DHA Home About DHA Human Resources Conferences TRICARE Contacts Feedback Site Map
 
Infinite Menus, Copyright 2006, OpenCube Inc. All Rights Reserved.

Applicant Role

The Applicant is the individual who will have primary oversight and responsibility for handling the data requested in a Data Sharing Agreement Application (DSAA). For contract-driven requests involving subcontractors, the Applicant must be an employee of the prime contractor.

For projects with more than one prime contractor, a DSAA must be completed for each prime contracting organization that will have custody of the requested data. Once a DSAA is approved, the Applicant becomes a Recipient in an executed Data Sharing Agreement (DSA).

Applicant/Recipient Responsibilities:

  • Agree to and execute a DSA once the DSAA is approved by the TRICARE Management Activity (TMA) Privacy and Civil Liberties Office (Privacy Office)
  • Provide and maintain accurate and complete responses to the DSAA and submit the applicable renewal request or extension request template to the Privacy Office:
  • When a change is required to an executed DSA (which incorporates an approved DSAA), submit the DSA – Modification Request template to the Privacy Office
  • Maintain current contact information with the Privacy Office and, if necessary, complete a DSA – Change of Applicant/Recipient template within 15 days of the Applicant/Recipient transition
  • Safeguard the integrity of the data received and comply with all applicable standards for protecting its privacy and security
  • In the event of any actual or possible loss of control, unauthorized disclosure, or unauthorized access of personal information where persons other than authorized users gain access or potential access to such information for an other than authorized purpose where one or more individuals will be adversely affected (breach), follow TMA breach reporting and notification requirements as outlined on the Privacy Office’s Breach Response page at http://www.tricare.mil/tma/privacy/breach.aspx
  • Adhere to Business Associate Agreement (BAA) requirements, when applicable
  • Submit a completed and signed DSA – Certification of Data Disposition to the Privacy Office within 30 days of the expiration of the DSA or the completion of the project (whichever comes first) certifying that the data have been appropriately destroyed


“On October 1, 2013, the Department of Defense established the Defense Health Agency (DHA) to manage the activities of the Military Health System. These activities include those previously managed by TRICARE Management Activity (TMA), which was disestablished on the same date. During the next several months, all TMA websites will change to reflect the new DHA. We appreciate your patience during this transition."
DoD Seal
7700 Arlington Boulevard, Suite 5101, Falls Church, VA 22042-5101
The appearance of hyperlinks to external Web sites does not constitute endorsement by the TRICARE Management Activity of these Web sites or the information, products or services contained therein. For other than authorized government activities, TRICARE Management Activity does not exercise any editorial control over the information you may find at other locations. Such links are provided consistent with the stated purpose of this DoD Web site. Accessibility/Section 508