What is governance?Governance is a vital element of data-sharing partnerships and helps organizations or networks make decisions together about data, technology, generated information, and partnerships. Governance includes processes, roles and policies in the effective and efficient use of information as it is shared and sets the standards for how partners will monitor and evaluate each other. In a data-sharing partnership, such as CODI, governance specifies how the data sharing will be carried out and, once in place, whether it meets all partners’ expectations and initial agreements. CODI governance created the structure for decision-making and accountability that aligns all partners with common goals. By assigning clear tasks and duties to each partner, governance helps to ensure that everyone is collaborating effectively and productively.
Why is governance important to CODI?For CODI, having a governance strategy in place is crucial to enable efficient data exchange and foster trust and effective collaboration between organizations. As CODI is a large project involving multiple partners, it is essential that the governance activities and outputs take into account the perspectives of all partners. By conducting a thorough discovery process, CODI collaborators can assess their governance capacity and identify regulatory and organizational challenges. This allows them to develop a governance infrastructure that leverages existing knowledge and effectively addresses these challenges.
Who should use the CODI governance model?
The CODI governance model can be a valuable tool for organizations and researchers seeking to combine clinical and community data to create longitudinal data sets for childhood obesity research, surveillance or evaluation. CODI governance provides a framework for protecting individual privacy, accommodating organizational data stewardship requirements, and complying with laws and regulations while enabling efficient data exchange between organizations. The CODI governance model can be beneficial for large-scale projects involving multiple partners, as it provides a structure for decision-making and accountability that aligns all partners with common goals.
What is the process/pathway for implementing a CODI governance model?
The CODI governance model consists of the plan to make decisions together about data, technology, generated information, and partnerships using the CODI data model. Because each partner and data sharing partnership is unique, the governance process needs to be customized to fit the needs of the local implementation environment. A facilitator needs to be identified to guide the governance work and ensure all the steps are done. The governance process follows these general steps:
- Conduct a scan of the governance environment. In this step, identify the laws and policies that apply to the CODI implementation (federal and state laws) and policies of participating partners. For instance, many clinical organizations require a data use agreement for any dataset that is shared; this includes limited and deidentified datasets. The governance conversations should focus on how each organization sees data and how organizations share data with each other.
- Catalog the governance requirements. Using the CODI model and the information gathered through the governance scan, the requirements of the governance infrastructure (e.g., agreements, policies and procedures) can be cataloged and inform the governance design.
- Design the local network. This step identifies each organization and their implementation roles. For CODI, this includes determining which organizations will be the Data Coordinating Center, the Linkage Agent and the Data Partners as well as who will contribute data to the network as a Data Owner. Designing the network also includes defining basic processes within those implementation roles such as how a requestor may request data from CODI as well as the structure of data sharing agreements that will facilitate data sharing.
- Draft a CODI governance approach. The governance approach is a summary of how different entities will work together to exchange data in the CODI network. This document identifies the partners, the assumptions, the agreements, and how governance decisions will be made. It also includes relevant statutes—including Institutional Review Board, re-identification and small cell suppression— and defines the approved uses of CODI data.
- Convene a governance decision-making body. This should include representatives from each of the implementing partners. A representative from a backbone organization or an implementer should lead these sessions. This group will complete the following tasks:
- Develop and execute a data sharing agreement(s) that defines approved use(s) of CODI data and parameters of data exchange.
- Develop and document a process requestors will follow to request and receive data.
- Develop and document policies and procedures to address all additional network, participant, or user requirements.
- Draft and review agreements and policies. The governance decision-making body needs to ensure that each party reviews and signs the data sharing agreements and consortium agreements. This group should spend time reviewing the agreements and policies with each implementing partner.
- Sign and execute agreements. Once all parties have consensus on the agreements, agreements should be signed and executed.
- Transition to operation of the governance infrastructure. After all agreements are executed, governance should transition from implementation to an operational governance decision-making body.
What works best for CODI governance?
Establishing trust is essential for data sharing partnership as data sharing happens at the speed of trust. This may involve the active and consistent participation of public health leadership until trust is established.
Meeting people where they are: While large academic medical centers often have extensive experience with research-related data sharing, this is not always the case for community organizations. It is important to be patient and allow ample time for community organizations to understand the components and sequence of governance work related to data sharing.
Meeting regularly: Frequent meetings are critical for building relationships that foster trust for future collaboration between partners, especially those who have never shared data or worked together before. While it may be possible to complete some work through emails and less frequent meetings, meeting consistently allows the group to get to know each other and encourages candid dialogue.
Establishing common language: Early in the process, roles should be defined and agreements named. This will ensure that those newer to the governance space become familiar with the terms being used and achieve common understanding and consensus to clearly communicate how governance oversees data sharing.
Transparency and consistency: In order to earn credibility, adhering to established governance obligations and continually seeking ways to add value to the partnership is critical to the success of a data sharing process.
Governance with an existing network versus a brand-new network
In Colorado, organizers implemented CODI within an existing data sharing network and partnerships. For governance, CODI used an existing governance decision-making body and network policies, adding policies and a data sharing agreement only for CODI functions that were not covered by existing agreements and governance infrastructure. In North Carolina, CODI governance was built “from scratch” meaning that these organizations had not shared data or participated in a network like this before and more CODI governance infrastructure had to be built compared to Colorado. Because no governance decision-making body existed, a new one had to be convened. No data sharing policies or agreements existed between these partners, so more policies had to be developed. And, no preexisting relationships or trust was in place, meaning that more time and effort was required to cultivate relationships between partners. This also meant that partners were more cautious. The co-creation of governance and data sharing agreements and engaging in frequent meetings helped build trust and rapport between organizations.
- NC governance approach
- MCA—sample NC