(1) A data controller may process or disclose sensitive personal data or may cause sensitive personal data in his or her custody or control to be processed or disclosed for a research purpose, including statistical research only if —
(a) the research purpose cannot reasonably be accomplished unless that data is provided in individually identifiable form;
(b) the data is disclosed or processed on condition that the data is not to be used for the purpose of contacting a person to participate in research;
(c) any record linkage is not harmful to the data subject and the benefits to be derived from the record linkage are clearly in the public interest;
(d) the disclosure or processing is necessary for the purposes stipulated in section 34(2)(f);
(e) the person responsible for the administration of the public authority or in any other case, the chief executive officer of the establishment concerned, has approved conditions relating to the following —
(i) security and confidentiality,
(ii) the removal or destruction of the individual identifiers at the earliest reasonable time,
(iii) the prohibition of any subsequent use or disclosure of that data in individually identifiable form without the express authorization of the public authority or establishment concerned; and
(f) the person to whom the sensitive personal data is disclosed has signed an agreement to comply with the approved conditions, this Act and any of the public authority's or establishment's policies and procedures relating to the confidentiality of personal data.
(2) Personal data may be provided to be used for the purposes referred to in subsection (1), unless otherwise provided by applicable rules on secrecy and confidentiality.