Data Sharing Policy

The Common Data Repository for Nursing Science, or cdRNS, is a comprehensive but customizable data science platform designed for every stage of your research. A modular, web-based system, cdRNS makes the performance of research studies and clinical trials faster, simpler, and more collaborative. It was developed to promote collaboration, accelerate research, and advance knowledge on the characterization, prevention, diagnosis and treatment of various diseases. cdRNS/NINR Data Science Platform provides a common platform and standardized format for data collection, retrieval and archiving, while allowing for flexibility in data entry and analysis. Additional information and detailed implementation guidance related to the cdRNS/NINR Data Science Platform can be found at https://cdrns.nih.gov.

The detailed expectations are enumerated in the individual sections of this data sharing policy, and summarized as follows:

Investigators submitting cdRNS/NINR data are expected to:

• Submit a Data Submission Form, providing assurance that all data are submitted in accordance with applicable laws and regulations, and that the identities of research participants will not be disclosed to the cdRNS/NINR Data Science Platform
• Upload approved data to cdRNS/NINR on a regular basis.

Investigators requesting and receiving cdRNS/NINR data are expected to:

• Submit a Data Access Request;
• Protect data confidentiality;
• Ensure that institution based standard data security measures are in place; Data security measures must also conform to the NINR Data and Safety Monitoring Policy.
• Notify the cdRNS NINR Operations team and NINR program staff of policy violations;
• Include acknowledgements of the cdRNS/NINR Data Science Platform in all publications and presentations.

This Data Sharing Policy applies to:

• NINR/NIH P20 and P30 research projects extramural research projects approved on or after January, 2014 that include NINR clinical studies, defined as:
  • Patient-oriented research. Research conducted with human subjects (or on material of human origin such as tissues, specimens, and cognitive phenomena) for which an investigator (or colleague) directly interacts with human subjects. Excluded from this definition are in vitro studies that utilize human tissues that cannot be linked to a living individual. It includes:
    • mechanisms of human disease;
    • therapeutic interventions;
    • clinical trials;
    • development of new technologies; 
  • Epidemiological and behavioral studies;
  • Outcomes research and health services research. 
• Research studies supported by other agencies and groups who would like to deposit data into the cdRNS/NINR Data Science Platform.

cdRNS/NINR Data Sharing Policy addresses (1) data sharing procedures, (2) data access principles, and (3) issues regarding the protection of research participants during the submission of, storage of, and access to data within the cdRNS/NINR Data Science Platform. The goal of the policy is to advance science for the benefit of the public through the creation of a centralized Federal data repository for NINR research information. The principles contained in this policy were developed by the cdRNS/NINR Policy Committee and are consistent with existing NIH and NINR polices on data sharing. The NINR and the NIH recognize that scientific, ethical, and societal issues relevant to this policy are evolving, and have established a Policy Committee to oversee implementation and data use practices. The agencies will revisit and revise the policy and related practices as appropriate.

Protecting Research Participants

The potential for public benefit to be achieved through sharing NINR research data is significant. However, the broad data distribution goals of cdRNS/NINR highlight the importance of protecting the privacy of the research participants and the confidentiality of their data. cdRNS/NINR Data Sharing Policy includes steps to protect the interests and privacy concerns of individuals, families, and identifiable groups who participate in NINR genetic and other research. The informed consent process is a critical step and subject consent forms in prospective studies should include language similar to the following:

“All links with your identity will be removed from the data before they are shared. Only de- identified data which do not include anything that might directly identify you will be shared with cdRNS/NINR users and the general scientific community for research purposes.”

For retrospective studies conducted before the development of cdRNS/NINR, the agencies anticipate considerable variation in the extent to which data sharing and future research have been addressed within the informed consent documents. The submitting institution will determine whether a study is appropriate for submission to cdRNS/NINR (including an Institutional Review Board (IRB) and/or Privacy Board review of specific study elements, such as participant consent). Some studies may require additional consent of the research participants. To ensure the security of the data held in the Data Science Platform, the CIT will employ multiple tiers of data security based on the content and level of risk associated with the data. cdRNS/NINR will establish and maintain operating policies and procedures to address issues including, but not limited to, the privacy and confidentiality of research participants, the interests of individuals and groups, data access procedures, and data security mechanisms. These will be reviewed periodically by the cdRNS/NINR oversight bodies as appropriate.

