Prior to submitting an APCD request to CHIA, Government Agencies are strongly encouraged to review the Data Request Form and the template Data Use Agreement and to identify any questions they may have about legal requirements. CHIA staff will work to resolve any initial questions and will:
For information about how to maximize the appropriate use of CHIA data please email firstname.lastname@example.org.
Government Agencies are asked to submit a written Data Request Form and Data Specifications Workbook using IRBNet. An IRBNet account can be created through https://www.irbnet.org/release/public/register.jsp and affiliated with the Massachusetts Center for Health Information and Analysis once logged in.
After an initial screening to ensure the Data Request is complete, and that the requester is seeking to use the appropriate dataset(s) for the proposed project, the request will be forwarded to CHIA’s Legal Unit to review for compliance with legal requirements.
CHIA Legal will assign a Technical Specialist with expertise in data privacy to review the application materials. If needed, the Technical Specialist will work with applicants to refine data requests to ensure they meet legal requirements. The length of this review period will depend on the complexity of the request and the sensitivity of the data sought.
A compliance review will be conducted within CHIA Legal to confirm that the requested release of data is consistent with 957 CMR 5.03, which governs release of APCD data to Government Agencies.
A Data Request will be referred to CHIA’s Data Privacy Committee when the Technical Specialist has sufficient information to make a recommendation as to whether the data requested are the minimum necessary to achieve the proposed objectives, as required by M.G.L. c. 12C. The information may include, among other things, a description of the specific uses of the APCD data, the proposed research methodology, specific justifications for the data elements requested, and information regarding proposed linkages.
Government Agencies seeking direct patient identifiers and other highly sensitive data also may be required to submit a letter from their General Counsel attesting to the agency’s statutory authority to obtain and use such data for the purposes described in the agency’s Data Request.
Agencies seeking Medicaid data also will be required to establish, to MassHealth’s satisfaction, that the proposed use of the data is directly connected to the administration of the Medicaid program. CHIA works with MassHealth to coordinate MassHealth review of requests for Medicaid data.
The Executive Director grants final approval for release as appropriate.
After a request is approved by the Executive Director, a Data Use Agreement must be executed prior to the release of APCD data.
In addition, Government Agencies approved to receive Medicaid data must also sign a Medicaid Acknowledgement of Conditions Form and a Medicaid Addendum to the Data Use Agreement.
Government Agencies approved to receive Medicare data must also execute a Medicare Addendum to the Data Use Agreement.
IT processes the data extract.Once the extract is completed, CHIA ships the data extract with the final approval letter signed by the Executive Director to the data recipient.