Data Use Agreement Best Practices

The researcher should periodically check the contractual conditions to ensure that the necessary data are accessible and that the project can be completed to the extent and schedule indicated. Where the researcher sees a need for additional data elements, extension or wider scope, he or she should endeavour to amend the agreement. Since such changes are frequent, the data provider may consider developing a model. AEDs are legally binding contracts between GW and another party that provide for the transfer of data from the provider organization to the recipient organization. These agreements can also be called data transfer agreements or data exchange agreements. Safe projects have governance measures on the scope and sensitivity of projects, with review and approval processes involving institutional audit committees (II) or ethics committees. Data providers must use guidelines, screening and training to determine who are safe individuals and may require membership in an educational or public benefit organization, proof of research competence (e.g. B scholarships received, cv) and citizenship or mandate in the country concerned. Secure settings and data relate to the researcher`s interface and work environment and can limit what an analyst can see, what an analyst can do, the analyst`s IT environment, and the analyst`s physical location (see also the chapter on physical security). Secure data and spending protects the privacy of data subjects by reducing the risk of re-identification, both during access and after publication. This protection is provided by methods of limiting statistical disclosure such as rounding, aggregation and oppression (concealing clear observations in tables, illustrations or maps) or formal protection of mathematical data (see chapters on methods of preventing disclosure and differential privacy).

Data security is the responsibility of all participants in the research project. Steps and procedures to ensure data security should be discussed, planned and implemented prior to the start of the project. If you have help with data security questions, contact your school`s IT, GW IT Security Office or research Technology Services. You can help you develop workflows and plans for the security of your data. If you need help identifying who you can contact, contact Data Services Librarians and we`ll help you navigate their options. The graph below shows some of the riskiest staff practices that can lead to privacy breaches: Does the Agency have a published process, predefined forms, or a template? If there is none, the researcher should try to get an example of a successful application and pay attention to detail when formulating a new application. Be sure to include the data provider`s processes and requirements, for example. B verification requirements.

At a high level, a DUA should address the five vaults. it should contain the data uses envisaged to define the safe project; the conditions of access to data and handling for a safe environment; and the terms of publication and release of expenses for safe expenses. AEDs are essential to define acceptable uses of data, links and topics of analysis. Agreements can also define roles and responsibilities for the data provider and researchers (definition of safe persons) and cover secure data, containing a list of data elements and any reporting or disposition requirements. There are many permutations to such restrictions.20 When using the data, the researcher should keep in mind that this is a contractual agreement and an opportunity to build trust between the parties. Cooperation with the data provider to understand the data will help establish this relationship. . . .