One of the primary missions of the Scientific Registry of Transplant Recipients
(SRTR) is to provide information and data to researchers and clinicians who have
legitimate needs. SRTR will make every attempt to fulfill this mission.
Limitations on Data Release
Possible reasons for denying a data request in whole or in part include:
Making a Data Request
- The data are not collected and/or verified;
- Release of the data violates the Privacy Act or applicable federal or state laws
regarding confidentiality of patient medical records or trade secrets;
- The purpose of the data use is not sufficiently valuable to warrant a large-scale
expenditure of time and effort; or
- The data and information are an exception from disclosure under the Freedom of Information
Please request data from SRTR in writing at email@example.com
In your request, please include the following information:
- Your contact information: name, business/organization name, mailing address, telephone
number, and e-mail address; and
- Description of data requested.
Once the initial request is received, we will supply any necessary documentation.
All data requests requiring a data use agreement (DUA) will require a signed data
release agreement, a data security plan, and a research plan.
Types of Data Requests
There are four main types of data requests:
- Simple Data Requests
Data requests that can be fulfilled with existing data and do not require additional
programming or analyses can generally be fulfilled quickly (i.e., in less than 4
hours) and do not require a DUA or the approval of the Health Resources and Services
Administration (HRSA), the HRSA SRTR Project Officer, or the
SRTR Technical Advisory Committee (STAC). Data sets require a DUA and do
not fall into the category of simple data requests. Any request requiring more than
4 hours of programming or analysis time will be considered under the fourth category,
Data Requests Requiring Additional SRTR Programming.
- Data Requests for Standard Analysis Files or Simulated Allocation Models
Data requests that can be fulfilled by releasing a Standard Analysis
File (SAF) and/or a Simulated Allocation Model
(SAM) require a DUA. The release of an SAF or SAM under a DUA requires the prior
approval of the SRTR, but generally does not require the prior approval of the STAC.
DUAs must be renewed annually through the duration of the approved use.
- Data Requests Requiring Linkages
Data requests that require a linkage to an external data source or use of personal
identifiers to link with other public or private data sources can often be accommodated.
To protect the private information of individuals in the transplant registry, SRTR
will perform the linkages and analyses that require use of personal identifiers;
SRTR will release the resulting data as summary data or as individual data with
encrypted identifiers. In exceptional circumstances, identifiers may be released
to other government agencies or investigators for linkage, but only after authorization
by the STAC and the HRSA SRTR Project Officer.
All data requests requiring linkages must be authorized by the STAC and the HRSA
SRTR Project Officer. The STAC currently votes through electronic communications.
SRTR sends all relevant documentation and background information to the STAC to
assist with voting and approval. The STAC is allowed at least 2 weeks to vote on
the request, and the STAC may ask that researchers clarify any unclear aspect of
their research plan. After STAC approval and receipt of an acceptable finder file,
the linkage will take several months to complete.
- Data Request for Additional SRTR Programming
Data requests requiring additional SRTR analyses will be considered depending on
resources available, and will be reviewed on a case-by-case basis by SRTR and the
HRSA SRTR Project Officer.
SAFs cost $1000; each additional, updated SAF costs $500.
SAMs cost $1000 per model.
Data requests that are estimated to require less than 4 hours of SRTR personnel
time are generally fulfilled without charge and completed within 30 days.
that require more than 4 hours of SRTR personnel time require payment at an hourly
rate, currently $120 per hour. Data sets are associated with a $1000 cost in addition
to the hourly rate. The cost of analytical results is based solely on the programming
time required to fulfill the request.
All patient linkage requests require more
than 4 hours of SRTR personnel time. SRTR will provide an estimate of the cost of
the data request. Then, an estimated work-effort and payment agreement must be obtained
before the programming proceeds.
A student discount is available for current students
using SRTR data to fulfill requirements of a degree program. The student discount
is available for medical doctors currently in residency or fellowship programs.
Documentation is required and the student must be named as the principal investigator.
