Skip to main content
Free access
June 09, 2014

Building a Rapid Learning Health Care System for Oncology: The Regulatory Framework of CancerLinQ

Publication: Journal of Clinical Oncology


Today is a time of unprecedented opportunity and challenge in health care generally and cancer care in particular. An explosion of scientific knowledge, the rapid introduction of new drugs and technologies, and the unprecedented escalation in the cost of health care challenge physicians to quickly assimilate new information and appropriately deploy new advances while also delivering efficient and high-quality care to a rapidly growing and aging patient population. At the same time, big data, with its potential to drive rapid understanding and innovation, promises to transform the health care industry, as it has many others already. CancerLinQ is an initiative of the American Society of Clinical Oncology (ASCO) and its Institute for Quality, developed to build on these opportunities and address these challenges by collecting information from the electronic health records of large numbers of patients with cancer. CancerLinQ is, first and foremost, a quality measurement and reporting system through which oncologists can harness the depth and power of their patients' clinical records and other data to improve the care they deliver. The development and deployment of CancerLinQ raises many important questions about the use of big data in health care. This article focuses on the US federal regulatory pathway by which CancerLinQ will accept patient records and the approach of ASCO toward stewardship of the information.


More than 1.6 million Americans are diagnosed with cancer each year. By 2030, the incidence of cancer will rise to 2.3 million cases per year, largely as a result of the aging of the US population and control of competing causes of mortality such as heart disease.1 Some 14 million people in the United States are cancer survivors, and that number will rise to 18 million by 2030.
These patients with cancer and cancer survivors have complex medical and psychosocial needs. Many are older and have other illnesses that complicate coordination of their cancer care, increase the risks of medical interventions, and limit their access to participation in clinical trials. As a consequence, we often have scant evidence to guide treatment recommendations for the older individuals who comprise the largest segment of the population affected by cancer. We frequently lack information on other identifiable subpopulations, including patients with other chronic illnesses and organ dysfunction. Clinical trials, by design, enroll relatively homogeneous patient populations, isolating the impact of experimental variables (new treatments) but typically excluding the heterogeneity that clinicians manage in day-to-day practice. This raises questions about the broad applicability of experimental results. CancerLinQ is designed to help close the gap between what can work and what does work.
Cancer treatment requires frequent interaction among multiple medical specialists. Communicating across different care settings, providers are challenged to coordinate care in an efficient and cost-effective fashion. Inefficiencies in health care delivery, unnecessary testing, excessive administrative costs, and high prices for innovative products are all acknowledged as key drivers of health care costs. These forces may be magnified in patients with cancer by many factors, including the multidisciplinary nature of cancer care, the high cost of many cancer drugs and other treatments, and the suboptimal use of hospice services near the end of life.
The management of patients with cancer is further complicated by the recent recognition that many apparently similar cancers actually vary greatly at the genomic level. This biologic heterogeneity gives rise to cancers that vary in clinical presentation and clinical course even when their histologic appearance is the same. Increasingly, oncology professionals are challenged to recognize the molecular subsets of common cancers, interpret results of complex molecular diagnostic tests, develop appropriate treatment plans, and deliver state-of-the-art care when clinical guidelines and clinical decision support services are either lacking or outdated.
Tumor heterogeneity also challenges our ability to develop new cancer treatments through traditional prospective clinical trials. As common tumors are divided into rare molecular subtypes, it is increasingly challenging to identify eligible patients and complete recruitment to clinical trials in a timely fashion. Rates of enrollment of adult patients with cancer onto clinical trials remain stagnant at no more than 3% to 5%. Drug development remains risky and inefficient, with the vast majority of agents that enter human testing failing to achieve approval for marketing. With more tumor types, more drugs, fewer eligible patients, and strained research budgets, it will no longer be possible to learn everything that still needs to be learned in cancer treatment through the conduct of conventional clinical trials.

