Info

Conditions for use

Please consider the following conditions before setting up a study on CTMM TraIT BMIA

Patient Identifying Data (PID)

Patient Identifying Data (PID) is any data (names, numbers, addresses, etc.) within clinical data that could potentially be used to identify subjects, either directly or by linkage to other systems. PID obviously includes names and initials, but also hospital system IDs or national health service / insurance IDs, numbers which in conjunction with those systems would identify an individual. Dates of birth can be PID, though normally not in a large data set and without other associated data (e.g. identifying source hospital) when identification would be difficult. There is no absolute definition of PID - it depends on the size of the data set and what data is present. Any clinical data can be PID if it is rare, in a small data set, or linked to other information (e.g. geographical location).

TraIT will check the use of PID for each study that starts on the TraIT BMIA production environment.

If a patient has signed informed consent and specifically consented to the recording of her/his PID than it is allowed to record identifying data in BMIA. However, unless there is explicit reason to capture PID, no PID will be recorded.

If there is no informed consent and no approval of an accredited reviewing committee, a Privacy - or Security Officer from each participating site should give approval and take responsibility for capturing PID. Under no circumstances it is allowed to capture unencrypted BSN (Dutch social security number) unless the patient has given explicit informed consent to do so.

The Principal Investigator (PI) remains the controller and custodian of the data with all corresponding responsibilities regarding personal data

  • TraIT is the data processor on behalf of the PI
  • The PI (or a delegate assigned by the PI) determines who will get access to the data; TraIT will only execute those decisions

Please note that PID may not be part of the coding of study participants (the Study Subject ID in BMIA ). For more information on encryption see the protocol model of the CCMO , section 12.1 (http://www.ccmo.nl/en/standard-research-file)

 

Use of validated de-identification profiles and full-circle test

TraIT requires a de-identification profile that is validated for each version of each modality (~scanner) in each participating site. Validation is required for both the completeness of the de-identification and for the usability of the de-identified images. The reason to do so is that there are many vendor specific implementations of the DICOM standard that may cause PID to be present at vendor / modality / version specific locations in the DICOM header. TraIT supports in this set-up of the de-identification profile using, amongst others, the De-identification Knowledge Base of The Cancer Imaging Archive. For a given de-identification profile a full circle test (de-identification, upload, download and analysis) needs to be conducted by the study to ensure the de-identified images are not only properly de-identified but are also still usable for the analysis foreseen in the study. . A typical example of such a variable critical for analysis is the weight of a patient in a PET scan. Although the weight is a data element that is preferentially removed from the DICOM header (because it might identify a patient, esp. if the weight is exceptional), it causes many PET measures to no longer be calculable (e.g. Standardized Uptake Value) as the weight is needed for the calculation of that measure.

TraIT can advise how to set-up de-identification profiles and has ‘standard’ de-identification profiles, but the testing of these profiles in the specific environment of the study is ultimately the responsibility of the study staff.