Skip Navigation

Defense Health Agency

"On October 1, 2013, the Department of Defense established the Defense Health Agency (DHA) to manage the activities of the Military Health System. These activities include those previously managed by TRICARE Management Activity (TMA), which was disestablished on the same date. During the next several months, all TMA websites will change to reflect the new DHA. We appreciate your patience during this transition."


Data Sharing Agreement Application (DSAA)
Submit a DSAA when requesting data from systems that are owned and/or managed by TRICARE Management Activity (TMA). The DSAA replaces all previous versions of both the Data Use Agreement (DUA) request template for personally identifiable information (PII), protected health information (PHI), and/or limited data set (LDS) data as well as the De-identified Files (DIF) DSA template.

Data Request Templates
Attach a Data Request Template (DRT) for each system indicated in Section 6 of the DSAA. Choose from the DRTs listed below. The DSAA request will be considered incomplete without the required attachment(s).

System Security Verification (SSV)
Submit when data obtained through a DSAA will be stored, transmitted, processed, or otherwise maintained on an information system that has not been granted a Department of Defense (DoD) Authorization to Operate (ATO) or an Interim Authorization to Operate (IATO).

  • If you are renewing your executed DSA and previously submitted an SSV, you will also need to have the SSV renewed. Please include a copy of the SSV Renewal Template with your DSA Renewal Request.

DSA – Change of Government Sponsor
Submit within 15 days of a Government Sponsor transition to the list the new Sponsor in the executed DSA.

DSA – Change of Applicant/Recipient
Submit within 15 days of an Applicant/Recipient transition to the list the new Applicant/Recipient in the executed DSA.

DSA – Modification Request
Submit to request modification of an executed DSA.

DSA – Extension Request
Submit to request a 30 day extension of an executed DSA.

DSA – Renewal Request
Submit to request the renewal of an executed DSA.

DSA – Certification of Data Disposition (CDD)
Submit to the Privacy Office within 30 days of expiration of the DSA (unless a request to renew the DSA will be submitted) or the end of the project, whichever comes first, to certify that the data used in connection with the executed DSA was appropriately disposed.