The Learning Health Care System

These complexities and challenges call for new approaches to learning about cancer, disseminating new information, assessing the effectiveness of treatment, and monitoring the quality of care. An opportunity lies in the widespread adoption of electronic health records (EHRs) in medical practice. With the extraordinary computational power and data storage capacity now available and the rapid uptake of EHRs in the medical community, it will soon be feasible to learn from every encounter with every patient. Information technology vastly expands the knowledge that can inform medical decision making, drive innovation, and improve quality. As information technology has evolved, the medical community has begun to focus on the possibilities and benefits of harnessing electronic health care data during the delivery of routine clinical care. In September 2013, the Institute of Medicine (IOM) released a report entitled “Delivering High-Quality Cancer Care: Charting a New Course for a System in Crisis.”2 The report identifies six components of a cancer care delivery system that will be integral to achieving high-quality care for all patients with cancer: engaged patients and patient-centered communication; interprofessional cancer care teams integrated with noncancer care teams and caregivers; evidence-based care, including clinical trials and comparative-effectiveness research; a learning health information technology system for cancer; translation of evidence into clinical practice, quality measurement, and performance improvement; and affordable care accessible to all patients.
To bring about this new system, the IOM report recommends the development of a learning health care information technology system that enables real-time analysis of data from patients with cancer in a variety of care settings. This report complements a number of IOM publications over the past decade that have called for learning health care systems to improve the quality of health care and reduce its cost, notably a 2012 IOM report entitled “Best Care at Lower Cost: The Path to Continuously Learning Healthcare in America.”3

CancerLinQ: A Learning Intelligence Network for Quality

The American Society of Clinical Oncology (ASCO), a not-for-profit society of cancer professionals, has chosen to pursue creation of such a system for oncology: a physician-led initiative known as CancerLinQ. CancerLinQ is a data informatics system designed to monitor, coordinate, and improve the quality of care provided to patients with cancer through the collection, aggregation, and analysis of data extracted from the EHRs and practice management systems at participating oncology practices. Unlike registries that collect prespecified data elements from a defined cohort, CancerLinQ will collect the complete EHR of all patients in a participating practice. CancerLinQ will thus contain far more comprehensive information than most clinical data registries or claims data sets. CancerLinQ will rapidly analyze information and provide point-of-care assessments to physicians concerning the quality of their work and real-time clinical decision support to facilitate treatment planning for specific patients. Perhaps most importantly, observations made in the CancerLinQ data set will, if sufficiently robust, inform the revision of clinical practice guidelines and clinical decision support tools that will help physicians keep up to date in a rapidly changing medical environment. The system will learn from the experiences of millions of patients with cancer to help optimize the care of each patient.
Oncology practices and cancer institutions will decide if they wish to participate in CancerLinQ. As will be discussed here, federal laws do not require the consent of each individual patient. However, for CancerLinQ to be successful, physicians and their patients must understand and have confidence that the information in the system will be collected and held in compliance with prevailing laws and regulations and used responsibly to improve the quality of care and outcomes for patients. With this goal in mind, this article describes the data pathways in CancerLinQ, lays out the federal regulatory framework for aggregating and using patient information, discusses the data governance policies that will be in place, and briefly reviews comparable data models in other settings.