For qualifying students, the cost of a SAF is $200 and the cost of each SAM is $200.
No student discount is available for requests requiring additional SRTR programming.
Please contact SRTR for details regarding adding investigators to a DUA, altering
the research plan of a current DUA, and other situations not described on this
Use of SRTR Data under Contract with HRSA
Before submitting an abstract, manuscript, or other aggregation data to another party for presentation or publication, the recipient must submit it to the SRTR for review. The SRTR will then submit the document to HRSA for final review and approval. If the abstract, manuscript, or data aggregation does not reflect compliance with the terms of the DUA, the recipient will revise and resubmit to the SRTR. Upon publication, the recipient will provide a copy of the final work and a complete citation to the SRTR and PO.
Publications using SRTR data
All publications using the released Data must contain the standard disclaimer: “The data reported here have been supplied by the Minneapolis Medical Research Foundation (MMRF) as the contractor for the Scientific Registry of Transplant Recipients (SRTR). The interpretation and reporting of these data are the responsibility of the author(s) and in no way should be seen as an official policy of or interpretation by the SRTR or the U.S.
In addition, all publications using the released Data must contain this standard statement within the methods section of the publication: “This study used data from the Scientific Registry of Transplant Recipients (SRTR). The SRTR data system includes data on all donor, wait-listed candidates, and transplant recipients in the US, submitted by the members of the Organ Procurement and Transplantation Network (OPTN), and has been described elsewhere (reference). The Health Resources and Services Administration (HRSA), U.S. Department of Health and Human Services provides oversight to the activities of the OPTN and SRTR contractors.” Optional publication reference: Levine GN, McCullough KP, Rodgers AM, Dickinson DM, Ashby VB, Schaubel DE. Analytical methods and database design: implications for transplant researchers, 2005. Am J Transplant 2006; 6(5 Pt 2): 1228-1242. Other references, may be used if deemed appropriate for the content of the publication.
Authorship on Publications
When individuals have made a substantial contribution to the conduct of the study
and the writing or revising of the manuscript, they shall be listed as authors.
The assignment of authorship will follow guidelines established by the International
Committee of Medical Journal Editors (ICMJE).2
Relevant information from the website is reproduced below.
HIPAA ‘Protected Health Information’: What Does PHI Include?
HIPAA.com has received from its readers requests for information on topics related
to HIPAA Administrative Simplification Privacy and Security Rules and to updates
to those rules reflected in the HITECH Act provisions of the American Recovery and
Reinvestment Act of 2009, signed by President Obama on February 17, 2009. Of particular
interest to readers is: what exactly is protected health information (PHI)?
Protected Health Information
Protected health information is defined in two ways in Section 1171 of Part C of
Subtitle F of Public Law 104-191 (August 21, 1996): Health Insurance Portability
and Accountability Act of 1996: Administrative Simplification. These statutory definitions
are of health information and individually identifiable health information.
means any information, whether oral or recorded in
any form or medium, that–
(A) is created or received by a health care provider,
health plan, public health authority, employer, life insurer, school or university,
or health care clearinghouse; and
(B) relates to the past, present, or future physical
or mental health or condition of any individual; the provision of health care to
an individual; or the past, present, or future payment for the provision of health
care to an individual.”
“Individually identifiable health information
is information that is a
subset of health information, including demographic information collected from an
(1) Is created or received by a health care provider, health plan, employer, or
health care clearinghouse; and
(2) Relates to the past, present, or future physical or mental health or condition
of an individual; the provision of health care to an individual; or the past, present,
or future payment for the provision of health care to an individual; and
(i) That identifies the individual; or
(ii) With respect to which there is a reasonable basis to believe the information
can be used to identify the individual.”
Protected health information
is defined in 45 CFR 160.103, where “CFR”
means “Code of Federal Regulations,” and, as defined, is referenced in Section 13400
of Subtitle D (Privacy) of the HITECH Act.
