Data Sharing Requirements

Federal and private funding agencies and journal publishers are increasingly requiring researchers to share their research data for the purposes of research reproducibility, replicability, and to foster new research. Since January 2023, NIH has implemented a new Data Management and Sharing Policy where any project generating “scientific data” is required to detail how they will maximize appropriate data sharing. NIH also strongly recommends that any data sharing plans be included in the informed consent process and recommends the use of an established archive or repository. For more information see the NIH policy website or the Duke MyResearchPath page. Given these policies, you should include any data sharing plans clearly within your IRB protocol and consent forms.

In cases where your funder (e.g. NIH) or journal publisher require data sharing, if you are too restrictive in your consent language, you may need to re-consent participants, which can be both time consuming and challenging. Go to the standard language page and look for the "data sharing" standard language as you design your consent form to prospectively plan for communicating data sharing during the consent process.

Controlled access refers to a repository where research data will only be shared under certain criteria set by the depositor and repository. These often include a formal application and approval process; such as terminal degree requirements (i.e., PhD, MD, etc.), IRB approval, formal Data Use Agreement, and Data Security Plans (if hosted locally). These are used for data in which there could be harm if the data were shared openly, there are limitations on usage within the consent, or certain indirect identifiers must remain in order for the data to remain usable for analysis. If unrestricted access to your data could potentially harm participants due to inappropriate and/or accidental disclosure, a controlled access repository should be used. If you are unsure what controlled access options are available to you, please contact datamanagement@duke.edu.

Open access refers to a repository where research data are shared and accessed freely. Open access repositories allow depositors to assign licenses (typically Creative Commons) to their datasets to set expectations about the use of that data while still allowing it to be accessed freely by anyone. Data that is no longer considered human subjects research (fully de-identified) that also poses very little to no risk to participants if they were inadvertently identified are appropriate for open access. If you are not sure if your data are adequately de-identified please contact DOCR (DOCR.help@duke.edu). If you are unsure what open access options are available to you, please contact datamanagement@duke.edu.