National Syndromic Surveillance Program
Supporting Statement Section A
OMB Control Number 0920-0824
July 8, 2022
Program Contact
Umed A. Ajani
Associate Director for Science, Division of Health Informatics and Surveillance
Center for Surveillance, Epidemiology and Laboratory Services
Centers for Disease Control and Prevention
Phone: 404-498-0258
E-mail: UAjani@cdc.gov
National Syndromic Surveillance Program - Request for Revision
Table of Contents
Section
A. Justification
Circumstances Making the Collection of Information Necessary
Purpose and Use of the Information Collection
Use of Improved Information Technology and Burden Reduction
Efforts to Identify Duplication and Use of Similar Information
Impact on Small Businesses or Other Small Entities
Consequences of Collecting the Information Less Frequently
Special Circumstances Relating to the Guidelines of 5 CFR 1320.5
Comments in Response to the Federal Register Notice and Efforts to Consult Outside the Agency
Explanation of Any Payment or Gift to Respondents
Protection of the Privacy and Confidentiality of Information Provided by Respondents
Institutional Review Board (IRB) and Justification for Sensitive Questions
Estimates of Annualized Burden Hours and Costs
Estimates of Other Total Annual Cost Burden to Respondents and Record Keepers
Annualized Cost to the Federal Government
Explanation for Program Changes or Adjustments
Plans for Tabulation and Publication and Project Time Schedule
Reason(s) Display of OMB Expiration Date is Inappropriate
Exceptions to Certification for Paperwork Reduction Act Submissions
Exhibits
Exhibit 12-A Estimates of Annualized Burden Hours
Exhibit 12-B Estimates of Annualized Burden Costs
Exhibit 14-A Estimated Annualized Cost to the Government
Attachments
1. Authorizing Legislation: Public Health Service Act and Pandemic and All-Hazards Preparedness Act
2a. 60-day Federal Register Notice (FRN)
2b. Public Comment
3. NSSP Security Letter
4. NSSP Onboarding Screenshot
5. NSSP Registration Screenshot
6. NSSP Data Sharing Permissions Screenshot
7. NSSP Privacy Impact Assessment (PIA)
8. NSSP Research Determination
9. BioSense Platform Access and Management Center OMB Expiration Date Screenshot
A. Justification
|
A1. Circumstances Making the Collection of Information Necessary
CDC requests a three-year approval for a Revision for the National Syndromic Surveillance Program (NSSP), OMB Control No. 0920-0824, Expiration Date 07/31/2022. This Revision includes a request for approval to continue to receive onboarding data from state, local and territorial public health departments about healthcare facilities in their jurisdictions, registration data about users, and information about data sharing permissions with CDC.
Background
Syndromic surveillance uses syndromic data and statistical tools to detect, monitor, and characterize unusual activity for further public health investigation or response. Syndromic data include patient encounter data from emergency departments, urgent care, ambulatory care, and inpatient healthcare settings, as well as pharmacy and laboratory data. Though these data are being captured for different purposes, they are monitored in near real-time as potential indicators of an event, a disease, or an outbreak of public health significance. On the national level, these data are used to improve nationwide situational awareness and enhance responsiveness to hazardous events and disease outbreaks to protect America’s health, safety, and security. Public health practitioners use various surveillance systems and data sources in combination with syndromic data to enhance their understanding of events. Other data sources that provide context may include school and business absentee data, poison control reports, and even social media data that may present an emergent picture of public health events.
The National Syndromic Surveillance Program (NSSP) promotes and advances development of a syndromic surveillance system for the timely exchange of syndromic data. NSSP features the BioSense Platform and a collaborative Community of Practice (CoP). The NSSP provides syndromic surveillance practitioners access to and use of the cloud-based BioSense Platform, a secure integrated electronic public health information system with standardized analytic tools and processes. These tools enable users to rapidly collect, evaluate, share, and store syndromic surveillance data. NSSP promotes a CoP in which participants collaborate to advance the science and practice of syndromic surveillance. Participants include states and jurisdictions that contribute data to the BioSense Platform, public health practitioners who use local syndromic surveillance systems, CDC programs, other federal agencies, partner organizations, hospitals, healthcare professionals, and academic institutions.
