- Home
- »
- Policies
- »
- Intramural
- »
- Data Access Request
Data Access Request
cdRNS Data Science Platform Data Access Request
The NINR/ cdRNS Operations team approves access to data from the Common Data Repository for Nursing Science (cdRNS) Data Science Platform for research purposes only. The NINR/ cdRNS Operations team will review the Informatics System Access Request (ISAR) and the Data Use Certification (DUC) of each applicant requesting data and provide access based on the expectations outlined in the cdRNS policy. These expectations include the protection of data privacy, confidentiality, and security. In the event that requests raise concerns related to privacy and confidentiality, risks to populations or groups, or other concerns, the NINR/ cdRNS Operations team will consult with other experts as appropriate.
Recipients seeking access to data from cdRNS are expected to submit their ISAR and DUC, signed by the Principal Investigator. Completing this ISAR is a necessary step to access data from cdRNS.
Steps to Request Query Access to the cdRNS Data Science Platform
- Read the cdRNS Data Science Platform Data Use Certification (DUC) below.
- Provide a scanned copy of the signed DUC Recipient Information and Certifications page when requesting an account to cdRNS (with Query and Study privileges) at Request Access
- Access Request Review: NINR/ cdRNS Operations team will review requests to access the cdRNS data science platform. Such reviews are generally completed within 10 business days.
- NINR/ cdRNS Operations team will notify users if the access request has been approved, and an account will then be provided. Users will receive an automated notification of their account update with any modified user name, passwords, or instructions for accessing the cdRNS Data Science Platform.
- Optional: cdRNS System Training (if request approved): Contact cdRNS through NINR-BRICS- OPS@mail.nih.gov to discuss specific training needs the user may have and schedule the training.
Data Use Certification (DUC) for the Common Data Repository for Nursing Science (cdRNS) Data Science Platform
Introduction
The Common Data Repository for Nursing Science, or cdRNS, is a comprehensive but customizable data science platform designed for every stage of your research. A modular, web-based system, cdRNS makes the performance of research studies and clinical trials faster, simpler, and more collaborative. Promoting optimal use on a national scale of this resource will require a large and concerted effort, which may exceed the research capacity of current investigators. NINR and the NIH have responsibility to the public in general, and to the scientific community in particular to encourage the use of these resources to achieve rapid scientific progress. In order to take full advantage of such resources and maximize their research value, it is important that data be made available, on appropriate terms and conditions, to the largest possible number of qualified investigators in a timely manner.
Data collected by the Submitters have been stripped of all individual identifiers, but the unique and intrinsically personal nature of DNA, derivative data of which are included in cdRNS, combined with the recent increase in the accessibility of conducting genotype and other sequence analyses (in terms of technological capacity and cost), has altered the framework through which “identify-ability” can be defined. To protect and assure the confidentiality and privacy of all participants, the Recipient who is granted access to these data is expected to adhere to the specifications of this DUC. Failure to do so could result in denial of further access to data and subject the Recipient of any other applicable penalties and actions.
Submitters have made a substantial long-term contribution to cdRNS by submitting data to cdRNS system. NINR and the NIH seek to encourage appropriate data use and collaborative relationships by outside investigators with the Submitters and to ensure that the contribution of the Submitters is appropriately acknowledged.
Definitions
For purposes of this agreement:
“Data” refers to the information that has been collected and recorded from participants in NINR studies, regardless of the source of funding. Data from study participants were collected through the periodic examinations and follow-up contacts conducted pursuant to the Submitters' Cooperative Agreement grants, other grants, contracts, and other NINR studies conducted independent of NINR or NIH.
A “Submitter” is defined as a researcher who has submitted data to the cdRNS Data Science Platform, according to the policies laid out in the cdRNS Data Science Platform Submission Agreement. The Submitter may have had a past or current/active grant, contract, or consulting agreement with NINR or NIH, one of its contractors, or any other funding source.
The “Recipient” Principal Investigator is an individual who seeks access to data from cdRNS. The Recipient and his/her Organization may be a researcher at a non-profit or for-profit organization or corporation with an approved assurance from the Department of Health and Human Services Office for Human Research Protections (OHRP). The Recipient requests access to study data at his/her sole risk and at no expense to the study, NINR, and NIH.
Terms and Conditions
I request approval to access data from the Common Data Repository for Nursing Science (cdRNS) Data Science Platform for research purposes. I agree to the following terms:
- Research Project. These data will be used by Recipient Principal Investigator solely in connection with the “Project Summary/Abstract”. If the Project does involve Submitter(s), their names and the work they will perform are also included in the Recipient Information and Certifications section.
This DUC covers only the Research Project contemplated in the Project Summary/Abstract section. Recipient agrees that data will not be used in any research that is not disclosed and approved as part of the Research Project. Recipient will submit a completed DUC (this document) for each research project for which data are requested. This applies to all versions of cdRNS Data Science Platform data.
- Non-transferability of Agreement. This DUC is not transferable. Recipient agrees that any substantive change that the Recipient makes to the Research Project requires execution and approval of a new DUC, in which the new Research Project is designated. If the Recipient appoints another Principal Investigator to complete the Research Project, a new DUC in which the new Recipient is designated is necessary. If the Recipient changes institutions and wishes to retain access to cdRNS Informatics data, a new DUC must be executed and approved.
