Due to new agreements with the Centers for Medicare and Medicaid Services (CMS), all Medicare data released by SEER-Medicare in 2020 will come from CMS`s Chronic Disease Warehouse (CCW) in the future. These files have a different format than files published in previous years. Researchers who have opened SEER-Medicare projects and use data published before 2020 can complete their studies with the data files they currently have as long as their DUAs are valid. However, in order not to prolong the full transition to CCW files, researchers are not allowed to request that new CCW files be combined with older files they have already received. If additional data is needed to complete an open project, a brand new request can be made through the usual processes. NCI, the Centers for Medicare & Medicaid Services, and SEER staff greatly appreciate the potentially sensitive nature of cancer data and the need to respect the privacy of patients and providers included in DEER Medicare data. Researchers who want to use DEER-Medicare data may have concerns about compliance with health insurance portability and accountability act (HIPAA) regulations. DEER-Medicare data includes information about geographic location at the county level, as well as the date of receipt of health services. Because of these variables, SEER-Medicare data is considered a data set limited by HIPAA requirements, which require investigators to sign a data use agreement before receiving the data.
This exception allows SEER Medicare data to be published without the approval of individual patients (see Federal Register, August 14, 2002, p. 53235). However, because SEER-Medicare data is a limited data set, investigators who own the data may not share these files with other investigators. Investigators contacted by colleagues who wish to use their data should ask their colleagues to contact SEER-Medicare. Once a data request has been approved and all relevant documents are on file, IMS (NCI Information Technology Contractor) will provide the investigator with an invoice to cover the cost of creating the requested data files (see Costs of obtaining SEER Medicare data). IMS starts processing data requests after receipt of payment. To ensure the security of patient information during the file transition, the data files are encrypted on a password-protected USB flash drive. The data files are also compressed using the GZIP compression program. A program is provided to extract the files on the user`s PC to the user-specified directory.
The PC must be equipped with the Windows operating system. GUNZIP is required to extract the files if you are using a UNIX or Linux computer. DEER-Medicare data is available to researchers for research purposes. Although the personal identifiers of all patients and healthcare providers have been removed from deer-Medicare data, there is still a distant risk of re-identification (given the large amount of data available). Given the sensitive nature of the data, maintaining patient and provider privacy is a major concern of the NCI, SEER, and the Centers for Medicare & Medicaid Services. Therefore, DEER-Medicare data is not public data file. Researchers must obtain permission for certain research questions in order to obtain the data. The aim of the authorisation procedure is not to criticise the methodology or merits of the proposed projects, but to guarantee the confidentiality of patients and providers in seer areas.
The NCI will work with researchers requesting data files to align their research needs with those of the individuals and institutions included in the data. Please note that investigators are not allowed to request all data. For a complete description of the data use and storage requirements, see the SEER-Medicare Data Use Agreement (PDF, 180 KB). All media on which SEER-Medicare data is delivered must be stored in a safe place, by .B. in a locked filing cabinet in a locked office that only the principal investigator and/or certain employees can access. Data associated with SEER-Medicare must be protected. The Principal Investigator (PRINCIPAL INVESTIGATOR) must sign a Data Use Agreement (PDF, 180 KB) before receiving the data. All employees who have access to these records must also sign the DUA for the Principal Investigator`s records. Any investigator who has received the DEER-Medicare data (including anyone with access to the data) must take all reasonable steps to ensure the security and confidentiality of the data. Data storage must comply with the data retention plan detailed in the approved application. Any changes to this plan must be submitted for review and approval before the amendment can be implemented. The data owners (PI and CMS of the SEER Registry) make NCI responsible for tracking the usage and location of all shared SEER Medicare data.
As interest in DEER-Medicare data continues to grow exponentially, there is an ever-increasing number of data requests that need to be tracked. To ensure that NCI is aware of how the data is used, who uses the data and to avoid changing the scope, restrictions on the number of data updates, data retention and data sharing are justified. All folders that contain restricted variables must be physically separated from all other MEDICARE SEER files. Separate access controls with strong user authentication (username/password, digital certifications, etc.) must be put in place to allow limited and traceable access to these files. SEER Medicare users can access SEER Medicare data through a secure VPN provided by the institution. The user`s PC can support VPN. All DEER Medicare data must remain on the server and no DE SEER Medicare data must be downloaded to the user`s computer. The PRINCIPAL INVESTIGATOR must control all access to DEER Medicare data and monitor all VPN access to ensure compliance with these rules. For approved requests for the 2020 link, you can request data up to three times: the initial data request, and then the updated data from the following two links. If additional updates are requested, investigators will be required to submit a new request for review and approval. The SEER Medicare 2020 link is not compatible with any previous version. Therefore, you cannot request updated data for applications that were approved before this release.
If you wish to obtain data from the SEER-Medicare 2020 link, you must submit a new application. All previously published data must be destroyed. With the release of the SEER-Medicare 2020 link, investigators will not be able to submit new requests for reuse/publication of data from previous links. Researchers are only allowed to submit new data reuse/sharing requests for projects approved for publication in 2020 with colleagues at their institute if the data relates to the same cancer site and medicare claims. Researchers often have questions about DEER-Medicare data or need help before or during an analysis. You may find the documents provided here useful when running your analysis. The DATA Use Agreement (DUA) stipulates that the data retention period is 5 years. If additional time is required to complete the approved project, investigators may request an extension of the DUA. However, DUAs established before December 2020 will not be renewed. Investigators must submit a new request for review and approval. Without an approved extension, all previously published SEER Medicare data must be destroyed. Researchers who wish to use SEER-Medicare data must obtain the IRB provision before the seer-medicare data is communicated to them.
A full IRB review is not required. Many CISRs, including the NIH Office of Human Subjects Research, have found that SEER-Medicare data are excluded (CFR 46,104(4)). Please note that the retention period for shared data begins from the moment the data from the initial project is received, and not only when the data sharing request has been submitted. If special permission has been granted for portable devices or removable media, all files on those devices must be password protected AND encrypted. Encryption is a method used to protect the confidentiality, integrity, and authenticity of data. SEER Medicare data stored on portable devices or removable media must be encrypted using one of the following approved encryption standards: Data Encryption Standard (DES), which uses an input-output block size of 64 bits; Advanced Encryption Algorithm (AES), which uses a key size of 128, 192, or 256 bits; or International Data Encryption Algorithm (IDEA), which uses a key size of 128 bits. If a portable device or removable media containing SEER Medicare data is lost or stolen, or if there is reason to believe that data security is compromised, the investigator must notify the SEER-Medicare contact within 24 hours/first business days of discovering the data breach/loss. The preferred method for storing SEER-Medicare-related data is on an institutional server with password-controlled access. If it is necessary to store these files in a different way, this storage plan should be described in detail in the Data Storage and Protection section of the application.
.