Delibera del Direttore Generale n. 1 del 09-01-2023
AZIENDA OSPEDALIERO UNIVERSITARIA XXXXX
Delibera del Direttore Generale n. 1 del 09-01-2023
Proposta n. 1195 del 2022
Oggetto: AUTORIZZAZIONE ALLA STIPULAZIONE DELL’ACCORDO DI RISERVATEZZA CON L’EUROPEAN CLINICAL RESEARCH INFRASTRUCTURE NETWORK-EUROPEAN RESEARCH INFRASTRUCTURE CONSORTIUM (ECRIN-XXXX) PER POSSIBILE FUTURA COLLABORAZIONE DEL MEYER CHILDREN’S RESEARCH INSTITUTE IN UN PROGETTO DI RICERCA CLINICA
Dirigente: XXXXXXXX XXXXXXXX
Struttura Dirigente: RESP. MEYER CHILDREN'S RESEARCH INSTITUTE
Delibera del Direttore Generale n. 1 firmata digitalmente il 09-01-2023
AZIENDA OSPEDALIERO UNIVERSITARIA XXXXX
(Art. 33 L.R.T. 24 febbraio 2005 n. 40)
I.R.C.C.S. Istituto di Ricovero e Cura a Carattere Scientifico (Decreto Ministero della Salute del 02.08.2022)
Xxxxx Xxxxxxxxxx, 00 - 00000 XXXXXXX
C.F. P.Iva 02175680483
DELIBERAZIONE DEL DIRETTORE GENERALE
Oggetto | Progetto |
Contenuto | AUTORIZZAZIONE ALLA STIPULAZIONE DELL’ACCORDO DI RISERVATEZZA CON L’EUROPEAN CLINICAL RESEARCH INFRASTRUCTURE NETWORK-EUROPEAN RESEARCH INFRASTRUCTURE CONSORTIUM (ECRIN-XXXX) PER POSSIBILE FUTURA COLLABORAZIONE DEL MEYER CHILDREN’S RESEARCH INSTITUTE IN UN PROGETTO DI RICERCA CLINICA |
Area Tecnico Xxx.xx | AREA TECNICO AMMINISTRATIVA |
Coord. Area Tecnico Xxx.xx | XXXX XXXXX |
Struttura | MEYER CHILDREN’S RESEARCH INSTITUTE |
Direttore della Xxxxxxxxx | XXXXXXXX XXXXXXXX |
Responsabile del procedimento | XXXXXXX XXXXXXXX |
Immediatamente Esecutiva | NO |
Spesa prevista | Conto Economico | Codice Conto | Anno Bilancio |
Estremi relativi ai principali documenti contenuti nel fascicolo | ||
Allegato | N° di pag. | Oggetto |
1 | 7 | Confidentiality Agreement |
“documento firmato digitalmente”
IL DIRETTORE GENERALE
Dr. Xxxxxxx Xxxxxxxx (D.P.G.R.T. n. 99 del 30 luglio 2020)
Visto il D. Lgs.vo 30.12.1992 n. 502 e sue successive modifiche ed integrazioni e la L. R. Toscana n. 40 del 24.02.2005 e s.m.i. di disciplina del Servizio Sanitario Regionale;
Dato atto che:
- con deliberazione del Direttore Generale n. 54 del 01.02.2021 è stato approvato il nuovo Atto Aziendale dell’A.O.U. Xxxxx, ai sensi dell’art. 6 del Protocollo d’intesa del 22.04.2002 fra Regione Toscana e Università degli Studi di Firenze, Siena e Pisa, con decorrenza dal 01.02.2021;
- con deliberazione del Direttore Generale n. 55 del 01.02.2021 sono stati assunti i primi provvedimenti attuativi in relazione alla conferma/riassetto delle strutture complesse e semplici dotate di autonomia ed al conferimento dei relativi incarichi di direzione;
- con deliberazione del Direttore Generale n. 56 del 01.02.2021 sono state assunte determinazioni attuative del nuovo Atto aziendale in relazione alla conferma/riassetto delle strutture Dipartimentali e/o a valenza dipartimentale, delle Aree Funzionali Omogenee, dell’Area Servizi dell’Ospedale, dell’Area dei Diritti del Bambino, dell’Area Tecnico Amministrativa ed al conferimento di relativi incarichi di direzione;
- con successiva deliberazione del Direttore Generale n. 92 del 15.02.2021 si è provveduto ad assumere ulteriori disposizioni attuative relative all’organizzazione dell’A.O.U. Xxxxx in ordine alle Strutture semplici Intrasoc, Unità Professionali, Uffici e Incarichi professionali;
- con deliberazione del Direttore Generale n. 443 del 23.09.2022 l'A.O.U. Xxxxx ha disposto la presa d'atto del Decreto del Ministero della Salute del 02.08.2022, pubblicato nella Gazzetta Ufficiale n. 200 del 27.08.2022, con cui l’Azienda Ospedaliero Universitaria Xxxxx è stata riconosciuta Istituto di Ricovero e Cura a Carattere Scientifico (I.R.C.C.S.), per la disciplina di pediatria;