- Non-Identification of Subjects. Recipient agrees that data will not be used, either alone or in conjunction with any other information, in any effort whatsoever to establish the individual identities of any of the subjects from whom data were obtained. Recipient agrees to notify cdRNS as soon as possible if, upon use of cdRNS data, the Recipient discovers identifying information in those data.
- GUID and Access to Submitted Data. The Global Unique Identifier (GUID) is a computer-generated alphanumeric code that is unique to each research participant. The GUID allows cdRNS to link together all submitted information on a single participant, giving researchers access to information even if the data were collected at different locations or through different studies. If Recipients request access to data on individuals for whom they themselves have previously submitted data to cdRNS, they may gain access to more data about an individual participant than they themselves collected. Consequently, these research activities may be considered “human subjects research” and may require that they obtain institutional IRB approval of their Research Project.
- Data Disclaimers. Recipient agrees that NINR and NIH do not and cannot warrant the results that may be obtained by using any data included therein. NINR and NIH disclaim all warranties as to the accuracy of the data in cdRNS or the performance or fitness of the data for any particular purpose.
6. Notification of cdRNS of Publication. Prompt publication or other public disclosure of the results of the Research Project is required. Recipient agrees to notify cdRNS/NINR via email NINR-BRICS- OPS@mail.nih.gov as to when and where a publication (or other public disclosure) of a report from the Research Project will appear. Notification of such publications can occur by sending to cdRNS/NINR an updated biographical sketch http://grants.nih.gov/grants/funding/2590/biosketchsample.pdf or CV of the publishing author.
7. Data Access for Research. Data from active and completed studies are available for restricted “Controlled (Login) Access” by researchers approved for data access pursuant to the terms set forth in this agreement. Recipients of Controlled Access data acknowledge that other researchers have access to the data and that downloading, utilization, and duplication of research are distinct possibilities.
8. No Distribution of Data. Recipient agrees to retain control over data, and further agrees not to transfer data, with or without charge, to any other entity or any individual, except for collaborators with approved DUCs. Recipient agrees not to sell the data in any form to any entity or individual or to distribute the data to anyone other than his/her research staff and collaborators with an approved DUC, who will also agree to the terms within this DUC. All individuals of the research team who have access to cdRNS should adhere to the terms of the Data access request.
9. Acknowledgments. Recipient agrees to acknowledge the contribution of the cdRNS data science platform, the relevant cdRNS dataset identifier(s) (a serial number), and the Submitter(s) in any and all oral and written presentations, disclosures, and publications resulting from any and all analyses of data using the cdRNS tools, whether or not Recipient is collaborating with Submitter(s). The manuscript should include the following acknowledgement or other similar language:
Data and/or research tools used in the preparation of this manuscript were obtained and analyzed from the controlled access datasets distributed from the NINR- and NIH-supported Common Data Repository for Nursing Science (cdRNS) Data Science Platforms. cdRNS is a collaborative data science platform created by the Department of Defense and the National Institutes of Health to provide a national resource to support and accelerate research in NINR. Dataset identifier(s): [provide]. This manuscript reflects the views of the authors and may not reflect the opinions or views of the NINR, NIH, or of the Submitters submitting original data to cdRNS Data Science Platform.
If the Research Project involves collaboration with Submitters or cdRNS staff then Recipient will acknowledge Submitters as co-authors, if appropriate, on any publication. In addition, Recipients agree to include a reference to cdRNS Data Science Platform datasets analyzed and to cite cdRNS and the federal funding sources in abstracts as space allows.
- Non-Endorsement; Liability. Recipient agrees not to claim, infer, or imply endorsement by the United States Government, the Department of Defense, the Department of Health & Human Services, or the National Institutes of Health of the Research Project, the entity, or personnel conducting the Research Project or any resulting commercial product(s). The United States Government assumes no liability except to the extent provided under the Federal Tort Claims Act (28 U.S.C. § 2671-2680).
- Recipient's Compliance with Institutional Requirements. Recipient acknowledges that access, if
provided, is for research that is approved by the Institution, which must be operating under an Office of Human Research Protections (OHRP)-approved Assurance. Furthermore, Recipient agrees to comply with all applicable NINR and NIH rules for the protection of human subjects, and other federal and state laws for the use of these data. Recipient agrees to report promptly to cdRNS/NINR Operations team and NINR Program staff any proposed change in the research project and any unanticipated problems involving risks to subjects or others. This DUC is made in addition to, and does not supersede, any of Recipient's institutional policies or any local, State, and/or Federal laws and regulations that provide additional protections for human subjects.
- Recipient’s Permission to Post Information Publicly. Recipient agrees to permit NINR and the NIH to summarize on the cdRNS Web site the Recipient’s research use of cdRNS Data Science Platform along with the Recipient’s name and organizational/institutional affiliation.
- Privacy Act Notification. In order to access the cdRNS Data Science Platform, the Recipient agrees to provide the information requested below.
