Data Use Agreements

Data Use Agreements are crucial for protecting sensitive information and ensuring that data is used ethically and legally in research.

A Data Use Agreement (DUA) is a formal contract that specifies how data can b shared and used between parties. DUAs detail who can access the data, the purposes for which it can be used, and the measures that must be taken to protect it. DUAs are commonly used in research to ensure that data is handled responsibly and ethically.

A DUA does the following:

  • Specify what data is being shared, for what purpose, and for how long.
  • assign responsibilities to both the data provider and the recipient, ensuring proper use and protection of the data.
  • Outline who is allowed to use and receive the data.
  • Outline measures to protect the data from unauthorized access or breaches.
  • Include any access restrictions or security protocols that must be followed.
  • Ensure adherence to relevant regulations, such as the Health Insurance Portability and Accountability Act of 1996 (HIPAA).

Quick Links

iRIS
Workday Strategic Services (WSS)

No research data should be transferred from or received by Howard University without a fully executed Data Use Agreement in place.

Data Use Agreement Approval and Routing Process

Office of Regulatory Research Compliance (ORRC) review through iRIS

  1. The PI or an authorized study team member creates and completes an MTA Application in the iRiS electronic compliance platform for regulatory compliance review.

  2. The ORRC reviews the submission for completeness and accuracy. The ORRC reviews the submission to confirm that the corresponding protocol was approved and for concerns related to Export Control, Research Security, HIPPA, and other regulatory compliance checks. The PI is notified of any necessary corrections and is given the ability to retract and resubmit the Application.

  3. Basd on the sourceThe ORRC will work with a to Howard University Biosafety Officer reviews the submission for biosafety concerns. The PI is notified of any necessary corrections and is given the ability to retract and resubmit the Application.

  4. If the Application is approved by the ORRC, an approval letter is issued to the PI from iRIS. This letter must be included in the WSS submission.

Office of Procurement and Contracting (OPC) review through Workday Strategic Sourcing (WSS)

  1. The PI submits the DUA request in WSS for OPC review. The PI should attach the ORRC DUA Approval letter to this submission.

  2. OPC notifies the appropriate personnel and offices of the submission and grants them access to review it. These offices include:

    • Office of the General Counsel (OGC) for legal concerns
    • Office of Regulatory Research Compliance (ORRC) to verify regulatory compliance
    • Sponsored Program Office (SPO) for sponsored program funding concerns

Data Use Agreement Approval and Routing Process

Data Use Agreement Workflow Diagram