Su proposta del Direttore Operativo del Xxxxx Children’s Research Institute, Dr.ssa Xxxxxxxx XxXxxxxx, la quale attesta la regolarità amministrativa e la legittimità dell’atto;
Ricordato:
- che l’AOU Meyer, tra le proprie finalità istituzionali, promuove la ricerca scientifica e a tal fine, tra l’altro, favorisce le relazioni internazionali con partner stranieri nell’intento di contribuire con la propria expertise e le proprie conoscenze specialistiche alla cura delle malattie pediatriche;
- che il Meyer Children’s Research Institute è deputato, tra le proprie finalità, anche a promuovere la ricerca scientifica favorendo collaborazioni con partner xxxxxx in tale settore;
Premesso che con Xxxxxxxx del Direttore Generale n. 119 del 03.03.2022 questa Azienda ha autorizzato la stipulazione dell’Accordo di riservatezza con il network intergovernamentale denominato European Clinical Research Infrastructure Network-European Research Infrastructure Consortium (ECRIN-XXXX), un’organizzazione non-profit con sede a Parigi che offre il proprio supporto alla conduzione di studi clinici multicentrici;
Posto che il suddetto Accordo, stipulato in data 22.03.2022, ha consentito a questa Azienda di
accedere alla compilazione di un questionario di autovalutazione sulla qualità, giudicato positivamente da parte di ECRIN-XXXX, e conseguentemente di aderire al network ItaCRIN (ITAlian Clinical Research Infrastructure Network), istituito presso l’Istituto Superiore di Sanità, che è parte della rete ECRIN-XXXX e coordina i centri italiani riconosciuti da quest’ultima;
Atteso che, a seguito del riconoscimento dell’AOU Meyer quale centro per la ricerca nell’ambito del network ItaCRIN, quest’ultimo ha proposto al Meyer Children’s Research Institute di prendere in esame la possibilità di collaborare in progetto di ricerca clinica il cui promotore è un’istituzione non- profit;
Rilevato che è interesse di questa Azienda partecipare anche in progetti di ricerca non-profit offrendo il proprio contributo alla conduzione di studi clinici, che sarà debitamente valorizzato in accordi futuri con XxxXXXX o con il promotore dello studio clinico;
Precisato che ECRIN-XXXX ha proposto un Accordo di riservatezza per lo scambio di informazioni confidenziali necessarie alla valutazione dell’impegno del Meyer Children’s Research Institute nel progetto sopra menzionato;
Dato atto che, per motivi inerenti alla tutela nell’ambito del progetto di interessi economici e commerciali, ECRIN-XXXX ha proposto di omettere, ai fini della pubblicazione del presente atto, alcune parti sostanziali del su citato Accordo;
Visto l’art. 5-bis del D. Lgs. n. 33 del 14/03/2013, come modificato dal D. Lgs. n. 97 del 25/05/2016, che disciplina l’esclusione e i limiti all’accesso civico;
Ritenuto pertanto, al fine di evitare pregiudizio alla tutela degli interessi privati economici e commerciali afferenti al progetto di ricerca clinica che coinvolge la rete ECRIN-XXXX, di pubblicare l’Accordo di riservatezza con le opportune cancellazioni individuate come omissis;
Vista la bozza del su citato Accordo che è unita quale allegato N. 1 al presente provvedimento a formarne parte integrante e sostanziale;
Verificato che dall’Accordo di cui sopra non derivano oneri economici a carico dell’AOU Xxxxx;
