A Data Transfer and Use Agreement (DTUA) is a legally binding contract used for the transfer of data that has been developed by nonprofit, government or private industry entity or ÃÛÌÇÖ±²¥ Boulder for data that is not public or is otherwise subject to restrictions on use.  Often, this data is a necessary component of a research project and may or may not be human subject data from a clinical trial, or a Limited Data Set as defined in HIPAA. ÌýÌý
DTUA terms specify how the recipient must access, handle, store, and dispose of the data upon completion of the project but permit appropriate publication and sharing of research results in accordance with ÃÛÌÇÖ±²¥ Boulder policies, applicable laws and regulations, and federal requirements. ÌýÌý
ÃÛÌÇÖ±²¥ Boulder is a state-related entity that receives a large proportion of its research funding from the U.S. federal government.  To ensure that DTUAs meet ÃÛÌÇÖ±²¥ Boulder policies as well as the requirements of funding agencies, OCG will review and sign DTUAs to ensure compliance with appropriate policies and regulations. ÌýÌý
ÃÛÌÇÖ±²¥ Boulder uses the Data Transfer and Use Agreement templates developed by the Federal Demonstration Partnership (FDP). The templates and other helpful resources are available at the .ÌýÌý
How to Initiate a Data Transfer and Use AgreementÌý
Contract Administrators in the Office of Contracts and Grants (OCG) are the authorized representatives on behalf of ÃÛÌÇÖ±²¥ Boulder for negotiation and execution of DTUAs that do not require a fee. Requests for both inbound and outbound no fee DTUAs are initiated through the DTUA Online Request Form.Ìý
DTUAs that require a payment by ÃÛÌÇÖ±²¥ Boulder are handled through the Ìý
Once the DTUA request is received, a Contract Administrator will perform due diligence of the request, as follows:Ìý
-
Conduct an initial review and thorough analysis of the request.Ìý
-
Correspond with the ÃÛÌÇÖ±²¥ Boulder Principal Investigator (PI), asking additional questions as needed to ensure comprehensive understanding of the necessity and needs of the contract.ÌýÌý
-
If necessary, the Contract Administrator will guide the PI to reach out for internal approvals required by the terms in the DTUA (often OIT and/or IRB).ÌýNote: PIs are responsible for coordinating with OIT for a data security plan and with the IRB, as applicable to the project.Ìý
-
Collaborate with Venture Partners at ÃÛÌÇÖ±²¥ Boulder, the Office of University Counsel, the Office of Research Integrity, the Office of Environmental Health & Safety, the Facilities Security Officer and other campus offices as necessary to ensure compliance with ÃÛÌÇÖ±²¥ Boulder policies.Ìý
-
Negotiate and correspond directly with the other party's contractual point of contact while copying the PI for transparency.Ìý
-
Coordinate execution once negotiations are final.Ìý
Note: The delegation of signature authority for DTUAs at ÃÛÌÇÖ±²¥ Boulder is held by OCG. PIs cannot sign DTUAs on behalf of ÃÛÌÇÖ±²¥ Boulder.Ìý