cell counts of six or more cases in order to be reported. 10. Investigators will not alter the approved research design without written permission from NCFRP. 11. All oral and written presentations or other distribution of information resulting from the use of this dataset shall be developed with adequate provision for the accuracy, reliability and integrity of the data. 12. All oral and written presentations or other distribution of information resulting from the use of the requested dataset will be submitted to the NCFRP for review at least two weeks prior to presentation or submission to a journal or other source of publication. 13. All oral and written presentations or other distribution of information resulting from use of the requested dataset will include an acknowledgement of the participating states and NCFRP. 14. All presentations and publications will include the following language: "This dataset was provided by the NCFRP, which is funded in part by the U.S. Department of Health and Human Services (HHS), Health Resources and 30 MIElri.1111.11=IMIMIIMI Services Administration(HRSA) and in part by the US Centers for Disease Control and Prevention Division of Reproductive Health. The contents are solely the responsibility of the authors and do not necessarily represent the official views of NCFRP, HHS or the participating states. The following states contributed data from their fatality review(list states)." 15. All presentations and publications making use of this dataset shall be provided to NCFRP in a timely manner so that it is a repository of the various uses of the data. 16. Investigators understand that once a proposal for use of the dataset is approved,NCFRP may acknowledge publicly the investigators' names, institution, and name of the study as partners working with the NFR-CRS data. 17. The sharing of this dataset for the purposes stated in the approved project does not imply, in whole or in part,that the topic of the approved project has not been investigated before, or will not be investigated now or in the future, by other investigators interested in this topic. 18. Any additional or other use of this dataset except as described in Investigators' Application for Data will be considered a breach of this contract, unless agreed upon in writing by both parties beforehand. 19. Investigators will assure compliance with the security measures described in the Application for Data. 20. When the proposed analyses are completed, all copies of the dataset will be destroyed with a cross-cut shredder or returned to the NCFRP upon completion of project plus three years. All electronic versions of the dataset will be deleted. Written confirmation that the dataset has been destroyed or deleted is required. 21. By signing this document, Investigators agree to be responsible for compliance with the conditions of this agreement and agree to these conditions by their signatures below. 22. Cost-reimbursement for the time and expenses spent by MPHI staff to compile the data file requested by Investigators will be invoiced to Investigators after the work is complete. The invoice must be paid in full to Michigan Public Health Institute prior to release of the data file. 23. NCFRP may terminate the Contract for Data if the Investigator is in violation of any condition of the agreement and such violation is not remedied within 30 days after the date of written notice of the violation. 31 Principal Investigator: Name: Title: Organization: Address: Email address: Phone: Signature: Date: For Receiving Institution: Name: Title: Organization: Address: Email address: Phone: ( ) Signature: Date: For MPHI: Name: Title: Organization: Michigan Public Health Institute Address: 2479 Woodlake Circle Suite 340 Okemos MI 48864 Email address: Phone: ( ) Signature: Date: 32 Appendix B HIPAA Required Elements to De-Identify Case Data* The NFR-CRS supports two types of data downloads: identified and de-identified. NCFRP staff and researchers who have been approved by the NCFRP will receive only de-identified data. The NFR-CRS variables that will be removed in de-identified downloads are listed below. The NFR-CRS contains many free text fields (most often in the `specify' or `describe' text fields). The NFR-CRS also provides users the opportunity to provide more detail surrounding the circumstances of the death in Section 0: Narrative text field. When the Narrative, `specify,' and/or `describe' text fields are included in a de-identified download, the Narrative, `describe,' and `specify' text fields SHOULD NOT contain any HIPAA Identifiers. HIPAA Identifiers include names; all geographical subdivisions smaller than a state; all elements of dates (except year) for dates directly related to an individual; phone numbers; fax numbers; electronic mail addresses; social security numbers; medical record numbers; health plan beneficiary numbers; account numbers; certificate/license numbers; vehicle identifiers and serial numbers; device identifiers and serial numbers; web universal resource locators; interne