Ritenuto pertanto di stipulare l’Accordo di riservatezza con ECRIN-XXXX, allegato N. 1 al presente atto a formarne parte integrante e sostanziale, per la disciplina delle condizioni normative ed operative per la tutela delle informazioni confidenziali che saranno scambiate tra le parti dell’Accordo intese a valutare i termini della collaborazione dell’AOU Xxxxx e, nello specifico del Meyer Children’s Research Institute, in un progetto internazionale di ricerca clinica;
Considerato che il Responsabile del Procedimento, individuato ai sensi della Legge n. 241/1990 nella persona del Dr. Xxxxxxx Xxxxxxxx sottoscrivendo l’atto attesta che lo stesso, a seguito dell’istruttoria effettuata, nella forma e nella sostanza è legittimo;
Acquisito il parere del Coordinatore dell’Area Tecnico Amministrativa, Dr.ssa Xxxxx Xxxx, espresso mediante sottoscrizione del presente atto;
Vista la sottoscrizione del Direttore Sanitario e del Direttore Amministrativo, per quanto di competenza, ai sensi dell’art. 3 del Decreto Legislativo n. 229/99;
DELIBERA
Per quanto esposto in narrativa che espressamente si richiama,
1. Di approvare lo schema di Accordo di riservatezza da stipulare con il network europeo European Clinical Research Infrastructure Network-European Research Infrastructure Consortium (ECRIN- XXXX) che, allegato N. 1 al presente atto, ne forma parte integrante e sostanziale.
2. Di dare atto che lo schema di Accordo di cui all’allegato N. 1 è pubblicato con omissis, ai sensi della normativa vigente e per le motivazioni espresse sopra, e che l’Accordo nella sua versione integrale è conservato agli atti.
3. Di precisare che dal presente atto non derivano oneri economici a carico dell’AOU Xxxxx.
4. Di trasmettere il presente atto al Collegio Sindacale ai sensi dell’art. 42, comma 2, della L.R.T. n. 40/2005 contemporaneamente all’inoltro all’albo di pubblicità degli atti di questa A.O.U. Xxxxx.
IL DIRETTORE GENERALE | |
(Dr. Xxxxxxx Xxxxxxxx) | |
IL DIRETTORE SANITARIO | IL DIRETTORE AMMINISTRATIVO |
(Dr.ssa Xxxxxxxxx Xxxxxxx) | (Dr. Xxxx Xxxxx) |
CONFIDENTIALITY AGREEMENT
THIS MUTUAL CONFIDENTIAL AGREEMENT (the “Agreement”), made as of 12/10/2022 (the “Effective Date”), is by and between
European Clinical Research Infrastructure Network (ECRIN-XXXX), registered under SIRET n°801 933 235 00021, established at 0-0 xxx Xxxx, 00000 Xxxxx, Xxxxxx, represented by Prof. Dr.
Xxxxxxx Xxxxxxx, Director General of ECRIN XXXX xxxxxxxxxxx referred to as “ECRIN”
and
Xxxxx Children’s Hospital, whose registered office is at Xxxxx Xxxxxxx Xxxxxxxxxx 00, 00000 Xxxxxxx Xxxxx, tax code/VAT number 02175680483, represented by Dr. Xxxxxxx Xxxxxxxx, Legal Representative and Director General
hereinafter referred to as “MEYER”
Hereinafter individually or collectively referred to as the “Party” or the “Parties".
WHEREAS
The Parties wish to discuss the ways in which they can work together on the following project: omissis
(the "Purpose");
B) Within the Project mentioned above, Meyer may perform some activities to be set forth in a specific agreement regulating the terms and the conditions of Xxxxx’x engagement;
In the course of these discussions the Parties, for their mutual benefit, will exchange, and may have exchanged, certain confidential information, including but not limited to information regarding intellectual property and other proprietary information;
The Parties wish to protect the confidentiality and proprietary features contained in the information which is exchanged in accordance with the terms set out in this Agreement.
