A Data Use Agreement (ACA) is a contractual document between a „data user“ (usually the UMBC reviewer requesting access to information) and the Data Set Source (the organization or institution that provides the data) and describes the provisions relating to the transfer of confidential, protected or restricted data. For example, records of government agencies or companies, information on student data, existing data on people in human research, and limited datasets. These agreements can be concluded between academic institutions, government agencies and/or businesses. DUAs can be categorized into two different categories depending on the type of data transferred: protected health information is data that goes „beyond what would be considered LDS“ – PHI data sharing requires a Business Association Agreement (BAA) if participants have not signed a HIPAA authorization to share data. A data use agreement (ACA) is set up between a provider institution and a recipient institution to document the transferred data. These include conditions relating to issues such as ownership, authorized use of data, publication of results, development of inventions, data disposal and liability. Establishing preconditions for data transmission avoids problems and misunderstandings after the research begins. The Office of Corporate Contracts continues to recommend an AEA for studies with unidentified data, as there are still risks that we should face where possible. Require the recipient to adopt appropriate security measures to prevent unauthorized use or disclosure that is not included in the agreement; Sometimes the transmission of data from one agency to another is dealt with as part of a broader agreement between the parties, such as an agreement.
B sub-price or contractual service agreement. The transmission of data in such a collaborative research project is often addressed in the study protocol or in the terms of the funding agreement. In these cases, a separate AEA is generally not required. However, an AAU is required for a data transfer without a funding agreement (subsidy, contract, sub-price, contractual service agreement, etc.) between the supplier and the recipient. A data usage agreement defines who is authorized to use and receive the LDS, as well as the authorized use and disclosure of that information by the recipient, and provides that the recipient does so: in addition, covered companies, such as Stanford, must take all reasonable steps to remedy a recipient`s violation of the DUA. For example, if Stanford learns that the data it has provided to a recipient is being used in a way that is not authorized by the AEC, Stanford should work with the recipient to resolve this issue.