09-25-0160 SYSTEMS LISTING

United States Renal Data System (USRDS), HHS/NIH/NIDDK.

None.

Records are located at contractor operated coordinating center. Write to the System manager at address below for address of current location. U.S. Renal Data System, Coordinating Center (CC), 914 South 8^th Street, Suite D-206, Minneapolis, MN 55404.

Persons with end-stage renal disease (ESRD), providers of ESRD services.

Health and medical record data; fiscal information; patient names, social security number, Centers for Medicare and Medical Services (CMS) beneficiary ID, patient demographic, epidemiologic and survival characteristics; physician provider characteristics; facility provider characteristics.

42 U.S.C. 241a, 289c, as last amended by Pub. L. 100-607, November 4, 1988 under the Health Omnibus Programs Extension of 1988.

1. To design and implement a consolidated renal disease system that will provide the biostatistical, data management and analytical expertise necessary to characterize the total renal patient population and describe the distribution of patients by sociodemographic variables across treatment modalities.
2. To report on the incidence, prevalence, and mortality rates of renal disease by primary diagnosis.
3. To identify the modalities of treatment best suited to individual patients. To compare the various treatment alternatives to examine the prevention and progression of renal disease by morbidity, mortality, and quality of life criteria.
4. To identify problems and opportunities for more focused investigations of renal research issues currently unaddressed by the consolidated data system.
5. To share data with other PHS agencies and CMS for their use in research analysis and program administration.

1. Disclosure from the record of an individual may be made to the Department of Justice, or to a court or other tribunal, when (a) HHS, or any component thereof; or (b) any HHS employee in his or her official capacity; or (c) any HHS employee in his or her official capacity where the Department of Justice (or HHS, where it is authorized to do so) has agreed to represent the employee; or (d) the United States or any agency thereof where HHS determines that the litigation is likely to affect HHS or any of its components, is a party to litigation or has an interest in such litigation, and HHS determines that the use of such records by the Department of Justice, the court or other tribunal is relevant and necessary to the litigation and would help in the effective representation of the governmental party, provided, however, that in each case, HHS determines that such disclosure is compatible with the purpose for which the records were collected.
2. Disclosure may be made to a Congressional office from the record of an individual in response to a written inquiry from the Congressional office made at the written request of the individual.
3. Disclosure may be made to the HHS contractor for the purpose of collating, analyzing, aggregating or otherwise refining or processing records in this system for developing, modifying and/or manipulating ADP software. Data would also be disclosed to contractors incidental to consultation, programming, operation, user assistance, or maintenance for an ADP or telecommunications systems containing or supporting records in the system. The contractor shall be required to maintain Privacy Act safeguards with respect to such records.
4. A record may be disclosed for a research purpose, when the Department: (A) Has determined that the use or disclosure does not violate legal or policy limitations under which the record was provided, collected, or obtained; (B) Has determined that the research purpose (1) cannot be reasonably accomplished unless the record is provided in individually identifiable form, and (2) warrants the risk to the privacy of the individual that additional exposure of the record might bring; (C) Has required the recipient to (1) establish reasonable administrative, technical, and physical safeguards to prevent unauthorized use or disclosure of the record, (2) remove or destroy the information that identifies the individual at the earliest time at which removal or destruction can be accomplished consistent with the purpose of the research project, unless the recipient has presented adequate justification of a research or health nature for retaining such information, and (3) make no further use or disclosure of the record except (a) in emergency circumstances affecting the health or safety of any individual, (b) for use in another research project, under these same conditions, and with written authorization of the Department, (c) for disclosure to a properly identified person for the purpose of an audit related to the research project, if information that would enable research subjects to be identified is removed or destroyed at the earliest opportunity consistent with the purpose of the audit, or (d) when required by law; (D) Has secured a written statement attesting to the recipients understanding of, and willingness to abide by these provisions.

Records may be disclosed to student volunteers, individuals working under a personal services contract, and other individuals performing functions for PHS who do not technically have the status of agency employees, if they need the records in the performance of their agency functions.

Electronic medium; selected hard copy backup.

Information will be retrieved by patient identification number such as social security number and CMS beneficiary ID. Individual patient data provided only as noted above. Statistical data provided as noted above and to the general public as part of periodic published reports.

A variety of safeguards are implemented for the various sets of records in this system according to the sensitivity of the records:

1. Authorized Users: Regular access is limited to National Institute of Diabetes and Digestive and Kidney Diseases (NIDDK), CMS and contract personnel who have a need for the data in performance of their duties as determined by the system manager.
2. Physical Safeguards: Records are stored in areas where access is restricted to areas where data are maintained and processed; data tapes and hard copy data are stored in locked files in secured areas; terminal access controlled by user ID and keywords; off-site data backups in two locations - a remote area of the same building and a separate building; and fire protection secured by Halon fire extinguisher system and fire alarm system present in the computer room.
3. Procedural Safeguards: Contractors who maintain records in this system are instructed to make no further disclosure of the records except as authorized by the system manager and permitted by the Privacy Act.

Privacy Act requirements are specifically included in contracts and in agreements with grantees or collaborators participating in research activities supported by this system. HHS project directors, contract officers, and project officers oversee compliance with these requirements.

These practices are in compliance with the standards of Chapter 45-13 of the HHS General Administration Manual, "Safeguarding Records Contained in Systems of Records," supplementary Chapter PHS hf: 45-13, and the HHS Automated Information Systems Security Program Handbook.

Records are retained and disposed of under the authority of the NIH Records Control Schedule contained in NIH Manual Chapter 1743, Appendix 1 - "Keeping and Destroying Records" (HHS Records Management Manual, Appendix B-361), item 3000-G-3(b), which allows records to be kept as long as they are useful in scientific research. Refer to the NIH Manual Chapter for specific disposition instructions.

Epidemiology Program Director, National Institute of Diabetes and Digestive and Kidney Diseases (NIDDK), Division of Kidney, Urologic and Hematologic Diseases, Rockledge II, Room 615, 6701 Democracy Boulevard, Bethesda, MD 20892.

To determine if a record exists, write to the System Manager at the address noted above. Provide notarized signature as proof of identity. The request should include as much of the following information as possible: (a) Full name; (b) title of project individual participated in; and (c) approximate dates of participation.

Same as Notification Procedures. Requesters should also reasonably specify the record contents being sought. Individuals may also request listings of accountable disclosures that have been made of their records, if any.

Contact the System manager at the address specified under Notification Procedures above and reasonably identify the record, specify the information being contested, and state the corrective action sought, with supporting information to show how the record is inaccurate, incomplete, untimely, or irrelevant. The right to contest records is limited to information which is incomplete, irrelevant, incorrect, or untimely (obsolete).

The majority of health, medical, fiscal and other demographic information on patients and health care providers is from the end stage renal disease program of the Centers for Medicare and Medicaid Services (CMS). Additional data comes from other CMS Medicare patient records, the National Death Index, and other sources of non-Medicare ESRD patient records such as the NIH Continuous Ambulatory Peritoneal Dialysis (CAPD) Registry, the United Network of Organ Sharing (UNOS) transplant patients, the Veteran's Administration, and the Indian Health Service.

None.