CancerLinQ Data Model

Participating practices will establish a link to CancerLinQ from their EHR systems and practice management systems to periodically transfer a range of information referred to here as collected data. Collected data will include provider and patient demographics, appointments, billing codes, patient visit/encounter details, medical history and physical examination, family and social histories, consult reports, surgery reports, pathology and laboratory data, and medication administration and prescription history. Through the use of natural language processing, CancerLinQ will also be able to collect and process information from clinician notes.
CancerLinQ will aggregate the collected data from all participating practices and use the aggregated data to provide a wide range of quality improvement, quality assurance, and care coordination services on behalf of the participating providers. These services include quality benchmarking, real-time clinical decision support, clinical trial indexing, and the generation of treatment plan summaries to share with patients. CancerLinQ will also convert the collected data into deidentified data sets and limited data sets, referred to here as redacted data. Redacted data will be used for a variety of purposes, including assessment of treatment effectiveness and safety in real-world populations, rapid development of new and updated clinical guidelines, drug safety monitoring, and assessment of patient outcomes after new treatments.
As depicted in Figure 1, CancerLinQ will consist of a series of databases that collect and store data at varying levels of identifiability. On entering the CancerLinQ system from the EHRs of participating practices, collected data will be aggregated and stored in a fully identifiable, raw format. The system will then process the collected data into a more standardized, usable format that retains the patient-identifiable health information. It is expected that collected data within CancerLinQ will be associated with a particular patient by reference to a master patient index, which allows for patient verification through triangulation of a specified minimum number of data fields.
Fig 1. CancerLinQ data model. Raw data are (1) collected as fully identifiable protected health information (PHI) from electronic health records, (2) cleaned, and (3, 4) progressively deidentified (de-ID). Cross-hatched area represents firewall that prevents persons conducting downstream activities using redacted data from accessing identifiable collected data.
Various individual identifiers will then be removed from the collected data to create redacted data. Redacted data sets will be longitudinal in nature. CancerLinQ will impose a robust firewall between the identifiable collected data and the redacted data so that persons conducting downstream activities using redacted data will not have access to the identifiable collected data. Table 1 summarizes the content of the various types of data sets created in CancerLinQ.
Table 1. Definitions of Protected Health Information, Limited Data Set, and Deidentified Data Set
Data SetKey Elements
PHIFully identifiable PHI data set will include full copy of data from EHR, including information from physician notes, which will be interpreted using natural language processing
Limited data setLimited data set will be full PHI data set, minus the following elements, as prescribed by HIPAA:
 Names, postal addresses (other than town/city, state, zip code), telephone numbers, fax numbers, e-mail addresses, Social Security numbers, medical record numbers, health plan beneficiary numbers, account numbers, vehicle identifiers and serial numbers, device identifiers and serial numbers, URLs, IP addresses, biometric identifiers, full-face photographic images
Deidentified data setDeidentified data set will be redacted in accordance with one of two methods provided for by HIPAA: (1) safe harbor method or (2) statistical opinion method
    Safe harbor methodDeidentified data set will be full PHI data set, minus all elements listed under limited data set plus the following:
        Geographic subdivisions smaller than state, except for initial three digits of zip code, if geographic unit formed by combining all zip codes with same three initial digits contains > 20,000 people
        All elements of dates directly related to individual, except for year, and all ages > 89 years (which may be aggregated into single category: age ≥ 90 years)
        Any other unique identifying number, characteristic, or code (except for HIPAA-compliant codes)
    Statistical opinion methodCancerLinQ may opt to determine which data elements are included in deidentified data set in consultation with statistical expert, who would provide expert opinion that (applying generally accepted statistical and scientific principles and methods for rendering information not individually identifiable) the risk is small that information included in data set could be used, alone or in combination with other reasonably available information, by anticipated recipient to identify individual who is subject of information
Abbreviations: EHR, electronic health record; HIPAA, Health Insurance Portability and Accountability Act; IP, Internet protocol; PHI, protected health information; URL, uniform resource locator.

Regulatory Framework for Privacy and Research

It is imperative that CancerLinQ maintain patient privacy and data security and assure the integrity of any secondary research. Standards in these areas are set out in federal health privacy and research protection regulations. In this section, we briefly examine the application of the Health Insurance Portability and Accountability Act (HIPAA) and the Common Rule to CancerLinQ.

HIPAA and Heath Privacy

HIPAA4 is a US law governing the privacy and security of individually identifiable health information (known in the HIPAA framework as protected health information [PHI]). Under HIPAA, a health care provider may use or disclose PHI only for certain health-related purposes; otherwise, he or she must obtain the patient's authorization. Under regulations implementing the privacy aspects of HIPAA (ie, the Privacy Rule),5 a health care provider may disclose PHI to a business associate for certain specified purposes—including health care operations—if the provider enters into a compliant business associate agreement (BAA) with the business associate. The business associate is permitted to use and disclose PHI on behalf of the provider as permitted by the terms of the BAA, as long as those uses and disclosures do not otherwise violate the Privacy Rule.6 A health care provider may also permit a third party to use and disclose a HIPAA limited data set by entering into a compliant data use agreement (DUA) with the third party.7 A limited data set is PHI that has all patient identifiers removed except dates and broad geographic information.8
The term health care operations encompasses a broad range of activities. Of particular relevance to CancerLinQ, it includes “quality assessment and improvement activities, including outcomes evaluation and development of clinical guidelines, provided that the obtaining of generalizable knowledge is not the primary purpose of any studies resulting from such activities” as well as “case management and care coordination, contacting health care providers and patients with information about treatment alternatives and related functions that do not include treatment.”9 The creation of limited data sets and deidentified data sets falls within health care operations.9 In contrast, the Privacy Rule defines research as “a systematic investigation, including research development, testing, and evaluation, designed to develop or contribute to generalizable knowledge.”9