“Protected health information
means individually identifiable health information
(1) Except as provided in paragraph (2) of this definition, that is:
(i) Transmitted by electronic media;
(ii) Maintained in electronic media; or
(iii) Transmitted or maintained in any other form or medium.
(2) Protected health information excludes individually identifiable health information
(i) Education records covered by the Family Educational Rights and Privacy Act,
as amended, 20 U.S.C. 1232g;
(ii) Records described at 20 U.S.C. 1232g(a)(4)(B)(iv); and
(iii) Employment records held by a covered entity in its role as employer.”
The HIPAA Privacy Rule covers protected health information in any medium while the
HIPAA Security Rule covers electronic protected health information.
Thus, the question arises as to what elements comprise protected health information
such that if they were removed, items (i) and (ii) of (2) in the definition of individually
identifiable health information
would not obtain. The answer is in the
de-identification standard and its two implementation specifications of the HIPAA
Privacy Rule [45 CFR 164.514]:
“(a) Standard: de-identification of protected health information.
information (defined above) that does not identify an individual and with respect
to which there is no reasonable basis to believe that the information can be used
to identify an individual is not individually identifiable health information.
(b) Implementation specifications: requirements for de-identification of protected
health information. A covered entity may determine that health information is not
individually identifiable health information only if:
(1) A person with appropriate knowledge of and experience with generally accepted
statistical and scientific principles and methods for rendering information not
(i) Applying such principles and methods, determines that the risk is very small
that the information could be used, alone or in combination with other reasonably
available information, by an anticipated recipient to identify an individual who
is subject of the information; and
(ii) Documents the methods and results of the analysis that justify such determination;
(i) The following identifiers of the individual or of relatives, employers, or household
members of the individual, are removed:
(ii) The covered entity does not have actual knowledge that the information could
be used alone or in combination with other information to identify an individual
who is a subject of the information.
(B) All geographic subdivisions smaller than a State, including street address,
city, county, precinct, zip code, and their equivalent geocodes, except for the
initial three digits of a zip code if, according to the current publicly available
data from the Bureau of the Census:
(1) The geographic unit formed by combining all zip codes with the same three initial
digits contains more than 20,000 people; and
(C) All elements of dates (except year) for dates directly related to an individual,
including birth date, admission date, discharge date, date of death; all ages over
89 years and all elements of dates (including year) indicative of such age, except
that such ages and elements may be aggregated into a single category of age 90 or
(2) The initial three digits of a zip code for all such geographic units containing
20,000 or fewer people is changed to 000.
(D) Telephone numbers;
(E) Fax numbers;
(F) Electronic mail addresses;
(G) Social Security numbers;
(H) Medical record numbers;
(I) Health plan beneficiary numbers;
(J) Account numbers;
(K) Certificate/license numbers;
(L) Vehicle identifiers and serial numbers, including license plate numbers;
(M) Device identifiers and serial numbers;
(N) Web Universal Resource Locators (URLs);
(O) Internet Protocol (IP) address numbers;
(P) Biometric identifiers, including finger and voice prints;
(Q) Full face photographic images and any comparable images; and
(R) Any other unique identifying number, characteristic, or code, except as permitted
by paragraph (c) of this section; and
(c) Implementation specifications: re-identification. A covered entity may assign
a code or other means of record identification to allow information de-identified
under this section to be re-identified by the covered entity, provided that:
(1) Derivation. The code or other means of record identification is not derived
from or related to information about the individual and is not otherwise capable
of being translated so as to identify the individual; and
(2) Security. The covered entity does not use or disclose the code or other means
of record identification for any other purpose, and does not disclose the mechanism
The release by HHS of the Interim Final Rule, “Breach Notification for Unsecured
Protected Health Information,” published in the Federal Register on Monday, August
24, 2009, notes the following: “If information is de-identified in accordance with
45 CFR 164.514(b) [the first implementation specification, defined above], it is
not protected health information, and thus, any inadvertent or unauthorized use
or disclosure of such information will not be considered a breach for purposes of
this subpart.” [74 Federal Register 42743]
Ed Jones, Author & Healthcare Authority
Relevant information from the website is reproduced below.
