Sharing de-identified data
Did you know that UCSF De-identified data are considered UCSF Intellectual Property and are subject to HIPAA regulations?
It's true! So, if you are working with a non-UCSF partner and you want to share the data, UCSF may require that your data are "certified," meaning your dataset is correctly de-identified in accordance with HIPAA regulations and has the required certification. In addition, you will need an appropriate data sharing contract that is executed with your non-UCSF partner. Work with the UCSF Division of Industry Contracts for this step (contact at: [email protected])
More details
New contracts & partnerships that propose data sharing with external entities are being closely reviewed. Read more about how we support secure data-sharing partnerships.
The Clinical & Translational Science Institute (CTSI) is available to consult with you about your data, however, you will need to use an external company for the certification, if required. Important Note: You will need to pay for the certification.
Here are some considerations as you think about your data:
- Was the dataset derived from a previously certified UCSF de-identified data source?
- Complexity of the Dataset
- Size of the Dataset
- Data Sharing Plans
- Size of Intended Audience of the Dataset
Get advice or have questions? : REQUEST CONSULTATION
UCSF IT recommends this company for De-Identification Certification, but there are others.
- ArcherHall LLC: https://archerhall.com/