Data Collection

This guide explains how healthcare providers submit de-identified patient data to the MenoTime platform. The data collection process is designed to ensure HIPAA compliance while capturing comprehensive clinical information about menopause.

Data Collection Overview

MenoTime collects de-identified clinical data through multiple channels:

1. Single Patient Entry: Submit one patient record via the API
2. Batch CSV Upload: Upload multiple patients in a single file
3. Provider Web Form: Submit data through the MenoTime portal
4. EHR Integration: Automated import from compatible Electronic Health Records

All data is de-identified at the point of submission according to HIPAA Safe Harbor standards.

De-identification Standards

HIPAA Safe Harbor Requirements

MenoTime implements HIPAA Safe Harbor de-identification, which removes 18 categories of identifiers:

Identifier	Removal Method
Names	Removed completely
Geographic location	Aggregated to 6 regions
Dates (except year)	Day/month removed, year optional
Phone numbers	Removed completely
Email addresses	Removed completely
Social Security numbers	Removed completely
Medical record numbers	Removed completely
Account numbers	Removed completely
Certificate/license numbers	Removed completely
Vehicle identifiers	Removed completely
URLs	Removed completely
IP addresses	Removed completely
Biometric identifiers	Removed completely
Photographs	Not collected
Any other unique identifier	Removed completely

De-identified Data Example

Original Data (IDENTIFIED):

Patient Name: Jane Doe
Date of Birth: 1971-06-15
Address: 123 Main St, Boston, MA 02101
Phone: 617-555-0123
MRN: 98765432

De-identified Data (STORED):

age_years: 52
age_months: 8
region: "northeast"
patient_id: "pat_a1b2c3d4e5f6"
(no name, address, phone, or MRN)

Provider Form Submission

Healthcare providers can submit patient data through the MenoTime web portal without requiring API integration.

Access the Provider Portal

1. Navigate to https://portal.menotime.timelessbiotech.com
2. Log in with your provider credentials
3. Click "New Patient" or "New Visit"
4. Complete the form with de-identified patient information
5. Submit and receive confirmation

Required Information

Patient Demographics (required for new patients): - Age (years and months) - Race - Ethnicity - Geographic region - Menopause status

Visit Information (required for visits): - Visit date - Visit type - Any available clinical findings

Optional Information: - BMI, smoking status, medical history - Hormone biomarkers and symptom assessments - Current medications and lifestyle factors - Provider notes

The form validates all fields in real-time and provides clear error messages for invalid data.

Batch CSV Upload

Upload multiple patient records simultaneously via CSV file.

CSV Format

Prepare a CSV file with the following columns:

age_years,age_months,race,ethnicity,region,menopause_status,bmi,smoker,hypertension,diabetes,family_history_breast_cancer,notes
52,0,caucasian,non_hispanic,northeast,perimenopause,26.5,false,false,false,false,"Initial patient intake"
48,6,african_american,non_hispanic,southeast,perimenopause,28.3,true,true,false,true,"Follow-up visit"
55,3,asian,non_hispanic,west,postmenopause,23.1,false,false,true,false,"Annual checkup"
45,9,hispanic,hispanic,southwest,premenopause,24.8,false,false,false,false,"Preventive screening"

CSV Column Reference

Column	Data Type	Required	Allowed Values
age_years	integer	Yes	18-120
age_months	integer	No	0-11
race	string	Yes	caucasian, african_american, asian, hispanic, native_american, pacific_islander, other, unknown
ethnicity	string	Yes	hispanic, non_hispanic, unknown
region	string	Yes	northeast, southeast, midwest, southwest, west, pacific
menopause_status	string	Yes	premenopause, perimenopause, postmenopause, unknown
bmi	number	No	10-60
smoker	boolean	No	true, false
hypertension	boolean	No	true, false
diabetes	boolean	No	true, false
family_history_breast_cancer	boolean	No	true, false
notes	string	No	0-500 characters

Upload Endpoint

Endpoint: POST /patients/batch

Authentication: Required (provider, admin role)

Request (Multipart Form Data)

curl -X POST https://api.menotime.timelessbiotech.com/v1/patients/batch \
  -H "Authorization: Bearer {access_token}" \
  -F "file=@patients.csv"

Response (202 Accepted)

{
  "status": "success",
  "data": {
    "batch_id": "batch_m1n2o3p4q5r6",
    "file_name": "patients.csv",
    "total_records": 100,
    "processing": true,
    "created_at": "2024-02-15T14:30:00Z"
  },
  "message": "Batch processing started. Check status with batch_id."
}

Monitor Batch Processing

Endpoint: GET /patients/batch/{batch_id}

Response

{
  "status": "success",
  "data": {
    "batch_id": "batch_m1n2o3p4q5r6",
    "file_name": "patients.csv",
    "total_records": 100,
    "processed": 100,
    "successful": 98,
    "failed": 2,
    "processing": false,
    "completed_at": "2024-02-15T14:35:00Z",
    "errors": [
      {
        "row": 15,
        "error": "Invalid age_years value: 180. Must be 18-120."
      },
      {
        "row": 47,
        "error": "Missing required field: region"
      }
    ]
  }
}

Best Practices for Batch Uploads

1. Validate locally first: Check your CSV for common errors before uploading
2. Use consistent formatting: Ensure all enum values match exactly (case-sensitive)
3. Handle large files: Break files >10,000 rows into multiple uploads
4. Monitor progress: Check batch status before processing the same data again
5. Review errors: Fix any validation errors and retry with corrected data

Data Validation Rules

Patient De-identification Validation

Before submission, the API validates that data is properly de-identified:

• No direct identifiers: Names, addresses, phone numbers, medical record numbers
• No quasi-identifiers with full precision: Exact dates of birth, full ZIP codes
• No biometric data: Fingerprints, photographs, recordings
• Geographic generalization: Only broad regions, not specific locations

Age Validation

age_years: Must be 18-120
age_months: Must be 0-11 when provided
Combined age must be reasonable (not 150 years old)

Race/Ethnicity Validation

race must be one of:
  - caucasian
  - african_american
  - asian
  - hispanic
  - native_american
  - pacific_islander
  - other
  - unknown

ethnicity must be one of:
  - hispanic
  - non_hispanic
  - unknown

Geographic Region Validation

region must be one of:
  - northeast (CT, ME, MA, NH, RI, VT, NJ, NY, PA)
  - southeast (DE, FL, GA, KY, MD, NC, SC, VA, WV, AL, AR, LA, MS, TN)
  - midwest (IL, IN, MI, OH, WI, IA, KS, MN, MO, NE, ND, SD)
  - southwest (OK, TX, AZ, NM)
  - west (CO, ID, MT, NV, UT, WY)
  - pacific (AK, CA, HI, OR, WA)

Menopause Status Validation

menopause_status must be one of:
  - premenopause (regular menstrual cycles)
  - perimenopause (irregular cycles, approaching menopause)
  - postmenopause (no menstrual cycles for 12+ months)
  - unknown (status not confirmed)

BMI Validation

If provided, BMI must be between 10 and 60 kg/m².

Valid: 18.5, 25.0, 32.1, 40.5
Invalid: 150 (unrealistic)
Invalid: 5 (below physiological range)

Boolean Fields

Valid: true, false, "true", "false" (case-insensitive in CSV)
Invalid: yes, no, 1, 0, True, False

Provider Form Validation

Real-time Field Validation

The provider form validates as you type:

Field	Validation
Age (years)	Must be 18-120, numeric
Age (months)	Must be 0-11, numeric
Race	Must select from dropdown
Ethnicity	Must select from dropdown
Region	Must select from dropdown
Menopause Status	Must select from dropdown
BMI	Must be 10-60, numeric, 1 decimal place
Visit Date	Must not be in future, valid date format

Form Error Display

Invalid fields are highlighted in red with error messages:

Age must be between 18 and 120
Region is required
BMI must be between 10 and 60
Visit date cannot be in the future

HIPAA Safe Harbor Compliance

Compliance Checklist

Before submitting data, ensure:

• [ ] No patient names or nicknames included
• [ ] No full dates of birth (only age year/month acceptable)
• [ ] No street addresses (region only)
• [ ] No phone numbers or email addresses
• [ ] No medical record numbers or account numbers
• [ ] No social security numbers or driver license numbers
• [ ] No unique biometric identifiers or photographs
• [ ] No unique identifiers that could re-identify patient
• [ ] Geographic location limited to broad regions only

De-identification Verification

Submit a test record with all identifying information removed:

Example - BEFORE De-identification:

{
  "name": "Jane Doe",
  "date_of_birth": "1971-06-15",
  "address": "123 Main St, Boston, MA 02101",
  "mrn": "98765432"
}

Example - AFTER De-identification (HIPAA Safe Harbor):

{
  "age_years": 52,
  "age_months": 8,
  "region": "northeast"
}

Audit Trail

All data submissions are logged for compliance:

• Submission timestamp
• Provider who submitted data
• Number of records submitted
• Any validation errors or warnings
• Data retention period (10 years for HIPAA compliance)

Error Handling for Invalid Data

Validation Error Response

If data fails validation, the API returns detailed error information:

{
  "status": "error",
  "code": "VALIDATION_ERROR",
  "message": "Data validation failed",
  "details": [
    {
      "field": "age_years",
      "row": 15,
      "value": "180",
      "error": "Age must be between 18 and 120"
    },
    {
      "field": "race",
      "row": 20,
      "value": "mixed",
      "error": "Invalid value. Must be one of: caucasian, african_american, asian, hispanic, native_american, pacific_islander, other, unknown"
    },
    {
      "field": "menopause_status",
      "row": 25,
      "error": "Required field missing"
    }
  ]
}

De-identification Validation Error

If data contains potential identifiers:

{
  "status": "error",
  "code": "DE_IDENTIFICATION_ERROR",
  "message": "Data contains potential identifiers",
  "details": [
    {
      "field": "notes",
      "warning": "Text contains possible name: 'Jane Doe'"
    },
    {
      "field": "region",
      "warning": "Cannot accept exact ZIP code. Use broad region only."
    }
  ]
}

Handling Errors

1. Review error details for specific field names and row numbers
2. Correct data locally
3. Resubmit the corrected data
4. For batch uploads, you can resubmit only the corrected rows

Data Retention Policy

• Raw submitted data: Retained for 10 years (HIPAA requirement)
• Audit logs: Retained for 10 years
• Error logs: Retained for 6 years
• Batch processing logs: Retained for 1 year

Privacy and Security

Data Transmission

• All data transmitted over HTTPS with TLS 1.2+
• Data encrypted in transit and at rest
• HTTPS required for all API endpoints

Access Control

• Authentication required for all data submission endpoints
• Role-based access control (providers can only access their own submissions)
• Audit logging of all data access

Data Minimization

• Collect only necessary de-identified data
• No collection of identifiable information
• Minimal data retention periods
• Annual compliance reviews

Support

For questions about data collection and HIPAA compliance:

• Data Collection Help: data-support@timelessbiotech.com
• HIPAA Compliance: hipaa-compliance@timelessbiotech.com
• Technical Support: api-support@timelessbiotech.com

Additional Resources

• HIPAA De-identification Standard (45 CFR 164.502(b))
• HHS Safe Harbor De-identification Method
• NIST Guide to De-identification