IT HEREBY IS AGREED as follows:
1. DEFINITIONS
For the Purpose of this Agreement the following expressions shall have the following meanings:
“Confidential Information” shall mean all information, know-how and techniques (in whatever form held) that is proprietary to or possessed by a Party and generally unknown to the public or that has not yet been revealed, whether in tangible or intangible form, whenever and however disclosed, including, but not limited to:
a. any scientific or technical information, protocol, invention, design, process, procedure, formula, improvement, technology or method, concepts, samples, reports, data, know- how, works-in-progress, designs, drawings, photographs, development tools, specifications, software programs, source code, object code, flow charts, and databases;
b. any operational, management, administrative, financial or other affairs of either Party (including any business plans or forecasts, trade secrets, information relating to the Party’s past, present or future business activities, or those of its affiliates or subsidiaries);
c. any other information that should reasonably be recognized as Confidential Information by the Parties;
“Disclosing Party” shall mean a party to this Agreement which discloses or makes available, directly or indirectly, Confidential Information;
“Receiving Party” shall mean a party to this Agreement which receives or obtains, whether directly or indirectly, any Confidential Information;
“Representatives” shall mean each party’s directors, officers, employees, consultants, and advisors who are obligated to maintain the confidential nature of such Confidential Information and who need to know such Confidential Information for the purposes set forth in this Agreement.
2. GENERAL CONFIDENTIALITY OBLIGATIONS
2.1. Both Parties can be the “Disclosing Party” or “Receiving Party” during the whole process of the Proposal preparation and the exchange of Confidential Information.
2.2. The Receiving Party undertakes and agrees:
▪ to hold the Confidential Information in confidence and not to disclose it or permit it to be made available to any other person, firm or company except to its Representatives provided that:
(i) the Receiving Party advises such Representatives of the Receiving Party’s obligations under this Agreement;
(ii) such Representatives are subject to contractual obligations of confidentiality to the Receiving Party that cover the Disclosing Party’s Confidential Information that are no less stringent than the obligations of the Receiving Party set forth in this Agreement; and
(iii) the Receiving Party shall be responsible for all use and disclosures of the Confidential Information by its Representatives.
▪ for the avoidance of doubt, ECRIN Representatives include but are not limited to its directors, its Paris-based Core Team, its European Correspondents and its Partners based in each Member or Observer Country and the ECRIN Scientific Board.
▪ only to use such Confidential Information for the agreed upon Purposes and not to exploit the Confidential Information in any way;
▪ on the written request of the Disclosing Party, to promptly return to the Disclosing Party all the Confidential Information and any copies of it or, at the Disclosing Party's request to confirm that it has been saved as required by law or regulation, or that it has been destroyed. The Receiving Party shall not be required to return reports, notes or other material prepared by it or its Representatives which incorporate Confidential Information provided that this information is kept confidential as per the terms of this Agreement;
▪ to keep confidential and not to disclose to any person (other than the Representatives) the existence of this Agreement nor the discussions between the Parties in connection with the Purpose.
3. CONFIDENTIALITY OF PERSONAL DATA
3.1. In case the Parties need to process personal data for the Purpose of this Agreement, in such case the Parties:
▪ shall keep confidential all personal data1;
▪ shall process the personal data solely for the above-mentioned Purpose;
1 “Personal Data” shall mean any information relating to an identified or identifiable natural person, as further defined in applicable law and (EU) Regulation 2016/679.
▪ shall handle all personal data in accordance with the EU Regulation 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (the "GDPR") and any other applicable data protection law;
▪ shall implement appropriate technical and organisational measures to meet the requirements of the above-mentioned legislation;
▪ whenever relevant, shall establish separate data processing agreements.
3.2. Neither Party is expected to transfer personal data collected from the other Party to Third countries2 (countries outside the EU/EEA) nor to give access to Third countries to the other Party's data stored in the EU/EEA.
Neither Party is expected to process sensitive personal data in the sense of Article 9 of the GDPR for the purpose of this Agreement.
However, if such personal data processing later becomes necessary, the Parties shall enter into good faith discussions and shall expressly set out what is required to the Parties in order to meet their data protection obligations under the GDPR.
3.3. The Parties agree that data processing activities are involved in the administration of the contractual relationship, as per the following scope:
The following categories of personal data might be shared and processed by the Parties for the proper administration of this agreement ( “the Purpose 1 of data processing”): Personal data related to the Parties’ staff as well as to their Collaborators : name/surname, professional position, phone number, postal address, email address, and CVs.
For the avoidance of any doubt, XXXXX’x Collaborators shall include ECRIN Partners (based in Members and Observers countries) as well as any other third party (e.g. Beneficiaries to European Grant agreements, etc) that participate in the project.
The legal basis for the processing of the abovementioned categories of personal data shall be the performance of the present Agreement and, as applicable, the compliance with a legal obligation (Article 6 of the GDPR).
