The transfer of data to and from Advocate Health for research purposes is an important aspect of translational science in an Academic Learning Health System. The Research Data Review (ReDR) resource is available to provide research teams with best practice information early in the study design process to avoid last-minute surprises that could impede research.
What is ReDR?
The ReDR team reviews the external sharing of Advocate Health data for Research purposes. The team provides guidance and feedback for the sharing of certain types of research data requiring additional protection (e.g., Protected Health Information; International Data; Claims data, etc.). The ReDR team does not approve or disapprove studies. Instead, the ReDR team reviews studies to verify that appropriate data governance, security, and privacy controls are in place.
Who is involved?
The ReDR team includes representatives from Information Technology, the office of Compliance and Integrity, Data Governance, the Office of Sponsored Programs, the office of Data, Integration, Visualization, and Evaluation (DIVE), Cybersecurity EGRC. With this expertise, we are positioned to provide guidance on best practices, tailored to the needs of a particular study in an efficient and timely way.
How does it work?
Study teams can access ReDR team members in several ways, depending on their needs.
- ReDR can be contacted directly by email at ResearchDataReview@AdvocateHealth.org.
- The IRB submission process will automatically route applications that involve certain types of data transfers to ReDR to perform a data sharing ancillary review.
- ReDR meets formally once per week and can assist study teams on an Ad-Hoc basis as needed.
Tell me more about Research Data
Research data includes any information that has been collected or generated to validate research findings, regardless of format. Data collected as part of routine clinical care becomes research data when it is accessed, analyzed, or otherwise used for research. Research data is not limited to clinical data and includes any information or data used in a research study.
Typical data used for research:
- PHI – Protected Health Information – Individually identifiable health information including information about an individual’s health status, provision of healthcare, or payment of healthcare. Examples include diagnoses, procedures, lab results, and dates.
- PII – Personally Identifiable Information – Any information (does not have to be medical) that can be used to identify an individual, even when combined with other data. Includes PHI. Examples include names, SSNs, DOBs, and addresses.
Data Set Categories
Limited Data Set – A Limited Data Set (LDS) is different from De-identified data and is still considered PHI under the HIPAA Privacy Rule. Some data elements that have been removed to make the data set De-identified can remain when creating an LDS, specifically dates and city/state/zip.
De-Identified – De-identified data does not contain any of the 18 identifying data elements set forth in HIPAA Privacy Rule.
More information for teammates is available in this Protected Health Information document from the Office of Compliance and Integrity.
What is not allowed?
Any Advocate Health Data (PHI, PII, Business Sensitive and/or De-identified) is not allowed to be shared externally without a legal agreement in place. This is not a legal requirement but is an organizational policy/standard.
The following data is not permitted to be used for Research purposes due to the sensitivity of the data as well as legal and regulatory requirements.
- Advocate Health Cost Data
- Social Security Numbers
- Payor Administrative / Claims
- AI / Ambient Listening Transcripts / Recordings
Contact ReDR
To request a consultation with the ReDR team please email ResearchDataReview@AdvocateHealth.org