If the data is outside these problem areas, the data may be transmitted without the formal need for an agreement on the use of the data. However, if the IP wishes to use a data use agreement, we may use a number of safeguards. require recipients to ensure that all representatives (including subcontractors) to whom they transmit the information accept the same restrictions as those provided for in the agreement; and AEDs address important issues such as restrictions on data use, liability for damages resulting from data use, publication, and privacy rights related to the transmission of confidential or protected data. The DUA also ensures that data users comply with current legislation (e.g.B. HIPAA, FERPA) use and prevent the inappropriate use of protected or confidential data that may harm the investigator, university, or individuals whose data is part of the dataset. The Office of Enterprise Contracts always recommends a DUA for studies with anonymous data, because there are still risks that we should address as far as possible. No, the disclosure of “limited data sets” is not subject to hipC disclosure obligations. DHHS has taken the position that the protection of individuals` privacy with respect to PHI, which is disclosed in a “limited set of data”, can be properly protected by a SINGLE DUA. Rutger`s PIs are often required to sign DUAS as read and understood. Rutgers strongly recommends that its PIs read duaS thoroughly before signing. Not all DUAs are created equal and it is very important that Rutger`s PIs and Key Personnel understand and comply with the terms set out in the agreement.
DPE are often used when a researcher wishes to access restricted archives or records that may contain identifiable information about individuals to carry out such projects. The BRI should be contacted if the use of archived protected health data falls within the IRB`s definition of “research”. Searches that directly process data with personal identifiers may require HIPAA authorization for the use and/or disclosure of PHI (for individual IHP access permissions) or a waiver of HIPAA authorization (for large sample size requests for which individual permissions are not practical and the request complies with privacy rules). Application forms should address the safeguards in place to protect the identity of individuals and assess the security of procedures for protecting those identities. OSP is a campus signatory for research-based data use agreements. DUAS must be forwarded to OSP through Kuali Research for approval and final approval. OSP has the right to enter into contractual agreements, including DUAs, on behalf of UMBC to ensure compliance with appropriate rules and policies. Researchers do not have the right to negotiate or sign these agreements and cannot sign a DUA on behalf of UMBC.
AEDs should not be signed by faculty or university staff if no psO institutional authorization has been granted in this regard. .