Non-Research Use of Data

As agencies of the Federal Government, the NINR and the NIH are required to release Government records in response to a request under the Freedom of Information Act (FOIA), unless they are exempt from release under one of the FOIA exemptions. Although the cdRNS/NINR-held data will be coded, and neither the NINR nor the NIH will hold direct identifiers to individuals within the cdRNS/NINR Data Science Platform, the agencies recognize the personal and potentially sensitive nature of the genotype-phenotype data. The NINR and the NIH believe that release of un-redacted cdRNS/NINR datasets in response to a FOIA request would constitute an unreasonable invasion of personal privacy under FOIA Exemption 6, 5 U.S.C.§ 552 (b)(6). Therefore, among the safeguards that the agencies foresee using to preserve the privacy of research participants and confidentiality of genetic data are the redaction of individual-level genotype, phenotype, and other clinical data from disclosures made in response to FOIA requests and the denial of requests for unredacted datasets.

In addition, the NINR and the NIH acknowledge that legitimate requests for access to data made by law enforcement offices to cdRNS/NINR may be fulfilled. Neither the NINR nor the NIH will possess direct identifiers within the cdRNS/NINR Data Science Platform, nor will the agencies have access to the link between the data code and the identifiable information that may reside with the primary investigators and institutions for particular studies. The release of identifiable information may be protected from compelled disclosure by the primary investigator’s institution if a Certificate of Confidentiality is or was obtained for the original study.

Data Submission

NIH- and NINR-supported human NINR research studies—including both intramural and extramural studies—may be required to deposit data into the cdRNS/NINR Data Science Platform. Research studies funded by other agencies and groups may also deposit data into the cdRNS/NINR Data Science Platform, pending review by the cdRNS/ NINR Operations team and NINR Program Officers in collaboration with the external funding source on a case-by-case basis, deferring to pre-existing policies, regulations, and constraints. Investigators applying for funding from participating agencies will be asked to include a data sharing plan consistent with cdRNS/NINR policy as part of their application and are expected to use the CORE NINR Common Data Elements (CDEs) at a minimum.

cdRNS/NINR Operations team and NINR Program Officers will work with researchers to map their study variables to specific CDEs. In addition, cdRNS/NINR will consult with researchers to ensure the formats of the CDEs collected are compatible with the cdRNS/NINR Data Science Platform. In addition to CDE variables, cdRNS/NINR will accept raw data from imaging, biomarker, or physiologic studies, additional supporting documentation as follows:

• Study Title
• Estimated number of subjects
• Purpose
• Estimated start date
• Estimated end date

All data and information will be submitted to a high security network within the CIT through a secure transmission process, including the supporting documentation:

Data submitted to the cdRNS/NINR Data Science Platform will be de-identified such that the identities of data subjects cannot be readily ascertained or otherwise associated with the data by the cdRNS/NINR staff or secondary data users. In addition, deidentified data will be coded using a unique code known as a Global Unique Identifier (GUID). Use of the GUID minimizes risks to study participants because it keeps one individual’s information separate from that of another person without using names, addresses, or other identifying information. The unique code also allows cdRNS/NINR to link together all submitted information on a single participant, giving researchers access to information that may have been collected elsewhere. The GUID is a computer-generated alphanumeric code [example: 1A462BS] that is unique to each research participant (i.e., each person’s information in cdRNS/NINR—or each subject’s record—has a different GUID). cdRNS/NINR will assist investigators in how to create the GUID, which is an essential requirement for uploading data to cdRNS/NINR.

Investigators submitting datasets to cdRNS/NINR are expected to certify that an appropriate IRB has considered such risks and that the data have been de-identified in accordance with NINR and NIH regulations before the data are submitted. In addition, in the event that requests raise questions or concerns related to privacy and confidentiality, risks to populations or groups, or other relevant topics, the cdRNS Operations Team and NINR Program Staff will consult with other experts as appropriate.

