| Participant |
Collected directly from the participant (surveys, video, phone, paper, clinical) |
| Device |
Data collected from a medical device or a wearable device. Depending on the
collection, transfer method, and vendor there may be agreements required
and other regulatory and policy requirements. Requirements will be communicated
during the Human Research Data Protection required. |
| Internal |
A WVU department or entity provided the data (no agreement required). |
| WVUM EMR |
The WVU Health System (WVU Medicine) electronic medical record is the source. The use of the EMR must be approved
by an Honest Broker (WV CTSI). The approvals are facilitated
by the Human Research Data Protection Form. If data from an
EMR is to be transferred or shared, a review to determine if data agreement
will be needed is required. |
| WVUM Clinical Data |
Data from WVU Health System clinical systems other than EPIC. Data from clinical
systems must be approved by the WVU Health System (Health Information Management) for research use. An email from HIM can be uploaded
during the Data Protection process. |
| CMS/SEER |
Data from the Federal Centers for Medicare and Medicaid Services (CMS) requires
that an institutional Security Assessment Questionnaire (SAQ) be submitted
by WVU and approved by CMS yearly. PIs can't sign agreements from CMS on
behalf of the University and storage must be approved by the University
according to the approved SAQ. |
| WV DHHR |
Data from this source must be approved by the University and the WVU Health
Affairs Institute who is the Honest Broker for this data. |
| External Data |
Data that will be transferred into the University (separate copy from the
source) or data that a WVU researcher will access and share the same copy
of the data. PIs are responsible for managing data agreements for external data. PIs cannot sign data agreements on behalf of the University. |
| Publicly Available |
Data from sources that are considered public can be used without approval. This includes data that could be identifiable from social media,
phone books, etc. The IRB may have privacy concerns and requirements for
some public data. |