CancerLinQ use of fully identifiable PHI under HIPAA.

CancerLinQ will enter into a BAA and a DUA with each participating practice. The BAA will permit CancerLinQ to aggregate PHI received from the participating practice with the PHI received from other practices and to use and disclose PHI for health care operations purposes, including the creation of redacted data.
All of the activities for which CancerLinQ will use the identifiable PHI in the first two databases depicted in Figure 1 constitute health care operations. The quality reports and benchmarking activities that CancerLinQ will provide to participating practices fit squarely within the definition of health care operations and are widely recognized as such. Likewise, the clinical decision support, clinical trial matching activities, and preparation of treatment plan and summary documents are properly considered case management and care coordination activities, encompassed within the definition of health care operations. For each of these services, the use and disclosure of PHI by CancerLinQ are initiated by a treating physician to assist in making treatment decisions about a particular patient; the queries will not be generalized or generic. Finally, the use of PHI to create limited data sets and deidentified data sets is a clearly defined health care operations activity. Because CancerLinQ will only use the identifiable PHI for health care operations, the practices are able to disclose PHI to CancerLinQ under the BAA without patient authorization.

CancerLinQ use of redacted data under HIPAA.

The BAA will permit CancerLinQ to create limited data sets and deidentified data. The DUA will permit CancerLinQ to use and disclose the limited data sets for health care operations, research, and public health activities. HIPAA does not regulate the use or disclosure of the deidentified data.
Together, these redacted data will be available for a range of additional CancerLinQ applications and reports, including the use of machine learning algorithms and artificial intelligence to discover trends, development of new and updated clinical care guidelines, analysis of off-label uses of drugs, drug safety monitoring, and data-based research studies. None of these activities will make use of the identifiable PHI. The firewall will prevent anyone with access to the redacted data for research purposes from having access to the fully identifiable source data, preserving the redacted nature of the data sets.
Because the fully identifiable PHI will be used exclusively for recognized health care operations activities and not research, HIPAA does not require patient authorization for the disclosure or collection of collected data in the CancerLinQ system. The anticipated future use of the redacted data sets for research purposes does not alter the character of the data collection or core CancerLinQ services as health care operations. Nonetheless, as described later in this article, in the interest of transparency, CancerLinQ will require some measure of patient notification on the part of participating practices.

The Common Rule

The CancerLinQ data model is also designed to address considerations under the Federal Policy for the Protection of Human Subjects (known as the Common Rule).10 Among other things, the Common Rule requires that persons who are subjects of federally funded research provide their informed consent to participate in the research.
Unlike HIPAA, the Common Rule does not regulate quality improvement or care coordination activities. The Common Rule is implicated only where an activity constitutes human subjects research. The definition of research for purposes of the Common Rule tracks the definition under HIPAA: “a systematic investigation, including research development, testing and evaluation, designed to develop or contribute to generalizable knowledge.”11 Likewise, a research activity only constitutes human subjects research if it involves “a living individual about whom an investigator … conducting research obtains (1) data through intervention or interaction with the individual, or (2) identifiable private information.”12
In the CancerLinQ system, the collection of identifiable private information is not performed by an investigator for research purposes. Rather, it is done by CancerLinQ for the purpose of providing a range of quality improvement and care coordination services to specific providers for specific patients. Any secondary research activities will be limited to use of the redacted data. Because the upfront collection of identifiable information is exclusively for quality improvement and care coordination purposes, the fact that there will be secondary research uses of the redacted data does not trigger the need for a human subjects research consent under the Common Rule for the upfront collection of data that is ordinarily collected in the course of routine clinical care.13

