Privacy and (research) data contracts

AUMC has the objective of providing medical care, conducting scientific research and providing training to (aspirant) care providers. To perform these important tasks, it is necessary that the AUMC processes personal (health) data of, among others, the patients, employees, students, course participants and business relations. Since May 25th of 2018 the privacy regulation, the General Data Protection Regulation (GDPR or in Dutch: AVG) applies. This is the privacy law that applies in all European member states.

In the context of research AUMC often cooperates with third parties or outsources work to third parties. In addition, it may occur that third parties will receive from and/or provide to researchers personal (health) data as a controller or a processor, or otherwise have access to the personal data for which AUMC is responsible. In such cases, according to the GDPR, AUMC is obliged to make the necessary contractual agreements with third parties, to guarantee that the personal (health) data is processed in accordance with the requirements of the GDPR. This also applies if the AUMC transfers data to or receives data from another party or shares personal data with a party outside the European Union.

Read more about this in AUMC Privacy Policy and the Q&A on the intranet page on privacy and data-security from the AUMC Data Protection Officer.

Legal Research Support (LRS) can advise you on all privacy related aspects regarding your research. This includes the review, drafting and negotiation of research related contracts where privacy may play an important role, such as: Data Sharing Agreements and Data Processor Agreements or other research related agreements in which privacy clauses need to be incorporated.