Data Dictionary
Total Page:16
File Type:pdf, Size:1020Kb
North Carolina Trauma Registry (NCTR) Data Dictionary Revision Date: 14 May 2007 HIPAA_Info NCTR Data Dictionary HIPAA Information The Health Insurance Portability and Accountability Act of 1996 (HIPAA) was enacted to provide legal protection against the inappropriate use of individually identifiable health information. The major emphasis of HIPAA is on patient confidentiality and privacy through a standardized approach to physical and software data security and through a structured approach to transmitting data with patient identifiable components. A Privacy Officer has been appointed for the NCTR, who is responsible for oversight of all privacy-related issues. A security officer also has been appointed who will be responsible for the oversight of all security-related issues, including revocation of user privileges, and technical and physical security plans. Technical security measures include user access and authorization, password protection, data encryption and transmission, and monitoring of NCTR use. Physical safeguards include protection of NCTR hardware and data, backup plans, and disaster recovery plans. Legislation The North Carolina Office of Emergency Medical Services (NCOEMS), under the authority of Section 143-518 of the North Carolina General Statutes, as implemented by 10A N.C.A.C. 13P.201(7), has the legal authority to collect and maintain identifiable data at the state level. The NCTR is a function of the NCOEMS, which is an agency of the North Carolina Department of Health and Human Services. As a state public health authority, NCOEMS is not a covered entity under the Health Insurance Portability and Accountability Act of 1996 (HIPAA). Hospitals who provide data to the NCOEMS may do so pursuant to 45 C.F.R. 164.512(b)(1). No business associate agreement is required . The applicable legislation is as follows: Section 143-518. Confidentiality of patient information (a) Medical records compiled and maintained by the Department or EMS providers in connection with dispatch, response, treatment, or transport of individual patients or in connection with the statewide trauma system pursuant to Article 7 or Chapter 131E of the General Statutes may contain patient identifiable data which will allow linkage to other health care-based data systems for the purpose of quality management, peer review, and public health initiatives. NCTR-DataDictionary-14May2007 1 8/26/2007 HIPAA_Info These medical records and data shall be strictly confidential and shall not be considered public records within the meaning of G.S. 132-1 and shall not be released or made public except under any of the following conditions: (1) Release is made of specific medical or epidemiological information for statistical purposes in a way that no person can be identified. (2) Release is made of all or part of the medical record with the written consent of the person or persons identified or their guardians. (3) Release is made to health care personnel providing medical care to the patient. (4) Release is made pursuant to a court order. Upon request of the person identified in the record, the record shall be reviewed in camera. In the trial, the trial judge may, during the taking of testimony concerning such information, exclude from the courtroom all persons except the officers of the court, the parties, and those engaged in the trial of the case. (5) Release is made to a Medical Review Committee as defined in G.S. 131E-95, 90-21.22A, or 130A-45.7 or to a peer review committee as defined in G.S. 131E-108, 122C-30, or 131D-21.1. (6) Release is made for use in a health research project under rules adopted by the North Carolina Medical Care Commission. The Commission shall adopt rules that allow release of information when an institutional review board, as defined by the Commission, has determined that the health research project: a. Is of sufficient scientific importance to outweigh the intrusion into the privacy of the patient that would result from the disclosure; b. Is impracticable without the use or disclosure of identifying health information; c. Contains safeguards to protect the information from redisclosure; d. Contains safeguards against identifying, directly or indirectly, any patient in any report of the research project; and e. Contains procedures to remove or destroy at the earliest opportunity, consistent with the purpose of the project, information that would enable the patient to be identified, unless an institutional review board authorizes retention of identifying information for purposes of another research project. NCTR-DataDictionary-14May2007 2 8/26/2007 HIPAA_Info (7) Release is made to a statewide data processor, as defined in Article 11A of Chapter 131E of the General Statutes, in which case the data is deemed to have been submitted as if it were required to have been submitted under that article. NCTR-DataDictionary-14May2007 