Institutional Review Board Review

In the interest of transparency and protection of patient privacy, CancerLinQ sought review of its activities from an independent institutional review board. A project proposal describing all of the components of CancerLinQ was submitted to an independent, accredited institutional review board (IRB) in October 2013. The IRB was specifically requested to confirm that (1) the upfront collection of identifiable patient information in CancerLinQ did not constitute research, and (2) the anticipation of some research-related uses of the redacted data Sets would not render the upstream data population of the CancerLinQ database a research activity. After review of the project proposal, the IRB issued a letter to CancerLinQ confirming that the project did not constitute research.
In the future, a researcher wishing to use redacted data will be responsible for consulting an IRB about the specific project. Although the outcome of IRB review depends on the specific project proposal, based on the experience of similar registries, it would be reasonable for an IRB to conclude that the Common Rule does not apply (or otherwise grant a waiver of patient research consent), because the redacted data are not identifiable to human subjects.13

CancerLinQ Stewardship and Data Governance

A framework for legal compliance is critical, but CancerLinQ also recognizes an ethical obligation to respect persons and prevent harm. CancerLinQ has adopted a set of guiding principles for enhancing and promoting the ethical management and use of CancerLinQ data. These principles, summarized in Table 2, are stewardship, protection, and transparency and accountability.
Table 2. Guiding Principles Underpinning CancerLinQ
    Stems from ethical duty to respect persons and to show consideration for all persons who might be affected by cancer
    Achieved through robust standards for collecting data that are accurate, valid, and useable for quality improvement purposes
    Encompasses application of ethical procedures for evaluating requests from researchers to use secondary redacted data; for commercial requests, requires careful consideration of balance between business necessity of commercializing knowledge and likelihood that proposed commercial use will improve health or health care systems
    Requires ongoing attention and willingness to adapt to changes in scientific, technologic, legal, and ethical standards upon which operational decisions are based
    Expresses ethical duty to prevent harm and risk to others, including patients and providers participating in CancerLinQ; special obligation to respect privacy and security of health data arises from collection of individual health information
    Supports development of strong security for data while permitting beneficial and authorized uses; data are maintained, accessed, and used in compliance with applicable law and with appropriate organizational oversight; data are protected against unauthorized access and misuse at every stage; standards are defined for secure collection and storage of data, response to potential security incidents, and remediation in event of deviation from standards
Transparency and accountability
    Arise from ethical duty to respect persons
    Accountability to patients, participating providers, other stakeholders, and public to achieve high standards for ethical management of data
    Transparency promotes trust and willingness of providers to participate in quality improvement activities, encourages patients to seek care from participating providers, and can speed development of science and technology from use of CancerLinQ
The guiding principles provide the foundation for a rigorous set of policies and procedures to govern the ways in which CancerLinQ data will be used and accessed. CancerLinQ will also set out criteria to fairly evaluate requests to use redacted data for secondary research purposes and to responsibly evaluate any requests to use fully deidentified data sets for business informatics and other data reports. Review criteria will assess the potential of the activity to improve health care systems and services, to advance science, and to improve health equity. Criteria will be developed and applied by a data governance oversight committee composed of volunteer stakeholders and experts.
As a regulated business associate under HIPAA, CancerLinQ will have administrative, physical, and technical safeguards to protect against unauthorized access to PHI. CancerLinQ and its technology vendors will have extensive policies and procedures to minimize the potential for a security breach and to guide the use of PHI as permitted in the BAA and DUA. CancerLinQ has a privacy and security officer to oversee implementation of HIPAA policies and procedures.
Transparency will be accomplished in several ways, most importantly by disclosing to patients that their physicians are participating in CancerLinQ as a quality improvement program and that their EHRs will be provided to CancerLinQ for quality assurance and care coordination purposes. CancerLinQ will also post its data governance policies on a public Web site and will publish regular reports about the use and impact of CancerLinQ data.

