What Is a Data Access Agreement


It is helpful to reflect on the interests of the organization as well as the interests of individual decision-makers such as program managers, agency managers, chief information security officers, etc.26 Think about what the organization needs to do: improve program management, increase efficiency, reduce costs, and help program participants. What can the research team produce for the data provider? This can be own data, documentation, code, a report, or a dashboard. Researchers should ask themselves what the unanswered questions and needs of the data provider are. Researchers may wonder if the data needed for the project has already been successfully shared by the data provider. In relevant cases, it may be useful to rely on a copy of the previous data use agreement provided by the organization or by researchers who have accessed data in the past.25 For a researcher, requesting access to data with a previous protocol is a strong position. If you are contacting an agency that has a defined process for data sharing, the researcher should review the process and forms and find out which office in the organization approves the applications. If requesting an unusual excerpt or contacting an organization that has never previously granted access to research results, researchers should find some examples of data sharing within their department or elsewhere to review the terms of their agreements. Data providers, on the other hand, may ask researchers for previous information on the performance of quantitative research projects. This could include their history of using administrative data or examples of their data management plans and approaches to handling sensitive data. This information can help the data provider determine whether the researcher is able to protect the data, deliver the results they offer, and whether they have been good partners in the past (or if they have been involved in data breaches). If the data is inaccessible due to a legal barrier, the researcher should find the section of the law or code that prohibits access and determine whether access would be allowed if the researcher is under contract with the agency or creates an expense for that organization. In cases where access has been authorized, the parties may consider discussing a mutually beneficial contractor relationship between the researcher and the data provider.

Alternatively, the researcher may determine whether a separate legal interpretation of the law or regulation would be appropriate, or whether the law actually prohibits access. Even if there are no legal obstacles, there can be political obstacles. This occurs when a written policy prevents access. The parties should consider whether it is possible to waive or modify the policy. National Governors Association, Improving Human Services Programs and Outcomes Through Shared Data This letter is aimed more at policymakers than practitioners and provides brief examples of how data sharing has helped states and their residents in Indiana, Kentucky, Maryland, Massachusetts, North Carolina, Pennsylvania, Rhode Island, South Carolina, Virginia and Washington. What are Data Use Agreements? Data Use Agreements (DUAs) – also known as data sharing agreements or data use licenses – are documents that describe what data is shared for what purpose, for how long, and what access restrictions or security protocols must be followed by the recipient of the data. Other contracts, such as non-disclosure agreements. B, can be used to ensure the confidentiality of discussions, information and sensitive data. Data Collaboration Contracts This collection contains DUAs for national and international government administrative data and private sector information.

The website also includes a guide that describes the forms of collaboration and explains how DUAs have been categorized according to who, what, when, where, why and how data sharing took place. Depending on the data provider, other forms of documentation may be used. Examples include Memoranda of Understanding (MOUs), Data Use Agreements, and Data Clearing-House Letters. These have different structures and levels of detail, but all of these tools provide the legal framework for access to the data, which the applicant can do with the data (e.g. B scope of study, restrictions on redistribution), security controls and restrictions on publication. The data requester must always prepare some form of documentation for data access, even if the data provider does not need it. Data includes information directly from administrative databases about program participants or clients, regardless of the extent to which it is processed, linked or contains identifiers. However, the data also refers to metadata about the system, files and content, as well as statistical information published about the project, e.B. descriptive statistics, coefficients or visualizations. A solid data usage contract covers all of this.

See the concepts of secure data and secure spending in the previous section on the relationship between the DUA and the five-security framework. Amy O`Hara is a research professor at the Massive Data Institute at Georgetown University`s McCourt School of Public Policy and director of the Federal Statistical Research Data Center in Georgetown. She also leads the Administrative Data Research Initiative at Georgetown, which improves secure and accountable access to data for research and evaluation. Previously, she was a senior executive at the U.S. Census Bureau, where she negotiated DUAs for federal, state, and local administrative data. His current research focuses on population measurement, data governance, and dataset linking. She holds a Ph.D. in Economics from the University of Notre Dame. Does the agency have a published process, predefined forms, or a template? If none exists, the researcher should try to get a successful sample application and pay attention to the details when making a new application.

Be sure to include the data provider`s processes and requirements, such as verification requirements .B. The researcher must communicate with the right decision-makers within the organization providing data about the project and the upcoming application. Note that administrators may support the idea of the project, but may not be aware that their data systems lack the data elements needed to complete the analysis. An administrator may not have a complete overview of the complexity of their systems and data structures, which can make it difficult, if not impossible, to identify or derive the data required for analysis without technical assistance. Similarly, significant data provider resources may be required to extract data from multiple systems and, if a longitudinal study is planned, from active and inactive memory. It is therefore important to consult the technical staff of the data provider for each request. Researchers must hire their Office of Sponsored Research, the IRB and sometimes the Office of the General Counsel. If you work in a foreign country, many parties may need translations (even if the researcher doesn`t). CMS Administrative Simplification: Covered Entity Guidance This clickable guide helps identify whether an organization or individual is a covered entity within the meaning of hipaA`s administrative simplification provisions. .