National syndromic surveillance practice began when Congress passed the Public Health Security and Bioterrorism Preparedness and Response Act of 2002, which required specific information collection activities related to bioterrorism preparedness and response. This congressional mandate outlined the need for protecting the overall public’s health through an integrated system for electronic surveillance. The Department of Health and Human Services (HHS) outlined strategies aimed at achieving this goal via the Public Health IT Initiative leading to creation of the BioSense Program in 2003. Authorities for this activity were from the Public Health Service Act (42 U.S.C. 241, 247b and 247d-4), as amended by the Pandemic and All-Hazards Preparedness Act (PAHPA), Public Law No. 109-417, and the Pandemic and All-Hazards Preparedness Reauthorization Act (PAHPRA) Public Law No. 113-5 (Attachment 1).
The original BioSense Program (BioSense 1.0) was intended to serve as a national level public health syndromic surveillance system for early detection and rapid assessment of potential bioterrorism-related illness and injury. This was to be done by collecting and analyzing, in near real time, health care data submitted to CDC from a variety of sources by means of automated electronic health record messaging systems. BioSense 1.0 became operational in December 2003 within the CDC Emergency Operations Center (EOC). BioSense 1.0 initially received health care data from the Departments of Defense (DoD) and Veteran’s Affairs (VA). Data sources were eventually expanded to include pharmacy, laboratory and over-the-counter drug sales data from national vendors and infectious disease data from sentinel sites. The scope of the surveillance was also expanded to include detecting and monitoring a broader set of syndromes of public health importance (e.g., injuries, certain chronic diseases, and infectious diseases such as influenza). CDC gave 49 state health departments access to the system. CDC also sought to integrate syndromic surveillance services and results with broader biosurveillance initiatives underway across the federal government. To accomplish this, CDC data analysts interacted closely with the EOC, the HHS Secretary’s Operations Center, the Department of Homeland Security National Biosurveillance Integration Center, and other federal partners.
In 2009, CDC began planning and developing the computing cloud-based BioSense 2.0 Application. This cloud-based application would offer secure storage space for data from each state and local health department. A key additional feature was its data sharing capacity. This would enable state and local health departments, CDC, the VA, DoD, and other users to share de-identified data, analytic tools, and services on the BioSense 2.0 Application. The data sharing capability allowed state and local health departments to choose to share within their health department, with other health departments, with CDC, or with any combination of these choices. These multi-tiered interactions and knowledge exchanges within the Application’s common operational environment would strengthen regional and national situational awareness based on improved access to local, state, and federal surveillance data. On October 13, 2009, CDC received a three-year approval (OMB Control Number 0920-0824) for an existing information collection that had been in use without an OMB control number to collect data for recruitment of data sources and access to the BioSense 2.0 Application. CDC subsequently received a three-year approval on November 5, 2012 for a revision to 0920-0824 to collect: (1) information needed for recruitment of participating jurisdictions to BioSense 2.0 each year; (2) the one-time collection of information to provide access to the BioSense 2.0 Application to all appropriate users in participating jurisdictions and organizations, and (3) the collection of already existing healthcare encounter data.
CDC initiated the CDC Surveillance Strategy in 2014 after HHS published new guidance on Meaningful Use of Electronic Health Records for syndromic surveillance. During this time, the BioSense Enhancement Initiative (BEI), was launched. The BEI built on successes of the past and implemented a number of improvements to the BioSense Program. These improvements included expanding the number of state and local health departments participating in the program; enhancing data sharing and data quality control capabilities; and improving tools for data analysis, visualization, and querying. As the CDC Surveillance Strategy was implemented, the BioSense Program evolved into NSSP to better recognize the public health purpose of the program (syndromic surveillance) and to distinguish the program name from the BioSense Platform, a cloud-based computing infrastructure which includes various tools and services and is the core component of NSSP’s integrated, nationwide system for public health syndromic surveillance. The BioSense Platform no longer includes the BioSense 2.0 Application which was decommissioned in January 2017.