Submissions of data to cdRNS/NINR shall be accompanied by a certification signed by the Principal Investigator to assure that:

• The data submission is consistent with all applicable laws and regulations, as well as institutional policies;
• The appropriate research uses of the data and the uses that are explicitly excluded by the informed consent documents are delineated;
• The identities of research participants will not be disclosed to the cdRNS/NINR Data Science Platform; and
• An IRB of the submitting institution and/or Privacy Board, as applicable, reviewed and verified that:
  • The submission of data to the cdRNS/NINR Data Science Platform and subsequent sharing for research purposes are consistent with the informed consent of study participants from whom the data were obtained;
  • The investigator’s plan for de-identifying datasets is consistent with the standards outlined above;
  • The risks to individuals, their families, and groups or populations associated with data submitted to the cdRNS/NINR Data Science Platform have been considered; and
  • The genotype and/or phenotype data to be submitted were collected in a manner consistent with NINR and NIH regulations and policies.

While the agencies expect data sharing through this policy, circumstances beyond the control of investigators may preclude submission of NINR research data to the cdRNS/NINR Data Science Platform.

Investigators are encouraged to submit a short list of planned papers on primary and secondary study objectives to their science officers when negotiating data sharing requirements.

Submitting investigators and their institutions may use the GUID as a means to request removal of data on individual participants from the cdRNS/NINR Data Science Platform in the event that a research participant withdraws his/her consent. However, data that have been distributed for approved research use will not be retrieved.

Data Submission Schedule

Data include all research and clinical assessments and information obtained via interviews, direct observations, laboratory tasks and procedures, records reviews, genetic and genomic data, neuroimaging data, neuropsychological assessments, data from physical examinations, etc. In addition, supporting documentation that is needed to enable an investigator unfamiliar with the dataset to understand and use the data is also required. For example, supporting documentation may include noncopyrighted data collection forms, study procedures and protocols, data dictionary rationale, exclusion criteria, website references, a listing of major study publications, and the definition of a genomic analysis protocols. The following are not included as data: laboratory notebooks, preliminary analyses, drafts of scientific papers, plans for future research, peer review reports, communications with colleagues, or physical objects, such as gels or laboratory specimens. All data from clinical trials must be submitted within a year following the end of the performance period of the award. If any error in data is found during the data submission period of the project, the project lead will contact the cdRNS Operations team to assist in correcting the data submission.

cdRNS/NINR Data Sharing Schedule

One (1) year after the end of the study, the NINR common data elements ( CDEs) that are used in the study will be made available to all qualified and approved researchers (Recipients) as determined by the cdRNS Operations Team and NINR Program Staff. Other data fields can also be made available at the submitting principal investigator’s (Submitter’s) discretion. Outcomes data and other data elements needed by the principal investigator to test his/her hypotheses or research questions, referred to as Experimental Data, will be made available in a staged manner. Six months after the award period ends, Experimental Data will be open to other researchers who have submitted data to cdRNS/NINR (Submitters). Twelve months after the award period ends, Experimental Data will be open to all qualified and approved researchers (Recipients).

Investigators are also strongly encouraged to collaborate and share data throughout the study to accelerate research and advance knowledge on NINR. To facilitate collaboration, data access request forms may be submitted before the end of the performance period to the DAQC for initial review and then forwarded on to the relevant Submitters. The Submitters may choose to collaborate and/or to provide access to all or some of their Experimental Data, in which case the data will be made available to the data Recipients. Alternatively, the Submitters may choose to deny early access, in which case the request will be reviewed by the cdRNS Operations Team and NINR Program Staff in consultation with the Submitters. For example, prospective data collection projects that are powered to answer specific questions would be jeopardized by premature analysis of these same questions. However, if important research can be accomplished without jeopardizing the study, the value of the cdRNS/NINR data will be greatly enhanced by data sharing that advances the science of NINR.

