Frequently Asked Questions

Frequently Asked Questions

NATURE OF HEALTH RESEARCH AND PERSONAL DATA INVOLVED.

Last updated: December 23, 2019

Phone:

Email: austin.stack@ul.ie

Location: CERC Building,University Hospital Limerick

1.Overview

The major goal of the National Kidney Disease Surveillance System (NKSSS) and Quality Assurance (QA) Programme is to provide meaningful high-quality information on the frequency of kidney disease (acute and chronic) and its complications in the Irish health system. The programme will also assess the quality of care provided to patients with kidney disease, and the effectiveness of different treatments for kidney disease. It will also help identify areas or regions where the burden of disease is high and where greater attention should be focused. It will also help identify areas of good clinical practice and areas where clinical care is suboptimal in the health system. By capturing information over several years, we can get a better picture of how common the disease is and examine whether our strategies for prevention are working. This information will be used to assist health professionals in the strategic planning of health services for kidney disease in Ireland. With careful planning and engagement with stakeholders from several agencies: the HSE, Data Protection Office, Department of Health, and the National Renal Office, we have developed a method for securely collecting clinical information and linking it in order to track the frequency and impact of kidney disease in the health system. This is done at the DCC at the University of Limerick.

We believe that this important new information is fundamental in driving improvements in the organisation of services, delivery of clinical care and in the assessment of kidney disease services in Ireland. We further believe that this information will improve the lives of patients in this country.

2. Data We Collect

The National Kidney Disease Surveillance System (NKDSS) and Quality Assurance (QA) Programme collects information from Laboratory Information Systems, dialysis registers, the Hospital In-Patient Enquiry Scheme (HIPE) and National Mortality data to provide a more complete profile of the patient’s health status through the Irish Health system.

Laboratory Information Systems

This includes clinical and demographic data. Clinical information includes serum and urine biochemical and haematological test results. Demographic information collected includes patient names, patient addresses, medical record number, gender, month and year of birth, and county of residence

End Stage Kidney Disease (ESKD) Registers

The Northwest and Midwest ESKD Registers capture data on all patients who develop ESKD and require dialysis or kidney transplantation. Data collected includes patient demographics, the date and type of first dialysis, the primary modality of renal replacement therapy. More recently, deployment of the renal information system (Kidney Disease Clinical Patient Management System) captures dialysis data.

HIPE

HIPE is a health information system that collects demographic, clinical and administrative information on discharges and deaths from acute hospitals nationally. The information collected includes clinical, administrative and demographic data. Clinical information includes details of diagnoses and procedures carried out on each patient. Administrative information includes items such as dates and times of admission and discharge, type of admission, source of admission and discharge location. Demographic information collected patient surnames, Medical Record Number, gender, month and year of birth, county of residence.

National Mortality data

National Mortality data includes, full name, date of death, address of residence of deceased, place of death, cause of death, occupation of deceased, age of deceased, sex of deceased, marital status of deceased.

3. How We Use Data

Prior to data merging, the laboratory information (results of blood tests) will contain patient identifiers, which are needed to link this data with hospitalisation records (e.g. Hospital Inpatient Enquiry dataset (HIPE) and mortality dataset from the Central Statistics Office). Once the final data linkage has been completed and validated, then the dataset is anonymised. “Pseudonymisation” of data means replacing any identifying characteristics of data with a pseudonym, or, in other words, a value which does not allow the data subject to be directly identified. A master list is retained by data processors of the DCC to allow for longitudinal matching of laboratory, registry, hospitalisation and mortality data over time in order to ascertain changes in disease burden and quantify risk of major outcomes.

4. How We Disclose Data.

Data subjects can expect their data to be accessed and processed by a very limited select group of approved individuals who will link and anonymise data prior to any data analysis. They can expect that no personal data will be transferred to third parties or used outside the scope of the National Kidney Disease Surveillance and Quality Assurance (QA) Programme in accordance with regulatory guidelines. The purpose of a data processing and linkage is not to make decisions about an individual that would result in harm to the individual, such as being denied access to appropriate health services and/or benefits to which the individual is entitled.

The purpose of data linkage is to allow for the creation of unique longitudinal profile of the patient’s health status through the Irish Health system which can be anonymised prior to being used to address research questions. The outputs of the data analysis aim to improve the lives of people with kidney disease by specifically addressing the frequency of disease, its complications and impact in Ireland. The results to date are informing national and international policy that will positively impact patient lives If aggregate level summary data of these anonymised datasets is provided; in relation to medical procedures or diagnoses it will be done so with the condition that any cells with a count less than 5 are suppressed

5. Security

All data processing and analyses is conducted within the confines of the Data Coordination Centre (DCC) at University of Limerick, which offers a secure operating IT environment, locked facilities, with password-protected access for all members of staff. Access to identifiable data will only be permitted to a limited number of individuals who will oversee and progress data linkage across datasets.

The DCC has established physical, technical and administrative security practices to ensure the confidentiality and security of all of its data holdings. The personal data is encrypted at each site by a designated HSE laboratory information manager or HIPE manager before it is securely transferred to the Data Coordination Centre (DCC) situated at University Limerick. Once securely transferred to the Data Coordination Centre (DCC) files are loaded and decrypted and stored on a secure server.

Security measures:

  • Access to the data server room is restricted to swipe card access only to Information Technology Division (ITD) staff on server maintenance
  • Access to the server is password protected
  • Access to the data files on the server is limited to 3 core individuals
  • Random audits are conducted to monitor access
  • PCs are password protected and updated as per UL policy
  • Data is contained within the UL firewall