protocol address numbers; biometric identifiers; full face photographic images; and any other unique identifying number, characteristic or code. Identifying information can be entered into the NFR-CRS element fields in the list below, including free text fields associated with the listed fields, because all the listed fields and their related text fields will be removed from every de-identified download. However, users should be instructed by the Holder not to enter any identifying information in other free text fields, including Section 0: Narrative text field, because these text fields may be included in de-identified downloads. NCFRP cannot review free text fields in de-identified downloads to assure that they contain no HIPAA Identifiers. HIPAA Required Elements to De-Identify Case Data The NFR-CRS elements listed below will be removed for all persons accessing de-identified case data: Introduction: Case Definition Case number County of review Review team number Sequence of review Death certificate number Birth certificate number Medical examiner/Coroner number *Source: Code of Federal Regulations Section 164.514(b)(2)(i). 33 Date FR team notified of death Section A: Child Information Child first name Child middle name Child last name Child name:unknown Date of birth:month,day,and year Date of birth:unknown Date of death: month and day Date of death:unknown Residential address:unknown Residential address: street Residential address: apartment Residential address: city Residential address: county Residential address: zip County of death Mother's first name Mother's middle name Mother's last name Mother's maiden name Mother's name:unknown Father's first name Father's middle name Father's last name Father's name:unknown Mother's residendence address: same as child Mother's residence address:unknown Mother's residence address:street Mother's residence address: apartment Mother's residence address city Mother's residence address:zip Mother's residence address: county Mother's discharge date from hospital Date of infant's last discharge date Section E:Incident Information Date of incident Date of incident: same Date of incident: unknown Incident county Section M:Review Meeting Process Date of first review meeting Section N:SUID and SDY Case Registry Date of first Advanced Review meeting Date of SUID Case Registry data entry complete Section P:Form Completed By Form completed by—Person's name Form completed by—Title Form completed by—Agency Form completed by—Phone Form completed by—Phone extension 34 Form completed by—Email Form completed by-Date Date of quality assurance completed by State My FR Outcomes My FR Outcomes—Person's name My FR Outcomes- Team of review *Source: Code of Federal Regulation Section 164.514(b)(2)(i). 35 Attachment 2 A Request for the Release of Fatality Review Case Report Data when Research Applicant Intends to Identify State(s) in Proposed Published Analysis or Results The following template will be used by NCFRP to request written authorization from states participating with the Fatality Review Case Reporting System for permission to release individual case report data to research applicants that intend to identify state jurisdiction in published analysis or results. State permission will be sought once the Data Dissemination Committee has approved the project. Dear State of(insert state) Data Holder: This letter is to inform you that the National Center for Fatality Review and Prevention(NCFRP) has received a request to release de-identified individual case report data. The request was submitted by (insert name of requestor and organization) on(insert date). The requester will be using the data for the purpose of(insert purpose). If the requester intends to use the data for a purpose other than what is stated here, they must submit a new request. Per the National Center for Fatality Review and Prevention's Guidelines for Requesting De-identified Dataset,written permission is necessary from each state where the research applicant intends to identify state jurisdictions in published or publicly released analysis or results of fatality review data. As a reminder, de-identified individual case report data released by the NCFRP will not include the list of data elements found in Appendix B of the NCFRP Data Dissemination Policy and Guidelines. Please verify that your state is not precluded from releasing this data by any rules or statutes before signing this agreement. If you approve this data request, please sign both copies of the attached contract. Mail both copies to the National Center for Fatality Review and Prevention for signature. 36 Attachment 3 Confidentiality Agreement to be Signed by All Researchers with Access to NCFRP Data By signing this Agreement, I agree to the following: 1. I will safeguard the confidentiality of all confidential information contained in the NFR-CRS dataset to which I have been given access. I will not carelessly handle confidential information. I will not in any way divulge copy, release, sell, loan, review, or alter any confidential information except as within the scope of my duties. 