DUAs are often used when a researcher wishes to access limited archives or data sets that may contain identifiable information about individuals for the purpose of carrying out such projects. The IRB should be contacted when the use of archived protected health data falls within the definition of “research” in the IRB. Investigations directly related to personal identifier data may be permitted to use and/or disclose PPIs (for individual access rights to the PHI) or to discontinue hipa authorization (for large sample requests for which individual authorizations are not practical and where the requirement is in accordance with the specifications of the data protection policy). Application forms should look at the safeguards provided to protect the identity of individuals and assess the security of procedures for protecting these identities. Limited records may contain only the following identifiers: It is important for researchers to read the terms of an ADU before forwarding the draft contract to the UMBC Office of Sponsored Programs (OSP). It is the researcher`s responsibility to understand and monitor the conditions of the AEA and to use the data only for specific purposes. The PSO believes that a researcher who transmits an ASA to PSO has read these terms and agrees to abide by them, whether or not the researcher`s signature is required on the AEA itself. If a researcher signs such an agreement, they could be exposed to legal and financial risks. A researcher must not sign an ASA until the PSO is approved.
The page below contains useful information about people who manage different types of DUAs and other agreements at Stanford: ico.sites.stanford.edu/who-will-handle-my-agreement If they are looking for data containing personal identifiers but that do not fall within the IRB definition of the research mentioned above (for example. B other sponsored activities), the IRB would not be involved. However, the HIPPA privacy rule applies when researchers wish to obtain, create, use and/or disclose identifiable health information (see Health Information Privacy Rule – Research Use Purposes – Rule Application to Research Projects). OSP believes that the data owner has already been waived from HIPPA, as described in an agreement between UMBC and the data owner. A Data Use Contract (ACA) is a contractual document used for the transmission of non-public or restricted usage data. For example, records of government agencies, institutions or companies, information on student records and data from existing human researchers. In addition, covered companies such as Stanford must take all reasonable steps to remedy a beneficiary`s violation of the AEA. For example, if Stanford learns that the data it has provided to a recipient is being used in a way that is not authorized by the AEC, Stanford should work with the recipient to resolve this issue. If these efforts were not successful, Stanford would be required to terminate any further disclosure of PHI to the recipient, in accordance with the AEA, and to notify the Federal Office of Health and Human Services for Civil Rights. The process of developing, verifying and negotiating data use agreements depends on the data, the data source, the expected use and compliance with the Rutgers guidelines.
Defining authorized uses and disclosing the limited set of data; The Office of Corporate Contracts continues to recommend an AEA for studies with unidentified data, as there are still risks that we should face where possible.