Prior to 2018, the Association of State and Territorial Health Officials (ASTHO) was funded through a cooperative agreement with CDC to support the BioSense Platform. Per the agreement, ASTHO provided the cloud-based computing infrastructure for the BioSense Platform through a contract with Amazon Web Services. In addition, ASTHO developed data use agreements with state and local health departments. This meant CDC no longer developed agreements with hospitals to directly submit their data to CDC. Instead, state and local public health departments developed such agreements with hospitals. In this way, hospital emergency department data were submitted to each public health jurisdiction’s secure data storage space on the BioSense Platform either by means of health information exchanges within the jurisdictions or directly by the hospitals. Jurisdictions then shared specific types of their data with CDC, DoD, other state and local health department representatives, and other users. CDC currently contracts with Amazon Web Services to provide the cloud-based computing infrastructure and the state and local health departments hold data use agreements directly with CDC instead of with ASTHO.
A2. Purpose and Use of the Information Collection
NSSP features the BioSense Platform and a collaborative CoP. The BioSense Platform is a secure integrated electronic public health information system that CDC provides, primarily for use by state, local and territorial public health departments. It includes standardized analytic tools and processes that enable users to rapidly collect, evaluate, share, and store syndromic surveillance data. NSSP promotes a CoP in which participants collaborate to advance the science and practice of syndromic surveillance. Health departments use the BioSense Platform to receive healthcare data from facilities in their jurisdiction, conduct syndromic surveillance, and share the data with other jurisdictions and CDC.
The BioSense Platform provides the ability to analyze healthcare encounter data from EHRs, as well as laboratory data. All EHR and laboratory data reside outside of CDC in a cloud-enabled, web-based platform that has Authorization to Operate from CDC since it has been through the CDC’s Security Assessment and Authorization (SA&A) process (Attachment 3). The BioSense Platform sits in the secure, private Government Cloud which is used as a storage and processing mechanism, as opposed to on-site servers at CDC. This environment provides users with easily managed on-demand access to a shared pool of configurable computing resources such as networks, servers, software, tools, storage, and services, with limited need for additional IT support. Each site (i.e., state, local, or territorial public health department) controls its data within the cloud and is provided with free secure data storage space with tools for posting, receiving, controlling and analyzing their data; an easy-to-use data display dashboard; and a shared environment where users can collaborate and advance public health surveillance practice. Each site is responsible for creating its own data use agreements with the facilities that are sending the data, retains ownership of any data it contributes and can share data with CDC or users from other sites.
The respondent population consists of all state, local, and territorial public health departments in the United States. Currently, there are 70 sites (state, local, and territorial public health departments) participating which is an increase from 58 in the previous Revision. NSSP has three different types of information collection:
(1) Collection of onboarding data about healthcare facilities needed for state, local, and territorial public health departments to submit EHR data to the BioSense Platform.
(2) Collection of registration data needed to allow users access to the BioSense Platform tools and services.
(3) Collection of data sharing permissions so that state and local health departments can share data with other state and local health departments and CDC.
Healthcare data in the platform incude: EHR data received by state, local, and territorial public health departments from facilities including hospital emergency departments and inpatient settings, urgent care, and ambulatory care; laboratory tests ordered and their results from a national private sector laboratory company; mortality data from state vital records and vital statistics offices; and EHR data from the Department of Defense (DoD) and the Department of Health and Human Services (HHS) National Disaster Medical System (NDMS) Disaster Medical Assistance Teams (DMATs).
Onboarding data about healthcare facilities are used to help state, local, and territorial public health departments with submitting electronic health record data to the BioSense Platform. Registration data are used to provide users access to the BioSense Platform. Data sharing permissions are set by jurisdictions so that they can share data with other state, local, and territorial health departments and with CDC.
A3. Use of Improved Information Technology and Burden Reduction
Site Administrators send onboarding data and registration data to CDC and set data sharing permissions through modules on the BioSense Platform Access Management Center (AMC), (Attachments 4, 5 and 6). Site Administrators spend minimal time and resources to onboard sites, register users, and set data sharing permissions. This use of information technology including batch loading reduces burden on Site Administrators and facilitates rapid processing.
