When Would You Use A Data Use Agreement

DHHS has taken the position that the privacy of individuals with respect to PSR disclosed in a “limited record” can be adequately protected by a single DUA. Rutgers IPs are often required to sign DUAs as they are read and understood. Rutgers strongly recommends that its IPs read the DUAs carefully before signing. Not all DUAs are the same and it is very important that Rutgers IPs and key personnel understand and comply with the terms set out in the Agreement. A DUA must be completed before a limited file is used or shared with an institution or external party. The DUAs deal with important issues such as restrictions on the use of data, liability for damages resulting from the use of data, publication and data protection rights associated with the transmission of confidential or protected data. The DUA also guarantees that data users will use the data in accordance with applicable law (e.g., HIPAA, FERPA) and prevent inappropriate use of protected or confidential data that could cause harm to the investigator, university, or individuals whose data is part of the dataset. prohibit the recipient from further using or disclosing the information, except to the extent permitted by the Agreement or otherwise permitted by law; In addition, covered companies such as Stanford must take all reasonable steps to remedy a recipient`s violation of the DUA. For example, if Stanford learns that the data it has provided to a recipient is being used in a way that is not authorized under the DUA, Stanford should work with the recipient to resolve this issue. .

Tjip de Jong

Kijk ook eens naar