Clinical Data Registries and Secondary Uses of Health Information

Other clinical data registries have adopted a regulatory and ethical framework similar to that of CancerLinQ. In general, these registries receive patient information for nonresearch uses such as quality improvement, treatment, reimbursement, and public health. Information may be redacted and then made available for research and other downstream uses.
The Surveillance, Epidemiology, and End Results (SEER)–Medicare database brings together two extensive population-based sources of cancer information. The SEER program of the National Cancer Institute has compiled extensive clinical, demographic, and cause-of-death information about people with cancer.14 The Medicare program of the Centers for Medicare and Medicaid Services has claims data on clinical care provided to Medicare beneficiaries with cancer. The linked SEER-Medicare database is available to outside investigators and has been used for a variety of health services and epidemiologic research projects.15 Patients do not consent to the inclusion of their clinical or demographic information in the SEER-Medicare database. The SEER data were initially gathered for public health reasons, whereas the Medicare data were gathered in the course of treatment and reimbursement.
The SEER-Medicare database is a HIPAA limited data set. Most patient and provider identifiers have been removed, but certain geographic information and dates remain. Researchers are not given direct access to the SEER-Medicare data. Rather, a researcher submits an application describing the proposed research. The project must be reviewed by an IRB and given a waiver of patient informed consent. The project is reviewed by the National Cancer Institute with the goal of maintaining patient and provider confidentiality. If the application is approved, the researcher must sign a data use agreement before receiving a data set tailored to the research question. Researchers may not use the entire database.16
The American Association of Neurological Surgeons (AANS) has created the National Neurosurgery Quality and Outcomes Database (N2QOD) to promote quality improvement through the collection of clinical data about neurosurgery procedures.13 Participating neurosurgery sites submit clinical information to N2QOD, which works with the Vanderbilt Institute for Medicine and Public Health to analyze deidentified data sets for quality reporting and benchmarking. Patient identifiers are retained to allow longitudinal analysis and linkage to other data sets. Aggregate, redacted N2QOD information may be used in future research projects. AANS regards the systematic collection of information in N2QOD as a nonresearch, clinical quality improvement activity that is exempt from IRB review and does not require patient informed consent.13
In 2011, AANS engaged in dialogue with representatives of the US Department of Health and Human Services about the regulatory analysis applicable to N2QOD. The Office of Human Research Protection (OHRP) ultimately confirmed in writing that the N2QOD participating sites would not be considered to be participating in research when they released identifiable patient information gathered in the course of clinical care. OHRP further confirmed that N2QOD itself is not engaging in research when it provides quality measurement reports to participating sites, including reporting aggregate, deidentified information. Downstream researchers using redacted N2QOD information would not be engaged in human subjects research requiring patient consent (even if the work were federally funded), because N2QOD would not be identifiable to individuals. If N2QOD itself were federally funded, the use of identifiable information to create quality benchmarks would be subject to the Common Rule, but a waiver of patient consent by a single IRB would be appropriate.13
With respect to HIPAA, the Office of Civil Rights did not provide written advice to AANS, but it did provide verbal guidance that supported the N2QOD structure: a health care provider may disclose PHI without patient authorization to a registry under a BAA for quality assurance activities, which are part of health care operations.13 Once inside N2QOD, PHI is protected from unauthorized use and disclosure under the HIPAA rules. Because the primary purpose of N2QOD is quality assurance, patient authorization is not required for secondary research uses of the PHI. Where the BAA allows the registry to create deidentified data sets, the deidentified information is not subject to HIPAA.
Mini-Sentinel is a pilot project of the US Food and Drug Administration (FDA) that will help the FDA meet a legislative mandate to deploy a comprehensive, data-based safety monitoring (surveillance) system for FDA-regulated products.17 Mini-Sentinel is being carried out by a consortium of health care providers, insurers, and research institutions. Mini-Sentinel is a distributed data model, where identifiable information remains with the participating clinical organizations. A central coordinating center submits queries to the participating organizations, which provide the responsive data. Where possible, the data will be deidentified, or direct patient identifiers will be removed, but some PHI may be furnished. Health providers disclose PHI in Mini-Sentinel for the purpose of public health activities, not research, and therefore are not required to obtain patient authorization. HIPAA privacy and security protections do apply to PHI within Mini-Sentinel. OHRP has determined that the collection and use of patient information to answer safety questions via Mini-Sentinel does not constitute research subject to the Common Rule, so IRB review and patient consent are not required.18
McGraw and Leiter19 examined the secondary use of electronic clinical data in nine ongoing multisite projects across the United States. Their analysis revealed that diverse big data initiatives are able to successfully contribute to patient safety, innovation, and the development of efficient, high-value health systems under the prevailing regulatory structures—but that stakeholder input into governance documents, responsible data governance bodies, rigorous privacy protection, and reliance on deidentified information where possible are key factors that enable such projects to be conducted with broad support.
In one recent study of more than 3,000 adults recruited from the general public, willingness to share EHRs was rated moderately high: 6.82 on a 10-point scale.20 The proposed use of the data, more than the proposed user, was the factor that most affected individuals' willingness to share their health records. Interestingly, respondents reported less support for quality improvement than for research uses. This study was undertaken in clinically healthy adults recruited from the general population. Whether similar attitudes will prevail among patients with cancer is a question that will be addressed in a separate research project being developed by the ASCO Ethics Committee.


