DHA Home About DHA Human Resources Contact Us FOIA Site Map
Skip Navigation LinksDHA Home > Clinical Operations and Patient Care > TMA Privacy Office > DSAs > Types of Data Sharing Agreements (DSAs)
Infinite Menus, Copyright 2006, OpenCube Inc. All Rights Reserved.

Types of Agreements Related to Data Sharing

  • A Data Sharing Agreement (DSA) incorporating the approved Data Sharing Agreement Application (DSAA) is provided by the TRICARE Management Activity (TMA) Privacy and Civil Liberties Office (Privacy Office) to the Government Sponsor and the Applicant (identified as the Recipient in the executed DSA) only after a DSAA is approved.
  • The Privacy Office utilizes the DSAA to
    • Determine the type of data requested
    • Confirm compliance with federal and Department of Defense (DoD) regulatory requirements, including permissible uses and disclosures
    • Document the agreed upon responsibilities of the Government Sponsor and Applicant/Recipient
    • Provide the requestor with clear terms and conditions for approval

  • After the DSAA is approved, the Privacy Office will provide one of the following applicable agreements for execution:
    • DSA for De-identified Data
    • DSA for Personally Identifiable Information (PII) excluding Protected Health Information (PHI)
    • DSA for PHI
    • Data Use Agreement for a Limited Data Set

    Note: Contractors requesting to use and/or create PHI in support of a DoD initiative may need to have a Business Associate Agreement (BAA) incorporated into the current contract before the DSAA can be approved.

  • Interservice and Intragovernmental Agreements Memoranda of Agreement (MOA)/Memoranda of Understanding ( MOU)
  • MOUs and MOAs are neither created nor managed by the Privacy Office, however; the Privacy Office should be included in the coordination for review to ensure that the proposed use and/or disclosure of data is in compliance with applicable federal and DoD regulatory requirements.

  • Computer Matching Agreement (CMA)
  • A CMA is neither created nor managed by the Privacy Office, however; the Privacy Office should be included in the coordination for review to ensure that any proposed matching program is in compliance with the DoD Privacy Program (DoD 5400.11-R) in its implementation of the Privacy Act of 1974.

“On October 1, 2013, the Department of Defense established the Defense Health Agency (DHA) to manage the activities of the Military Health System. These activities include those previously managed by TRICARE Management Activity (TMA), which was disestablished on the same date. During the next several months, all TMA websites will change to reflect the new DHA. We appreciate your patience during this transition."
DoD Seal
7700 Arlington Boulevard, Suite 5101, Falls Church, VA 22042-5101
The appearance of hyperlinks to external Web sites does not constitute endorsement by the TRICARE Management Activity of these Web sites or the information, products or services contained therein. For other than authorized government activities, TRICARE Management Activity does not exercise any editorial control over the information you may find at other locations. Such links are provided consistent with the stated purpose of this DoD Web site. Accessibility/Section 508