DHS Data Compliance / Policies

Q: Who is responsible for DHS Data Transfer?

The current DHS policy is that the DHS Principal Investigator have the primary responsibility to transfer their research data in a way that is consistent with the specific data management plan and HIPAA approvals that in the IRB and other DHS policies. For example, if transferring PHI outside the DHS network to USC's computing environment, the DHS PI must verify the IRB approved HIPAA waiver is present before ANY external transfer.

LACDHS data, including research data from LA General Hospital (which is NOT a USC covered entity) is administered by the DHS SC-CTSI Informatics Core - the DHS investigator listed in the IRB will be responsible for full compliance with all LACDHS policies.

Q: Who is allowed to access the DHS Shared Folder to access the delivered data?

A: Only the DHS Principal Investigator(s) listed on the IRB and any other personnel with a County C or E number who are permitted to view identifiable data can have access to the DHS shared folder.

Should the DHS PI wish to grant a research study personnel (must have a County C or E number) who is listed on the IRB access to identifiable data, but is NOT a DHS investigator, then the DHS PI must open a ticket on their behalf and email Helpdesk@dhs.lacounty.gov. The ticket must indicate request for their research team member with a County C or E number to gain access to map the network in order to access the DHS shared drive folder, where the research data will be delivered.

That team member must have a C or E number to be granted network access and must attach the request form to the ticket (please see file below).

Q: What other ways can my data be securely delivered to me?

A: Your delivered data can be export to your project directory in a secure DHS file share. If the file size permits and it is de-identified data, we recommend transferring using @dhs.lacounty.gov to @med.usc.edu OneDrive a HIPAA compliant transfer process that Outlook supports.

Q: Do I need IRB review for de-identified publicly available data?

De-identified publicly available data does not require IRB review. To be publicly available, all data must be available to the general public and the person(s) accessing the data must have legitimate access to the data sets.

Below are the five sites that identify as meeting the definition of publicly available data collected from the sites that would not require IRB review/approval:

Inter-University Consortium for Political and Social Research (ICPSR)

U.S. Bureau of the Census

National Center for Health Statistics

National Center for Education Statistics

National Election Studies