ASCO leadership believes that observations made in big data sets will be useful and important to medical care in the coming years and has therefore committed considerable resources to the development and successful launch of CancerLinQ. A robust external advisory structure has been put in place to guide this development. Key stakeholders have been engaged to help understand the value proposition for CancerLinQ as a quality improvement program. Policies and procedures dealing with the essential elements of data quality, data security, and data access are being written. The regulatory framework for privacy and research protection has been carefully considered. As a HIPAA business associate, CancerLinQ will be subject to stringent requirements for data privacy and security.
Ultimately, the success of CancerLinQ will depend to a great extent on the confidence of patients that their health care records are being appropriately used for the improvement of their health care and the care of others and for discovery of new knowledge. With the development of CancerLinQ, ASCO embraces this opportunity to improve the outcomes and quality of life of all patients with cancer.

Authors' Disclosures of Potential Conflicts of Interest

Although all authors completed the disclosure declaration, the following author(s) and/or an author's immediate family member(s) indicated a financial or other interest that is relevant to the subject matter under consideration in this article. Certain relationships marked with a “U” are those for which no compensation was received; those relationships marked with a “C” were compensated. For a detailed description of the disclosure categories, or for more information about ASCO's conflict of interest policy, please refer to the Author Disclosure Declaration and the Disclosures of Potential Conflicts of Interest section in Information for Contributors.
Employment or Leadership Position: None Consultant or Advisory Role: None Stock Ownership: Peter Paul Yu, IBM Honoraria: None Research Funding: None Expert Testimony: None Patents, Royalties, and Licenses: None Other Remuneration: None


BD Smith, GL Smith, A Hurria, etal: Future of cancer incidence in the United States: Burdens upon an aging, changing nation J Clin Oncol 27: 2758– 2765,2009
Delivering high-quality cancer care: Charting a new course for a system in crisis Institute of Medicine
Best care at lower cost: The path to continuously learning healthcare in America Institute of Medicine
Health Insurance Portability and Accountability Act of 1996, 42 U.S.C. 1320D-6
45 C.F.R. § 164.500-534
45 C.F.R. § 164.502(a)(3)
45 C.F.R. § 164.514(e)(1)
45 C.F.R. § 164.514(e)(2)
45 C.F.R. § 164.501 (2013), pp 1039, 1041
45 C.F.R. § 46.101, et seq
45 C.F.R. § 46.102(d) (2013), p 130
45 C.F.R. § 46.102(f) (2013), p 131
AL Asher, MJ McGirt, SD Glassman, etal: Regulatory considerations for prospective patient care registries: Lessons learned from the National Neurosurgery Quality and Outcomes Database Neurosurg Focus 34: E5,2013
Surveillance, Epidemiology, and End Results Program National Cancer Institute
Applied Research, Cancer Control and Population Sciences: SEER-Medicare—Brief description of the SEER-Medicare database National Cancer Institute
SEER-Medicare: Overview of the process for obtaining data National Cancer Institute
K Rosati, B Evans, D McGraw: HIPAA and Common Rule compliance in the Mini-Sentinel pilot
D McGraw, AB Leiter: Pathways to success for multi-site clinical data research
D Grande, N Mitra, A Shah, etal: Public preferences about secondary uses of electronic health information JAMA Intern Med 173: 1798– 1806,2013

Information & Authors


Published In

Journal of Clinical Oncology
Pages: 2373 - 2379
PubMed: 24912897


Published online: June 09, 2014
Published in print: August 01, 2014


Request permissions for this article.