4. Efforts to Identify Duplication and Use of Similar Information
Onboarding data, registration data, and data sharing permissions must be collected directly from the Site Administrator and would not be available from another source.
A5. Impact on Small Businesses or Other Small Entities
The collection of onboarding, registration and data sharing permissions does not involve small businesses or other small entities.
A6. Consequences of Collecting the Information Less Frequently
Onboarding, registration, and data sharing permissions requires only a one-time collection of information. There are no recurring burdens on the user for these activities. There are no legal obstacles to reducing the burden.
A7. Special Circumstances Relating to the Guidelines of 5 CFR 1320.5
This request fully complies with the regulation 5 CFR 1320.5.
A8. Comments in Response to the Federal Register Notice and Efforts to Consult Outside the Agency
A.
A 60-day Federal Register Notice was published in the Federal Register on May 6, 2022, vol. 87, No. 88, pp. 27149-27151 (Attachment 2a). One non-substantive comment (Attachment 2b) was received and the standard CDC response was sent.
B.
CDC funds the Council of State and Territorial Epidemiologists (CSTE) through a cooperative agreement to facilitate the NSSP CoP (https://nsspcommunityofpractice.org/join-participate-and-get-involved/). The NSSP CoP is the primary group of experts outside the agency with which CDC consults with.
A9. Explanation of Any Payment or Gift to Respondents
No payment or gift is provided to respondents who provide information during the recruitment of state and local public health departments, the registration of users for access to the BioSense Platform, or the provision of healthcare data to NSSP.
A10. Protection of the Privacy and Confidentiality of Information Provided by Respondents
As concluded by the CDC Chief Privacy Officer in Office of the Chief Information Security Officer (OCISO), the Privacy Act applies; the Privacy Impact Assessment (PIA) is dated July 15, 2021 (Attachment 7).
The System of Records Notice (SORN) is 09-20-0136, Epidemiologic Studies and Surveillance of Disease Problems. The data collected are in electronic format and are secured on a cloud-enabled, Web-based platform that is in compliance with the Federal Information Security Management Act (FISMA). The BioSense Platform has been through the S&A process performed by CDC security personnel (Attachment 3). All information collected for NSSP is treated in a secure manner and will not be disclosed, unless otherwise compelled by law.
A11. Institutional Review Board (IRB) and Justification for Sensitive Questions
Institutional Review Board (IRB) review and approval is not necessary for NSSP, because its surveillance activities are conducted solely to provide national public health situation awareness and are considered public health practice, not research (Attachment 8).
There are no questions of a sensitive nature asked in the collection of information for onboarding, registration, or data sharing permissions.
A12. Estimates of Annualized Burden Hours and Costs
Respondents include state, local, and territorial public health departments. There are no costs to respondents other than their time to participate. The only burden incurred by the health departments are for submitting onboarding data about facilities to CDC, submitting registration data about users to CDC, and setting up data sharing permissions with CDC.
Onboarding
CDC staff participating in onboarding estimate a burden of 10/60 hours per site per facility. Potential future participants include the 2 states that are not currently participating at the state level (Colorado and Oklahoma), 4 of the 5 US territories that do not currently participate, 50 of the 58 counties in California that do not currently participate, and other counties in the US. Given that a site can be a state, local, or territorial health department, there is 1 territorial public health department currently participating, and California participates on a county-by-county basis, we anticipate that 20 new sites may onboard up to 100 facilities each year over the next three years. The burden estimate changed from the estimate in the previous ICR because more sites are expected to be onboarded in the next 3 years than in the previous 3 years.
Registration
CDC staff with Site Administration privileges estimate that Site Administrators take 10/60 hours to register one user using the BioSense Platform AMC. Up 60 Site Administrators are needed to accommodate 60 new sites over the next 3 years. Based on the history of the program, the ability for 60 new Site Administrators to register up to 100 users each year for a total of 2000 users per year over the next 3 years is expected. The burden estimate changed from the estimate in the previous ICR because more sites are expected to be onboarded in the next 3 years than in the previous 3 years. Since each site needs a Site Administrator, more Site Administrators are expected to be added in the next 3 years than in the previous 3 years.