3 8/26/2007 Introduction NCTR Data Dictionary Introduction This document, the North Carolina Trauma Registry (NCTR) Data Dictionary, was created using the data dictionary published by the National Trauma Registry of the American College of Surgeons (NTRACS), with modifications specific to the North Carolina Trauma Registry. It is to be used in lieu of the NTRACS data dictionary. It provides a brief summary of every data point used in North Carolina, and notes where there are custom options standard throughout the State. It does not cover those data items that are customized or used by each site specifically and not used statewide. Some data points are optional to download to the State, i.e., the North Carolina Trauma Registry (NCTR) Central Data Collection Agency (CDCA). These data points are noted with a "O" in the Opt/Req column. Therefore, the statewide registry will not include these data points for each hospital, although each individual hospital has them within their local registry. Other data points are required to be downloaded to the State. These data points are noted with an "R" in the Opt/Req column that indicates the data point is required to be downloaded to the State each quarter. While required data points are always sent to the CDCA, they are not always relevant to a particular event. Required data points are to be completed as thoroughly as possible as relevant to the event for each patient. For Example, if a patient presented to the hospital by private vehicle, the only Pre-hospital data item necessary to complete would be <Scene EMS Report> indicating that the patient was not transported by EMS or if no orthopaedic surgeon was called to see the patient in the ED, those fields related to the orthopaedist being called would not be completed. The third option in the Opt/Req column is "X". X" is used to indicate that a custom data point is no longer being used and the data should be collected through a standard data point. If the data point values have not been moved to a standard data point then the data item should continue to be downloaded, if the values have been moved to a standard data point then the data item does not have to be downloaded to the state. The section labeled Data Point History describes the history of changes to each data point and/or discussion, issues, or notes regarding the data point. Each change or comment is dated. This information was added in the Jan 2001 version of this data dictionary, but moved to a separate sheet in May 2007. The column Deactivated Values contains values that were once actively used values in the Trauma Registry, but they are no longer used. If these values appear in a pick list, it is important to deactivate these values so they remain as valid values in previous records, but they no longer appear in the active pick list options. Do not delete these values, because they are still valid for previously entered records The column Current Default contains the current default value for each data point. This column was added to facilitate checking default values in NTRACS without having to review the entire list of values to find the default For further information, please contact: Holli Hoffman, RN (919) 855-3947 (Office) Assistant Chief, Health Systems (919) 279-7242 (Cell) NCOEMS (919) 733-7021 (Fax) Division of Facility Services Email: [email protected] 2707 Mail Service Center Raleigh, NC 27699-2707 NCTR-DataDictionary-14May2007 1 8/26/2007 Introduction II NCTR Data Dictionary NCTR Patient Definition Patients who have an ICD9 diagnosis code in 800-959.9 and who are either admitted to the hospital for greater than 23:59 hours (24 hours or more) from an ED, die in the ED, are DOA, are transferred from the ED to the OR or ICU, or who are transferred to another hospital should be entered into the Trauma Registry. Minimum Requirements for Data Entry a. Data verification: Data must be verified by each hospital prior to being sent to NCTR. b. Records on 100% of patients must be entered into the NTRACS data system within 90 days of death, transfer, or discharge from the hospital. The Reimbursed Charges data point should be completed at 6 months from the date of death, transfer, or discharge from the hospital. c. Downloads are due during the first month of each quarter and no later than the last day of that month, Jan 31, Apr 30, Jul 31, and Oct 31 of each year. Downloads must include all records for patients who died, were transferred, or were discharged 90 days or more prior to the download date. d. Data submitted to the CDCA must include valid entries in all required fields marked for submission to the CDCA in the latest version of the NCTR Data Dictionary. e. In years that a hospital has a site visit, records must be entered into the NTRACS data system to meet the requirements listed in the current site visit chart selection document which can be accessed through the NC-OEMS website (http://www.ncems.org/).