How can I be compliant with NIH Genomic Data Sharing (GDS) policy?
NewThe NIH has issued an implementation update for data management and access practices under the Genomic Data Sharing (GDS) Policy (see Guide Notice RCNOT-OD-24-157NIH Genomic Data Sharing Policy to promote responsible data management and access RC NOT-OD-24-157 NIH Genomic Data Sharing Policy to promote responsible data management and accessNOT-OD-24-157 ). This introduces updated security standards for Approved Users of controlled-access data shared under the NIH GDS Policy ( RCNOT-OD-14-124NIH final Genomic Data Sharing Policy RC NOT-OD-14-124 NIH final Genomic Data Sharing PolicyNOT-OD-14-124 ) and for repositories and/or systems storing or providing access to these data. (FAQs) The updates took effect on January 25, 2025, and apply only to new projects started after that date and recompetes of continuing projects.
A list of controlled-access data repositories relevant to this implementation update can be found on the RCNIH siteInfo about NIH's scientific data management & sharing policies & repositories RC NIH site Info about NIH's scientific data management & sharing policies & repositoriesNIH site .
The implementation update requires PIs working with data received from these repositories to attest to NIH that the system storing their project’s human genomic data is compliant with NIST SP 800-171.
Indiana University’s system administrators and cybersecurity experts ensure that designated systems meet the requirements specified in NOT-OD-24-157. Approved data users at IU are responsible for working with the appropriate UITS support and research contracting personnel to manage the data appropriately.