2. I will only access confidential information for which I have a need to know and I will use that information only as needed to perform my duties. 3. I will not attempt nor permit others to attempt to use the dataset to learn the identity of any decedent. If I inadvertently discover the identity of a decedent, I will make no use of this knowledge, will not permit others to use the knowledge, will not inform anyone else of this knowledge, and will inform NCFRP of the discovery so it can prevent future discoveries. 4. I will transmit and store all electronic and hard copy data in a secure and confidential manner and location at all times. 5. Upon completion of the performance of my duties,the identifiable dataset will be destroyed and no opportunities will be available to access that data on the network or computer systems. 6. I will promptly report activities by any individual or entity that I suspect may compromise the availability, integrity, security, or privacy of confidential information. 7. I understand that the ownership of any confidential information referred to in this Agreement is defined by State statutes. 8. I understand that violating applicable laws and regulations may lead to other legal penalties imposed by the judicial system. Signature: Date: Print Name: 37 Attachment 4 s NATIONAL Saving Lives Together SELECTED JOURNAL ARTICLES AND REPORTS USING NFR-CRS DATA Dangerous Waters: Profiles of Fatal Child Drowning in the U.S. 2005-2014 MacKay JM,Steel A,Dykstra H.2016. Safe Kids Worldwide. https://www.safekids.org/sites/default/files/dangerous_waters research_report.pdf Keeping Kids Safe In and Around Water: Exploring Misconceptions that Lead to Drowning MacKay JM,Steel A,Dykstra H,Wheeler T,Samuel E,Green A. 2016. Safe Kids Worldwide. https://www.safekids.org/sites/default/files/small_water safety_study_2016.pdf Death Scene Investigation and Autopsy Practices in Sudden Unexpected Infant Deaths Erck AB,Parks SE,Camperlengo L,Cottengim C,Anderson RL,Covington TM,Shapiro-Mendoza CK. 2016.J Pediatr2016; 174:84-90. https://www.researchgate.net/publication/301671583 Death Scene Investigation and Autopsy Practices in Sudden Unexpect ed Infant Deaths.Abstract only. Pediatric Suicide in the United States: Analysis of the National Child Death Case Reporting System Triglylidas T,Reynolds E,Teshome G,Dykstra H,Lichenstein R.2016. Injury Prevention 2016;0:1-6.Published first online.doi:10.1136/injuryprev-2015-041796.http://injuryprevention.bmj.com/content/early/2016/01/18/injuryprev-2015- 041796.abstract.Abstract only. Crib bumpers continue to cause infant deaths: A need for a new preventive approach Scheers N.J.,Woodard D.W,Thach,B.T.2015.Pediatrics,DOI:http://dx.doi.org/10.1016/j.jpeds.2015.10.050.Published online 11/24/2015. http://www.jpeds.com/article/S0022-3476(15)01284-6/pdf. Cause-specific mortality among children and young adults with epilepsy: Results from the U.S. National Child Death Review Case Reporting System Tian N, Shaw EC, Zack M,Kobau R, Dykstra H,Covington TM.2015.Epilepsy Behay.2015.Apr;45:31-4. doi: 10.1016/j.yebeh.2015.02.006. Epub 2015 Mar 18.http://www.epilepsybehavior.com/article/51525-5050(15)00054-2/pdf Development of a dataset of national cardiovascular deaths in the young Vetter VL,Dugan NP,Haley DM,Covington TM,Dykstra H,Overpeck M,Iyer VR,Shults J.2014.DOI:doi: 10.1016/j.ahj.2014.06.015.American Heart Journal. http://www.ahjonline.com/article/S0002-8703(14)00365-2/pdf Sofas and Infant Mortality Rechtman LR,Colvin JD,Blair PS,&Moon RY.2014.Pediatrics 2014. 134:e1292. http://pediatrics.aappublications.org/content/pediatrics/early/2014/10/08/peds.2014-1543.full.pdf. Sleep Environment Risks for Younger and Older Infants Colvin J,et al. 2014.Pediatrics 134(2):e406-e412. http://pediatrics.aappublications.org/content/pediatrics/early/2014/07/09/peds.2014-0401.full.pdf 38 Classification System for the Sudden Unexpected Infant Death Case Registry and its Application Shapiro-Mendoza C,Camperlengo L,Ludvigsen R,Cottengim C,Anderson R,Andrew T,Covington T,Hauck F,Kemp J, MacDorman M.2014.Pediatrics 2014; 134(1): 1-10. http://pediatrics.aappubl ications.org/content/pediatrics/early/2014/06/03/peds.2014-0180.full.pdf Child maltreatment deaths in the U.S. National Child Death Review Case Reporting System Palusci V,Covington T.2013.Child Abuse Neglect. S0145-2134(13)00245-7.doi: 10.1016/j.chiabu.2013.08.014. [Epub ahead of print]PubMed PMID:24094272.https://www.ncbi.nlm.ningov/pubmed/24094272 Abstract only. Sudden Unexpected Infant Deaths: Sleep Environment and Circumstances Schnitzer P,Covington T,Dykstra H.2012. American Journal of Public Health 2012; 102(6): 1204-1212. https://www.ncbi.nlm.nih.gov/pmc/articles/PMC3483961/ Public Health Surveillance of Fatal Child Maltreatment: Analysis of Three State Programs Schnitzer P,Covington T,et al.2008.American Journal of Public Health;98:296-303. http://aiph.aphapublications.org/doi/abs/10.2105/AJPH.2006.087783?journalCode=ai ph 39