For the Purpose mentioned under 3.3, the Parties shall act as independent controllers.
To meet their obligations, the Parties shall:
I. keep confidential all personal data and prevent unauthorized access to personal data;
2 “Third Countries” shall mean countries outside of the EU/EEA area which are not recognized as countries providing adequate protection of Personal Data.
II. implement appropriate technical, organizational and security measures in such a manner that the personal data processing will meet the requirements of the GDPR and, as applicable, of any national data protection laws and regulations
III. keep the data in a safe and secure place, restricted in access and prevent unauthorized access to personal data as per the applicable security rules
IV. process the personal data solely for the above-mentioned purpose and only according to the data controller’s instructions. If it cannot provide such compliance for whatever reasons, the concerned Party agrees to inform promptly the other Party of its inability to comply.
V. promptly notify the other Party about:
a. any legally binding request for disclosure of the personal data by a law enforcement authority.
b. any data security breach, to be communicated within 24 hours from the breach, such as but not limited to accidental or unauthorized access
VI. Each Party shall assist the other Party in meeting its obligations and shall provide that Party with all the information that is needed to show that such obligations have been met. These obligations include but are not limited to:
i. notify personal data breaches to the other Party
ii. notify personal data breaches to data subjects and/or assist the controller in fulfilling this obligation
iii. carry out data protection impact assessments (DPIAs) whenever the data processing is likely to result in a high risk to the rights and freedoms of individuals and/or assist the other Party in fulfilling this obligation when required
iv. consult the other Party where there is a high risk that cannot be mitigated.
v. a Party shall promptly notify the Other Party of any request it has received from a data subject to exercise various rights, such as subject access requests, requests for the rectification or erasure of personal data, and objections to processing.
vi. the Parties shall assist each other in responding to enquiries and requests made by data subjects under the local law applicable and/or under Regulation (EU) 2016/679.
4. EXCEPTIONS
This Agreement shall not apply to any information or Confidential Information:
▪ which is in the public domain or comes into the public domain for any reason other than any failure on the part of the Receiving Party or its Representatives to comply with the terms of this Agreement;
▪ which was lawfully in the possession of the Receiving Party prior to such disclosure;
▪ which is subsequently received by the Receiving Party from a third party without obligations of confidentiality; or
▪ which the Receiving Party or its Representatives are required to disclose, retain or maintain by law or any regulation or governmental authority or order from a court of competent jurisdiction (provided that any disclosure shall be limited to the minimum extent necessary).
5. OWNERSHIP OF CONFIDENTIAL INFORMATION
5.1. Each party reserves all rights in its Confidential Information and no rights or obligations other than those expressly set out herein that are granted or implied by this Agreement.
5.2. Neither this Agreement nor the disclosure of the Confidential Information hereunder shall be construed as granting rights by license or otherwise in any of the Confidential Information.
6. ENTIRE AGREEMENT, GOVERNING LAW AND JURISDICTION
6.1. This Agreement constitutes the entire Agreement and understanding between the parties on the subject matter hereof and supersedes all prior agreements, understandings and undertakings in such respect.
6.2. Any modification, amendment or waiver shall be effected only if in writing, and signed by both parties.
6.3. This Agreement shall be governed and construed in accordance with the laws of the defendant.
6.4. If any dispute arises out of this Agreement the Parties will first attempt to resolve the matter informally through designated senior representatives of each Party to the dispute. If the Parties are not able to resolve the dispute informally within a reasonable time not exceeding two (2) months from the date the informal process is requested by notice in writing, the courts where the defendant has his or her place of business shall have sole jurisdiction for any litigation relating to the existence, validity, interpretation or execution of the present Agreement.
7. EXPIRATION AND TERMINATION
The term of this Agreement will be a period of one (1) year following the Effective Date unless terminated earlier by either Party upon fifteen (15) days prior written notice to the other Party. The obligations of confidentiality and non-use will survive any such termination or expiration and continue in full force and effect for a period of three (3) years from the date of termination or expiration.
On behalf of XXXXX-XXXX | On behalf of Meyer |
LEGAL REPRESENTATIVE Xxxxxxx XXXXXXX Director General DATE: SIGNATURE: | LEGAL REPRESENTATIVE Xxxxxxx Xxxxxxxx Director General DATE: SIGNATURE: |