cdRNS/NINR Data Access

cdRNS/NINR will provide descriptive summary information of submitted data for general public use. Access to data for research purposes will be provided through the cdRNS/NINR DAQC. Membership of the DAQC will include Federal staff with expertise in areas such as the relevant particular scientific disciplines, research participant protection, and privacy. The cdRNS/NINR DAQC will operate according to common principles and follow similar procedures to ensure the consistency and transparency of the cdRNS/NINR data access process. The DAQC will review the applications of investigators requesting data and make a determination based on their affiliation with a research institution, and on the basis of the reason for the request. It is anticipated that most requests will be appropriate and can be approved rapidly, and that only a few will require clarification. In the event that requests raise concerns related to privacy and confidentiality, risks to populations or groups, or other concerns, the DAQC will consult with other experts as appropriate. A request to appeal the decision is allowed and will be reviewed by the cdRNS/NINR Policy Committee.

Investigators and institutions seeking data from the cdRNS/NINR Data Science Platform will be expected to meet data security measures (such as physical security, information technology security, and user training) and will be asked to submit a Data Access Request that is signed by the investigator. Data Access Requests should include a brief description of the proposed research use of the requested cdRNS/NINR data. Investigators will agree, among other things, to:

• Use the data only for the approved research; if the Recipient wants to use the data to investigate additional research questions, a second data access request form must be submitted.
• Protect data confidentiality;
• Follow appropriate data security protections;
• Follow all applicable laws, regulations and local institutional policies and procedures for handling cdRNS/NINR data;
• Not attempt to identify individual participants from whom data within a dataset were obtained;
• Not sell any of the data elements from datasets obtained from the cdRNS/NINR Data Science Platform;
• Not share with individuals other than those listed in the request any of the data elements from datasets obtained from the cdRNS/NINR Data Science Platform;
• Agree to the list of approved research uses within the cdRNS/NINR Data Science Platform along with his/her name and organizational affiliation;
• Provide IRB numbers and expiration dates;
• Agree to report, in real time, violations of the cdRNS/NINR Data Sharing Policy to the DAQC;
• Adhere to the cdRNS/NINR Data Sharing Policy below with regard to publication; and
• Provide annual progress reports on research using cdRNS/NINR data.

Data Quality

The NINR and the NIH are implementing a two-tiered data control procedure for information and images submitted to the cdRNS/NINR Data Science Platform to ensure that the information submitted has undergone reviews for accuracy, completeness, and availability. The first level of quality control is performed by the researcher who is expected to certify the accuracy of the information prior to submission. The second level of quality control occurs when data and/or images are submitted to the cdRNS/NINR Data Science Platform for broad research access. cdRNS/NINR will provide a period of three months to allow the Submitter and the agencies to undertake activities to review the completeness of the submission. Such efforts include verifying that the information received by cdRNS/NINR is complete (i.e., not missing records intended for submission), contains no identifying information, displays correctly, and that the cdRNS/NINR Toolset functions as expected with the information. During this timeframe, access to data and brain images for research is temporarily suspended to help ensure that cdRNS/NINR makes available only carefully reviewed information. Should the agencies determine that additional time is necessary to ensure the quality of the submitted information (e.g., time necessary to remedy concerns), the agencies may opt to extend the quality control period as necessary in the interest of science. After quality control measures are satisfied, the submitted information will be certified as accurate by the submitting researcher.

The NINR and the NIH strongly encourage collaboration, but at a minimum all investigators who access cdRNS/NINR data are expected to acknowledge the funding organization(s) that supported their work, the Contributing Investigator(s) who conducted the original study, and the cdRNS/NINR Data Science Platform in all resulting presentations, disclosures, or publications of the analyses. Data Recipients should submit manuscripts to the DAQC for administrative review at least four weeks prior to submission for publication. This review is not a scientific review, but an administrative review to ensure that the terms of the user agreement have been met, the description of cdRNS/NINR procedures are accurately identified, and cdRNS/NINR and the original researchers are appropriately acknowledged. These administrative reviews will take no longer than two weeks.

Inquiries

Specific questions about this policy should be directed to: Office of cdRNS/NINR Operations National Institutes of Health, Center for Information Technology (CIT) Building 12A 12 South Dr. RM 2041 Bethesda, MD 20892

Email: BRICS/NINR-ops@mail.nih.gov

Download Document