The DSA is an agreement signed by nine Oklahoma state agencies which outlines the general terms and conditions for an exchange of data between state agencies or entities. It also includes a “Schedule A” form to outline the details of a specific data exchange or data exchange project. Use of the DSA provides a secure, streamlined method for sharing data among agencies.
Data Sharing Agreement FAQ
- Department of Human Services
- Department of Corrections
- Office of Juvenile Affairs
- Health Care Authority
- Commission on Children and Youth
- State Department of Health
- Department of Rehabilitation Services
- State Department of Education
- Department of Mental Health and Substance Abuse Services
To provide a more efficient and effective way for participating agencies to share data as authorized by Oklahoma or federal law and regulations.
The DSA process provides a streamlined way for participating agencies to share data, in accordance with state and federal laws, without undertaking a lengthy legal review process for each specific data exchange requested.
It is an incorporated attachment to the DSA, used to document and provide detail about a specific data sharing project or exchange. A completed form is subject to all of the applicable provisions of the full DSA. Copies of signed form are maintained by each participating agency with a copy sent to the firstname.lastname@example.org.
The “Deliver Interoperable Solution Components Utilizing Shared Services (DISCUSS)” Committee is an Oklahoma Health and Human Services (HHS) Cabinet level advisory body. DISCUSS is organized by the Secretary of Health and Human Services in collaboration and under the authority of the State of Oklahoma Chief Information Officer. The role of DISCUSS is to champion large IT and shared interoperability services efforts among Oklahoma HHS Cabinet agencies.
Goals of DISCUSS include:
- To assist OMES-IS by ensuring information technology initiatives are based on State and Agency business strategies and requirements;
- To collaboratively share resources for the development, purchase, and implementation of information technology products, services, and technology frameworks; and
- To review and provide direction for HHS IT and shared services projects.
DISCUSS provides direction and review for HHS IT shared services projects and provides a central repository for completed “Schedule A” forms.
The Schedule A form should be signed by authorized agency representatives for each participating agency that elects to exchange data under the terms of the DSA. Signers may include the agency IT strategist, data stewards, or a member of the agency’s legal team.
DSA partners who wish to share data should include information relating to their specific data sharing project or initiative. This may include:
- Purpose of the data exchange
- How the shared data can be used
- Agency names
- Points of contact for participating agencies
- Information being requested
- Data variables being exchanged
- Confidential/secured manner to transport data
- Manner of storing data
- Tracking of released data
- Termination of schedule and return of data if applicable
The participating agencies must retain the signed Schedule A, and provide a copy to Datagovernance@omes.ok.gov
The DSA or Schedule A may be modified at any time by written consent and may be terminated with a 30-day written notice by the terminating agency to the participating agencies.
The DSA does not modify existing data sharing agreements. However, Schedule A forms could be used to detail agreed upon changes, if so desired by the participating agencies.
Agencies may not divulge, disclose or communicate in any manner any data covered by the DSA to any third party without prior written consent of the other agencies participating in the DSA.
Whenever a determination has been made that any term of the DSA or related rule, procedure or policy are violated or reasonably appear to have been violated, the agency(ies) providing data must immediately suspend furnishing the data described in the associated DSA Schedule A form.
Immediate actions must be taken by the agency(ies) pursuant to 74 O.S. § 3113.1. In the event unencrypted personally identifiable information was acquired, or is reasonably believed to have been acquired, by an unauthorized person, the affected agency must immediately notify the owner or licensee in writing about the breach.
The DSA is not enforceable by law and does not attempt to provide modification of any laws or regulations. The DSA does not create any rights, and each agency is responsible for compliance with all applicable laws and regulations in the sharing of its own data.
There is no provision under the current DSA for additional partners to participate. However, other agencies are free to use the DSA as a template.
While the DSA does include some language commonly used in BAA or QSOA, such use may require a research data use agreement or Institutional Review Board.
No, because the Schedule A is an incorporated part of the overall agreement and is subject to all of the applicable provisions of the full DSA.
Contact the legal department of your state agency or of the participating agencies if you have questions about the implications of the DSA or to obtain a list of the current Points of Contact assigned to a DSA data exchange.