UCSF data access processes are designed to make policy compliance easy and seamless. If you are working with a consultant for clinical data access, you will receive guidance on regulatory issues.

General Policies for UCSF Data Use

• Institutional Review Board - provides guidance on human subjects information
  • Data and Safety Monitoring Plans and Boards (DSMP, DSMB)
• Control of Access to and Release of Information from UCSF Medical Center Information Systems (SFID or Active Directory credential required)
• Data Use Agreement – work with the UCSF Industry Contracts Division to determine if an agreement or contract is necessary for your planned research collaboration.
• UCSF  Information Security and Confidentiality Policy
• University of California Electronic Communications Policy (ECP)
• University of California Research Data Policy 
  • UCSF Guidance on Implementation of the UC Research Data Policy 
• Interim Policy: External Sharing of Personally Identifiable Information (PII) and PII-Derived Data

Enterprise Data Request Process

The new and improved Enterprise Data Request Process (EDRP) ensures all UCSF privacy and security policies are followed. The new process provides faculty, staff and students a streamlined and easy-to-use way to request clinical data for treatment, payment, operations, quality improvement and research. A wide range of stakeholders participated in developing the new EDRP.

This new process replaces:

• The APeX New/Modify Report Request Form, and
• The Enterprise Data Research Consultations Request Form

Process Documentation

Submitting a Request for Data

With the new simplified process, the system automatically guides your request through the completion of the required steps after the initial request. Explore the details:

• Requesting Clinical Data Sets for Research
• Requesting Clinical Data Sets for Clinical and Quality Initiatives

Instructions for Staff Providing Clinical Data

• Instructions for Staff Providing Clinical Data

Additional Resources

• Enterprise Data Request Form
• Recommended IRB Protocol Approval Verification Checklist
• Research Compliance Requirements

Related Policies

• Control of Access to and Release of Information from UCSF Medical Center Information Systems (SFID or Active Directory credential required)

Stakeholders in Developing the New Process

• Enterprise Information and Analytics Department and Steering Committee
• Audit and Advisory Services
• Clinical and Translational Science Institute
• Privacy Office
• Security and Policy
• Legal
• Risk Management
• Human Research Protection Program
• Health System and Campus Procurement Offices
• Health Plan Strategy
• Government and Business Contracts
• Innovation Technology and Alliances