Data privacy agreements (DPAs) are agreements that focus on protecting the privacy rights of individuals whose personal data is collected and used by researchers. It is similar to a data use agreement in that it often contains provisions on data security and confidentiality.
When to Use a DPA
A DPA is best deployed when there is a human subject behind the data being collected or exchanged. When organizations collect user information from an app or participant information in a study, the data is subject to privacy laws. Things that are not generally covered by a DUA include:
- Informed consent by the individual.
- Compliance with General Data Protection Regulation (GDPR) or similar privacy laws.
- Participant rights to access or correct their data.
Requesting a DPA
We work with you to establish what kind of data use or privacy agreement will meet your objectives. If a DPA has been requested by an outside party, get in touch with us to start a review. Signatures on DPAs must be from an authorized UO official and are coordinated through Industry, Innovation, and Translation.