Data Registry Agreement and Data Sharing Agreement

AUMC has the objective of providing medical care, conducting scientific research and providing training to (aspirant) care providers. To perform these important tasks, it is necessary that the AUMC processes personal (health) data of, among others, the patients, employees, students, course participants and business relations. Since May 25th of 2018 the privacy regulation, the General Data Protection Regulation (GDPR or in Dutch: AVG) applies. This is the privacy law that applies in all European member states.

In the context of research AUMC often cooperates with third parties or outsources work to third parties. In addition, it may occur that third parties will receive from and/or provide to researchers personal (health) data as a controller or a processor, or otherwise have access to the personal data for which AUMC is responsible. In such cases, according to the GDPR, AUMC is obliged to make the necessary contractual agreements with third parties, to guarantee that the personal (health) data is processed in accordance with the requirements of the GDPR. This also applies if the AUMC transfers data to or receives data from another party or shares personal data with a party outside the European Union. Read more about this in AUMC Privacy Policy and the Q&A on the intranet page on privacy and data-security from the AUMC Data Protection Officer.

Data Registry Agreements and Data Sharing Agreements
Legal Research Support (LRS) can support you with the review, drafting and negotiation of research related contracts where privacy may play an important role, such as: Data Sharing Agreements or other research related agreements in which privacy clauses need to be incorporated.

Please note that you have to seek advice from the department of 'Privacy & Informatiebeveiliging' before you submit your request to LRS.

Data Processor Agreements and Joint Controller Agreements
For the drafting and review of Data Processor Agreements and Joint Controller Agreement please contact the department of Privacy & Informatiebeveiliging (