The Recipient agrees that information collected from the Recipient, as part of the Data Access Request, may be made public in part or in whole for tracking and reporting purposes. This Privacy Act Notification is provided pursuant to Public Law 93-579, Privacy Act of 1974, 5 U.S.C. Section 552a. Authority for the collection of the information requested below from the recipient comes from the authorities regarding the establishment of the NIH, its general authority to conduct and fund research and to provide training assistance, and its general authority to maintain records in connection with these and its other functions (42 U.S.C. 203, 241, 289l-1 and 44 U.S.C. 3101), and Section 301 and 493 of the Public Health Service Act. These records will be maintained in accordance with the Privacy Act System of Record Notice 09- 25-0156 (http://oma.od.nih.gov/ms/privacy/pa-files/0156.htm) covering “Records of Participants in Programs and Respondents in Surveys Used to Evaluate Programs of the Public Health Service, HHS/PHS/NIH/OD.” The primary uses of this information are to document, track, and monitor and evaluate the use of the cdRNS Informatics datasets, as well as to notify interested recipients of updates, corrections or other changes to the database.
The Federal Privacy Act protects the confidentiality of the Recipient’s NINR and NIH records. NINR and the NIH and any sites that are provided access to the datasets will have access to the data collected from the Recipient for the purposes described above. In addition, the Act allows the release of some information in the Recipient’s records without his/her permission; for example, if it is required by members of Congress or other authorized individuals. The information requested is voluntary, but necessary for obtaining access to data.
- Security. Recipient acknowledges the expectations set forth by the attached “cdRNS Information Security Best Practices” for the use and security of data.
15. Annual Update. Recipients not funded by the NIH will provide to NINR-BRICS-OPS@mail.nih.gov an annual summary of research accomplishments from using cdRNS data science platform and an updated biographical sketch http://grants.nih.gov/grants/funding/2590/ biosketchsample.pdf or CV. Future access to cdRNS will be contingent upon receiving the annual update.
16. Amendments. Amendments to this DUC must be made in writing and signed by authorized representatives of all parties.
17. Termination. Either party may terminate this DUC without cause when provided 30 days written notice to the other party. Recipients agree to immediately report violations of cdRNS Policy to the cdRNS NINR Operations and NINR Program Officers. Additionally, NINR and NIH may terminate this agreement with 5 days written notice if the NINR and NIH determine, in their sole discretion, that the Recipient has committed a material breach of this DUC. NINR and NIH may, in their sole discretion, provide Recipient with 30 days’ notice to remedy a breach before termination. Upon termination of the DUC, use of the data must be discontinued. Closed accounts may be reactivated upon submission of an updated Data Science Platform Access Request and DUC.
18. One Year Term and Access Period. Accounts with active grants are valid for one year and will be renewed annually by the cdRNS operations team. This SA will terminate 180 days following project/grant end date. Accounts that remain inactive for 12 consecutive months may be closed at the discretion of NINR and NIH.
19. Accurate Representations. Recipient expressly certifies that the contents of any statements made or reflected in this document are truthful and accurate.
cdRNS Information Security Best Practices
The purpose of these Security Best Practices, which are subject to applicable law, is to provide minimum security standards and best practices for individuals who use cdRNS to submit, access, and analyze data. Keeping cdRNS information secure through these best practices is important. Subject to applicable law, Recipients agree to immediately report breaches of data confidentiality to the cdRNS NINR Operations and NINR Program Officers.
Best Practices
- Do not attempt to override technical or management controls to access data for which you have not been expressly authorized.
- Do not use your trusted position and access rights to exploit system controls or access data for any reason other than in the performance of the proposed research.
- Ensure that anyone directed to use the system has access to, and is aware of, cdRNS Information Security Best Practices and all existing policies and procedures relevant to the use of cdRNS, including but not limited to, the cdRNS policy at https://cdrns.nih.gov/policies
- Follow the cdRNS password policy which includes:
- Choose passwords of at least seven characters including at least three of the following types of characters: capital letters, lower case letters, numeric characters and other special characters.
- Change your passwords every six months.
- Protect your cdRNS password from access by other individuals—for example, store it electronically in a secure location.
- Notify cdRNS staff, as permitted by law, at NINR-BRICS-OPS@mail.nih.gov of security incidents, or any incidents of suspected fraud, waste or misuse of cdRNS or when access is no longer required.
Security Standards
- Protect the data, providing access solely to authorized researchers permitted access to such data by your institution or to others as required by law.
- When you download cdRNS data, download the data to a secured computer or server with strong password protection.
- For the computers hosting cdRNS data, ensure that they have the latest security patches and are running virus protection software.
- Make sure the data are not exposed to the Internet or posted to a website that may be discovered by Internet search engines such as Google or MSN.
- If you leave your office, close out of data files or lock your computer. Consider the installation of a timed screen saver with password protection.
- Avoid storing data on a laptop or other portable medium. If storing data on such a device, encrypt the data. Most operating systems have the ability to natively run an encrypted file system or encrypt portions of the file system. (Windows = EFS or Pointsec and Mac OSX = File Vault)
- When finished using the data, destroy the data or otherwise dispose of it properly, as permitted by law.