Research Data Use Agreements

Research Data Use Agreements govern access to and treatment of data provided by an outside organization to MIT for use in MIT research. Data may be unstructured or structured, but are not accompanied by a license agreement. Examples include the following:

  • Financial data
  • Healthcare data, including human patient data governed by the Health Insurance Portability and Accountability Act (HIPAA)
  • Economic data
  • Proprietary business information

Review the process for requesting and negotiating research data use agreements [Process flowchart]

Where to get help: To request a Research Data Use Agreement, go to the MIT NDA website and follow the instructions to complete the NDA/DUA questionnaire.

A Research Data Use Agreement is a contract between MIT and an organization that will be providing data or a database to MIT with restrictions upon its use. For example, personal financial and health data assembled by a data provider may need to be aggregated, de-identified, or otherwise disguised to obscure the identity of the person initially providing it. Some data also may be subject to statutory limitations in how it is stored, used, and discarded.

Research Data Use Agreements include terms governing:

  • The subject matter of the data to be provided
  • The allowed uses for the data
  • Who at MIT will receive the data
  • How long the data may be used, and how it must be returned, discarded, or destroyed after use
  • How the data may be analyzed
  • How the data must be aggregated and de-identified
  • A process to allow the data provider to preview publications before public disclosure, to identify any confidential information that has not been properly de-identified so that the author can remove or de-identify it appropriately
  • Statutory limitations on the use of the data, and penalties for violation of the laws governing its use The process for drafting, reviewing, and negotiating Data Use Agreements varies depending upon the data, data source, anticipated uses, and compliance with MIT policies.

What does OSP need to prepare a Data Use Agreement?

What is the process?

  1. The completed NDA questionnaire is automatically sent to the Assistant Contract Specialist on OSP’s Non-Federal Agreements Team, who then reviews the completed questionnaire and negotiates with the data provider to reach agreement on the Data Use Agreement.
  2. The agreement is signed by the other party and, for MIT, by an OSP Director.
  3. OSP then sends copies of the Data Use Agreement to the Principal Investigator (PI) who will use the data. In some cases, the data provider may require the people receiving the data to sign an acknowledgment that they have read and understood the agreement and what it requires of them.
  4. OSP then distributes the completed agreement to the PI and the data provider, and stores a copy of the agreement in OSP’s electronic archive.

How long will this take?

The length of time from when OSP receives a completed NDA questionnaire from the MIT requestor to when we sign a Data Use Agreement varies widely depending on the restrictions placed upon the data by the provider.

The Contract Administrator can update you on the progress of a Data Use Agreement that you have requested.

Where to get help: Contact the OSP Contract Administrator for your department/lab/center.