Form Cms-R-0235m - Medicaid Agency Data Use Agreement Page 4
Download a blank fillable Form Cms-R-0235m - Medicaid Agency Data Use Agreement in PDF format just by clicking the "DOWNLOAD PDF" button.
Open the file in any PDF-viewing software. Adobe Reader or any alternative for Windows or MacOS are required to access and complete fillable content.
Complete Form Cms-R-0235m - Medicaid Agency Data Use Agreement with your personal data - all interactive fields are highlighted in places where you should type, access drop-down lists or select multiple-choice options.
Some fillable PDF-files have the option of saving the completed form that contains your own data for later use or sending it out straight away.
ADVERTISEMENT
1
2
3
4
5
66. The parties mutually agree that the aforesaid file(s) (and/or any derivative file(s), including any file that
maintains or continues identification of individuals) may be retained by the User for a maximum period
of 10 years from the effective date of this agreement, hereinafter known as the retention date. The User
agrees to notify CMS at least 30 days prior to the expiration of the aforementioned retention date in order
to renegotiate this agreement. The User acknowledges that stringent adherence to the aforementioned
retention date is required.
7. The User agrees to establish appropriate administrative, technical, and physical safeguards to protect the
confidentiality of the data, and to prevent its unauthorized use or access. The safeguards shall provide a
level and scope of security that is not less than the level and scope of security established by the Office
of Management and Budget (OMB) in OMB Circular No. A-130, Appendix III—Security of Federal
Automated Information Resources ( ), which
sets forth guidelines for security plans for automated information systems in Federal agencies. The User
acknowledges that the use of unsecured telecommunications, including the Internet, to transmit individually
identifiable or deducible information derived from the file(s) specified in section 5 is strictly prohibited.
Further, the User agrees that the data must not be physically moved or transmitted in any way without
written approval from CMS.
8. The User agrees that the authorized representatives of CMS, DHHS Office of the Inspector General or
Comptroller General, will be granted access to premises where the aforesaid file(s) are kept for the purpose
of inspecting security arrangements confirming whether the User is in compliance with the security
requirements specified in section 7.
9. The User agrees that no findings, listing, or information derived from the file(s) specified in section 5, with
or without identifiers, may be released if such findings, listing, or information contain any combination
of data elements that might allow the deduction of a beneficiary’s identification without first obtaining
written authorization from the appropriate System Manager or the person designated in item number 16
of this Agreement unless the information derived from the files specified in section 5 are being used for
purposes outlined in section 4. The User will notify any entity to which the data is transferred of the need
to maintain the confidentiality of the data provided. Examples of such data elements include but are not
limited to geographic indicator, age, sex, diagnosis, procedure, admission/discharge date(s), or date of death.
The User agrees further that CMS shall be the sole judge as to whether any finding, listing, information,
or any combination of data extracted or derived from CMS’s files identifies or would, with reasonable
effort, permit one to identify an individual or to deduce the identity of an individual to a reasonable
degree of certainty.
10. The User agrees that in the event CMS determines or has a reasonable belief that the User has made or
may have made disclosure of the aforesaid file(s) that is not authorized by this Agreement, or other written
authorization from the appropriate Systems Manager or the person designated in section 16, CMS in its
sole discretion may require the User to: (a) promptly investigate and report to CMS the User’s determinations
regarding any alleged or actual unauthorized disclosure, (b) promptly resolve any problems identified by
the investigation; (c) if requested by CMS, submit a formal written response to an allegation of unauthorized
disclosure; (d) if requested by CMS, submit a corrective action plan with steps designed to prevent any
future unauthorized disclosures; and (e) if requested by CMS, return data files to CMS immediately. The
User understands that as a result of CMS’s determination or reasonable belief that unauthorized disclosures
have taken place, CMS may refuse to release further CMS data to the User for a period of time to be
determined by CMS.
11. The User hereby acknowledges that criminal penalties under §1106(a) of the Social Security Act (42
U.S.C. §1306(a)), the Privacy Act (5 U.S.C. §552a(i)(3)), and 18 U.S.C. §641, which govern the use of
these data, may apply to disclosures of information that are covered by this agreement.
12. By signing this Agreement, the User agrees to abide by all provisions set out in this Agreement for
protection of the data file(s) specified in section 5.
Form CMS-R-0235M (07/07) EF 07/2007
4
ADVERTISEMENT
0 votes
Related Articles
Related forms
Form Cms-r-0235u - Data Use Agreement (dua)- Update To Existing Dua - Agreement For Use Of Centers For Medicare & Medicaid Services (cms) Data
Medical
Form Cms-r-0235a - Data Use Agreement (dua) Addendum For Data Acquired From The Centers For Medicare & Medicaid Services (cms) 2012
Legal
Form Cms-r-0235 - Agreement For Use Of Centers For Medicare & Medicaid Services (cms) Data Containing Individual Identifiers
Medical
Related Categories
Parent category: Medical