Richard L. Schilsky [email protected]
Richard L. Schilsky, Dina L. Michels, Peter Paul Yu (president elect), and Clifford A. Hudis (president), American Society of Clinical Oncology, Alexandria, VA; Amy H. Kearbey, McDermott Will & Emery, Washington, DC; Peter Paul Yu, Palo Alto Medical Foundation, Palo Alto, CA; and Clifford A. Hudis, Memorial Sloan Kettering Cancer Center, New York, NY.
Dina L. Michels
Richard L. Schilsky, Dina L. Michels, Peter Paul Yu (president elect), and Clifford A. Hudis (president), American Society of Clinical Oncology, Alexandria, VA; Amy H. Kearbey, McDermott Will & Emery, Washington, DC; Peter Paul Yu, Palo Alto Medical Foundation, Palo Alto, CA; and Clifford A. Hudis, Memorial Sloan Kettering Cancer Center, New York, NY.
Amy H. Kearbey
Richard L. Schilsky, Dina L. Michels, Peter Paul Yu (president elect), and Clifford A. Hudis (president), American Society of Clinical Oncology, Alexandria, VA; Amy H. Kearbey, McDermott Will & Emery, Washington, DC; Peter Paul Yu, Palo Alto Medical Foundation, Palo Alto, CA; and Clifford A. Hudis, Memorial Sloan Kettering Cancer Center, New York, NY.
Peter Paul Yu
Richard L. Schilsky, Dina L. Michels, Peter Paul Yu (president elect), and Clifford A. Hudis (president), American Society of Clinical Oncology, Alexandria, VA; Amy H. Kearbey, McDermott Will & Emery, Washington, DC; Peter Paul Yu, Palo Alto Medical Foundation, Palo Alto, CA; and Clifford A. Hudis, Memorial Sloan Kettering Cancer Center, New York, NY.
Clifford A. Hudis
Richard L. Schilsky, Dina L. Michels, Peter Paul Yu (president elect), and Clifford A. Hudis (president), American Society of Clinical Oncology, Alexandria, VA; Amy H. Kearbey, McDermott Will & Emery, Washington, DC; Peter Paul Yu, Palo Alto Medical Foundation, Palo Alto, CA; and Clifford A. Hudis, Memorial Sloan Kettering Cancer Center, New York, NY.


Corresponding author: Richard L. Schilsky, MD, FACP, FASCO, American Society of Clinical Oncology, 2318 Mill Rd, Suite 800, Alexandria, VA 22314; e-mail: [email protected].

Author Contributions

Conception and design: All authors
Administrative support: Richard L. Schilsky
Collection and assembly of data: Richard L. Schilsky, Dina L. Michels, Amy H. Kearbey
Data analysis and interpretation: Clifford A. Hudis
Manuscript writing: All authors
Final approval of manuscript: All authors


Authors' disclosures of potential conflicts of interest and author contributions are found at the end of this article.

Metrics & Citations




Article Citation

Download Citation

If you have the appropriate software installed, you can download article citation data to the citation manager of your choice. Simply select your manager software from the list below and click Download.

For more information or tips please see 'Downloading to a citation manager' in the Help menu.


Download article citation data for:
Richard L. Schilsky, Dina L. Michels, Amy H. Kearbey, Peter Paul Yu, Clifford A. Hudis
Journal of Clinical Oncology 2014 32:22, 2373-2379

View Options

View options


View PDF

Get Access

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Personal login Institutional Login

Purchase Options

Purchase this article to get full access to it.

Purchase this Article


Subscribe to this Journal
Renew Your Subscription
Become a Member







Share article link