TMA Home About TMA Human Resources Conferences TRICARE Contacts Feedback Site Map
 
Skip Navigation LinksTMA Home > Clinical Operations and Patient Care > TMA Privacy Office > DSAs > Types of Data Sharing Agreements (DSAs)
Infinite Menus, Copyright 2006, OpenCube Inc. All Rights Reserved.

Types of Agreements Related to Data Sharing

  • A Data Sharing Agreement (DSA) incorporating the approved Data Sharing Agreement Application (DSAA) is provided by the TRICARE Management Activity (TMA) Privacy and Civil Liberties Office (Privacy Office) to the Government Sponsor and the Applicant (identified as the Recipient in the executed DSA) only after a DSAA is approved.

  • The Privacy Office utilizes the DSAA to

    • Determine the type of data requested
    • Confirm compliance with federal and Department of Defense (DoD) regulatory requirements, including permissible uses and disclosures
    • Document the agreed upon responsibilities of the Government Sponsor and Applicant/Recipient
    • Provide the requestor with clear terms and conditions for approval

  • After the DSAA is approved, the Privacy Office will provide one of the following applicable agreements for execution:

    • DSA for De-identified Data
    • DSA for Personally Identifiable Information (PII) excluding Protected Health Information (PHI)
    • DSA for PHI
    • Data Use Agreement for a Limited Data Set

    Note: Contractors requesting to use and/or create PHI in support of a DoD initiative may need to have a Business Associate Agreement (BAA) incorporated into the current contract before the DSAA can be approved.

  • Interservice and Intragovernmental Agreements Memoranda of Agreement (MOA)/Memoranda of Understanding ( MOU)

    • MOUs and MOAs are neither created nor managed by the Privacy Office, however; the Privacy Office should be included in the coordination for review to ensure that the proposed use and/or disclosure of data is in compliance with applicable federal and DoD regulatory requirements.

  • Computer Matching Agreement (CMA)

    • A CMA is neither created nor managed by the Privacy Office, however; the Privacy Office should be included in the coordination for review to ensure that any proposed matching program is in compliance with the DoD Privacy Program (DoD 5400.11-R) in its implementation of the Privacy Act of 1974.


www.tricare.mil is the official Web site of the TRICARE Management Activity, a component of the Military Health System 7700 Arlington Boulevard, Suite 5101, Falls Church, VA 22042-5101

The appearance of hyperlinks to external Web sites does not constitute endorsement by the TRICARE Management Activity of these Web sites or the information, products or services contained therein. For other than authorized government activities, TRICARE Management Activity does not exercise any editorial control over the information you may find at other locations. Such links are provided consistent with the stated purpose of this DoD Web site.