NAACCR’s Data Security and Confidentiality Issues Website

Check out resources available on NAACCR’s data security and confidentiality issues website.

Authors

• Heather Zimmerman
• Data Security and Confidentiality Workgroup

Over the last two years, the Data Security and Confidentiality Workgroup has produced several resource documents to assist the cancer surveillance community with navigating this important and sometimes confusing area.

We would like to highlight some of these resources:

National Death Index Fact Sheet

This factsheet covers the key facts central registries need to know about linking with the National Death Index and how the data can be utilized. It also covers limitations and requirements associated with the use of NDI data.

Indemnification Primer

We’ve all seen data use agreements that contain an indemnification clause, but do we really know what it means? This primer covers indemnification as a legal term of art and aims to help central registries understand why it is often included and sometimes negotiated out of DUAs.

HIPAA Resources for Cancer Registries

HIPAA and its regulations including the Privacy Rule rank among the most commonly cited laws dictating how individually identifying health and personal information must be protected. But how should central cancer registries interpret HIPAA regulations? How do provisions for public health surveillance and research activities apply to registries and their operations? This handy guide explains how HIPPA applies to central registries.

Patients for Individual-Level Information From Central Cancer Registries

Are central cancer registries required to release individual-level information directly to patients or their family? Is it even a good idea to release this kind of information? These guidelines can help central registries understand what laws may apply to these types of requests and to determine whether to honor such requests.

Data Destruction Primer

Data Use Agreements almost always include a requirement to destroy the data once the project is complete or the DUA expires but what does data destruction even mean? This primer covers how to properly destroy data and how to ensure that your data is destroyed through good planning.

Multi-Factor Authentication Factsheet

Most of us have had to switch to multi-factor authentication in both our personal and professional accounts but is the hassle really worth it? This factsheet covers what MFA is and why it is important.

Data Encryption and Hashing Primer

Protecting data from unauthorized access is the primary goal of data security, and encryption and hashing are tools we hear about all the time, but do we actually understand what they are and how they should be used? This primer provides a basic description of encryption and hashing to help central registry staff understand when they should and should not be used.

The Data Security and Confidentiality Workgroup is currently working on even more resources so keep an eye out.