Uniform Requirements for Manuscripts Submitted to Biomedical Journals: Ethical
Considerations in the Conduct and Reporting of Research: Authorship and Contributorship
An “author” is generally considered to be someone who has made substantive intellectual
contributions to a published study, and biomedical authorship continues to have
important academic, social, and financial implications (1). An author must take
responsibility for at least one component of the work, should be able to identify
who is responsible for each other component, and should ideally be confident in
their co-authors’ ability and integrity. In the past, readers were rarely provided
with information about contributions to studies from persons listed as authors and
in Acknowledgments (2). Some journals now request and publish information about
the contributions of each person named as having participated in a submitted study,
at least for original research. Editors are strongly encouraged to develop and implement
a contributorship policy, as well as a policy on identifying who is responsible
for the integrity of the work as a whole. While contributorship and guarantorship
policies obviously remove much of the ambiguity surrounding contributions, they
leave unresolved the question of the quantity and quality of contribution that qualify
for authorship. The ICJME has recommended the following criteria for authorship;
these criteria are still appropriate for journals that distinguish authors from
other contributors. Authorship credit should be based on 1) substantial contributions
to conception and design, acquisition of data, or analysis and interpretation of
data; 2) drafting the article or revising it critically for important intellectual
content; and 3) final approval of the version to be published. Authors should meet
conditions 1, 2, and 3.
- When a large, multicenter group has conducted the work, the group should identify
the individuals who accept direct responsibility for the manuscript (3). These individuals
should fully meet the criteria for authorship/contributorship defined above, and
editors will ask these individuals to complete journal-specific author and conflict-of-interest
disclosure forms. When submitting a manuscript authored by a group, the corresponding
author should clearly indicate the preferred citation and identify all individual
authors as well as the group name. Journals generally list other members of the
group in the Acknowledgments. The NLM indexes the group name and the names of individuals
the group has identified as being directly responsible for the manuscript; it also
lists the names of collaborators if they are listed in Acknowledgments.
- Acquisition of funding, collection of data, or general supervision of the research
group alone does not constitute authorship.
- All persons designated as authors should qualify for authorship, and all those who
qualify should be listed.
- Each author should have participated sufficiently in the work to take public responsibility
for appropriate portions of the content.
Some journals now also request that one or more authors, referred to as “guarantors,”
be identified as the persons who take responsibility for the integrity of the work
as a whole, from inception to published article, and publish that information.
Increasingly, authorship of multicenter trials is attributed to a group. All members
of the group who are named as authors should fully meet the above criteria for authorship/contributorship.
The group should jointly make decisions about contributors/authors before submitting
the manuscript for publication. The corresponding author/guarantor should be prepared
to explain the presence and order of these individuals. It is not the role of editors
to make authorship/contributorship decisions or to arbitrate conflicts related to
Contributors Listed in Acknowledgments
All contributors who do not meet the criteria for authorship should be listed in
an acknowledgments section. Examples of those who might be acknowledged include
a person who provided purely technical help, writing assistance, or a department
chairperson who provided only general support. Editors should ask corresponding
authors to declare whether they had assistance with study design, data collection,
data analysis, or manuscript preparation. If such assistance was available, the
authors should disclose the identity of the individuals who provided this assistance
and the entity that supported it in the published article. Financial and material
support should also be acknowledged.
Groups of persons who have contributed materially to the paper but whose contributions
do not justify authorship may be listed under such headings as “clinical investigators”
or “participating investigators,” and their function or contribution should be described—for
example, “served as scientific advisors,” “critically reviewed the study proposal,”
“collected data,” or “provided and cared for study patients.” Because readers may
infer their endorsement of the data and conclusions, these persons must give written
permission to be acknowledged.
Last updated: 8/29/2012