Data Sharing Permissions
Sites using the BioSense Platform have the option to share healthcare data in the shared space on the BioSense Platform by accessing the module in the BioSense Platform AMC. Site Administrators can choose with whom to share data and at what level of aggregation from a series of drop-down lists. CDC staff with Site Administrator privileges estimates that it takes 15/60 hours for Site Administrators to set data sharing permissions with CDC. The burden estimate changed from the estimate in the previous ICR because more Site Administrators are expected to be added in the next 3 years than in the previous 3 years.
A.12-A. Estimates of Annualized Burden Hours
Type of Respondents |
Form Name |
Number of Respondents |
Number of Responses per Respondent |
Average Burden per Response (in hours) |
Total Burden (in hours) |
State, Local, and Territorial Public Health Departments |
Onboarding Information Collection |
20 |
100 |
10/60 |
333 |
State, Local, and Territorial Public Health Departments |
Registration Information Collection |
20 |
100 |
10/60 |
333 |
State, Local, and Territorial Public Health Departments |
Data Sharing Permissions |
20 |
1 |
15/60 |
5 |
Total |
|
|
|
|
671 |
According to the U.S. Department of Labor, Bureau of Labor Statistics, Occupational Employment Statistics, May 2021 National Occupational Employment and Wage Estimates (http://www.bls.gov/oes/current/oes_nat.htm), the mean hourly wage for Epidemiologists is $41.70. This rate is used as the hourly wage rate for respondents for onboarding, registration, and data sharing permissions because it represents the category of occupation most likely held by the respondents (Site Administrators).
A.12-B. Estimates of Annualized Cost Burden
Type of Respondents |
Form Name |
Number of Respondents |
Number of Responses per Respondent |
Average Burden Per Response (in hours) |
Total Burden Hours |
Hourly Wage Rate |
Respondent Costs |
State, Local, and Territorial Public Health Departments |
Onboarding Information Collection |
20 |
100 |
10/60 |
333 |
$41.70 |
$13,886.10 |
State, Local, and Territorial Public Health Departments |
Registration Information Collection |
20 |
100 |
10/60 |
333 |
$41.70 |
$13,886.10 |
State, Local, and Territorial Public Health Departments |
Data Sharing Permissions |
20 |
1 |
15/60 |
5 |
$41.70 |
$208.50 |
Total |
|
|
|
|
|
|
$27,980.70 |
A13. Estimates of Other Total Annual Cost Burden to Respondents and Record Keepers
There are no costs to respondents other than their time.
A14. Annualized Cost to the Federal Government
The total cost covered by the maximum 3-year term for OMB clearance will be $96.6M. The annualized cost of $32.2M shown below was estimated by including the known and projected contract costs for FY 2022-2024, the known and projected value of cooperative agreements for the same time period, and the known and projected salaries and benefits.
A.14-A. Estimates of Annualized Cost Burden
Item |
Estimated Cost to Federal Government |
Contracts |
$20.7M |
Cooperative Agreements |
$6.7M |
FTE Salaries and Benefits |
$4.9M |
Total Annualized Cost |
$32.2M |
A15. Explanation for Program Changes or Adjustments
The burden estimate increased from 195 hours in the previous ICR to 671 hours in the current ICR because more sites are expected to be onboarded in the next 3 years than in the previous 3 years and more Site Administrators are expected to be added in the next 3 years than in the previous 3 years.
A16. Plans for Tabulation and Publication and Project Time Schedule
Onboarding data, registration data, and data sharing permissions are not reported or published.
A17. Reason(s) Display of OMB Expiration Date is Inappropriate
The OMB control number and expiration date are displayed on the BioSense Platform AMC (Attachment 9).
A18. Exception to Certification for Paperwork Reduction Act Submissions
There are no exceptions to the certification.
File Type | application/vnd.openxmlformats-officedocument.wordprocessingml.document |
File Modified | 0000-00-00 |
File Created | 2022-07-25 |