DMS Webinar II Q & A

Q: It was stated previously that grants are not going to get larger; additional funds would not be available to support data management and sharing efforts. But there's been some uncertainty about this.

A:  Briefly, there may be   two questions here, one about refunding generally and one   about budget caps. First, I think the agency already provides many resources to support data management and sharing included in the form of   repositories and tools, sometimes things like specific funding announcements to support data sharing for certain types of research.  We certainly plan to continue doing that.  We will be assessing data management and sharing costs going forward to determine the appropriate level of resources that will be needed in the future.

 Some of that is being looked at as we move forward with the data sharing resource plans and looking into all of the costs that we expect to have. We currently do not have budget caps, we are looking into that internally, and we'll certainly send that out to the community as soon as we have more information on anything related to the cost or the budget.

Q:  In element six of the data management and sharing plans, called oversight of data management and sharing, who is expected to   oversee this plan?  Is it   internal folks on the research team? Is it an external party?

A: In the last element of the recommended elements of the DMS plan, there's a section for oversight of data management and sharing. And in that, we've asked applicants to indicate how compliance with the plans will be monitored and managed, the frequency and oversight and by whom, such as titles and roles. The DMS policy does not set specific parameters on who this role should be within an organization. So there is some flexibility for institutions to determine who should fulfill this role for their projects and who are best situated to do that.

Q: Regarding costs for data storage:  will NIH be developing any   central depository like PubMed for data?

A: NIH already has a pretty robust ecosystem of repositories just that are managed within the agency. This is growing over time as well ... there are some resources available on the website to help locate some of those ... particularly ones that the NIH   operates and manages, and of course, there are many more that NIH does not. There are many, and so I don't think there's necessarily going to be a   central resource, since some of these are pretty specialized resources. But I think there may be more   efforts in that   inter-operability and findability across the existing resources as well as building out capacity.

Q: If consent was not obtained at all, or if consent was obtained but did not include consent for sharing beyond the research team?

A:  I think it's important also to differentiate here between the data management and sharing policy and the genomic data sharing policy that we talked about since the GDS policy has fairly specific expectations for consent and what's expected to be in that, and how it will be obtained. The data management and sharing policy, by contrast, does not set specific consent expectations. And it would not necessarily prohibit sharing of data that are obtained under a waiver of consent.

 It also doesn't set expectations for what type of consent should be obtained, but it does strongly encourage that people will obtain informed consent for future research use and sharing of their scientific data, and also really encourages in the supplemental information that institutions really should develop robust consent practices that address data sharing and to plan for consent while they're developing their data management and sharing plans. We've also indicated in the policy and in the frequently asked questions, that limitations in consent, either prospectively obtained or from existing informed consent can be, potentially justifiable reasons for limiting sharing of scientific data. And last, we did release a resource earlier this year that's intended to help develop informed consent as it relates to data sharing that includes things like, suggested language, and points to consider when you're developing consent resources.

Q:  How can folks reconcile data sharing with confidentiality? We know those can be at odds. So, for example, proprietary constructs that cannot be shared with the public, or disclosure of proprietary reagents.

Taunton, we'll start with you again. Taunton Paine: Sure.

A:  we've addressed this to some extent during the webinar itself, and we talked about proprietary consideration that can emerge in certain kinds of research, I think particularly when there are research partnerships, or in the form of things like agreements that would be needed to obtain materials used in research that may impose limitations on subsequent use of data. In general, I think   any limitations would need to be disclosed in plans, and that those plans would be assessed by an NIH program staff. Because of the specific aspect of this question talking about proprietary reagents, I do want to also make you aware of the NIH research resource policy and the NIH model organism policy, both of which are also described on the website. And those also apply to   physical objects and have certain expectations in there related to the management of intellectual property and proprietary considerations. I do want to also reinforce that the data management sharing policy does not apply to physical objects. And so I think, it may be important to consult both of those policies as well.

Q: Regarding about how the data sharing requirements apply to research data that do not meet the Common Rule definition of human subjects ...  but do involve data derived from human participants.

A:   The policy applies to research that is subject to the Common Rule, as well as research that is not subject to the Common Rule. In some cases scientific data could potentially meet the definition of identifiable private information and the use of it might be considered human subjects research under the Common Rule, but it would also apply in cases where it might not meet that definition and might not be subject to the Common Rule. And so the supplemental information for protecting privacy while sharing human research participant data that we went through in some detail in the webinar, is intended to address both situations, both for data that have been derived from human research participants, regardless of whether it's technically subject to the Common Rule or not, so there are a number of specific considerations in there that I think would be relevant in this situation.

Q:  IRB review is not required at the submission of grant proposals.  So what if the IRB doesn't agree with what was proposed in the DMS plan? Should folks be considering modifying?

A:  The policy allows for the DMS plan to be revised for a number of reasons and one of those reasons can certainly be issues raised and determinations made by the IRB. So researchers would need to revise their DMS plan and then discuss those revisions with program staff who would then be designated with reviewing and approving the plan.

Q:  When submitting an institutional certification under the GDS policy, can the institutional certification be updated as a result of changes that occur throughout the course of a research project?

A:  So the institute certifications, which unlike DMS plans are submitted - the institution's reasons are submitted just in time, the DMS plans are submitted at the time of application - the institutional certification is explicitly designed to reflect institutional review. So if there is a reason for that document to be changed, investigators should also make sure that there's alignment between the data management and sharing plan and the content of the institutional certification, and they should align. And so both would need to be updated as needed if changes are made, and then reviewed by NIH staff.

Q:  Do Human participants have the right to opt out of broad sharing? And if they object to what is proposed in the consent, does that mean that they should not be recruited for the study?

A:  The DMS policy does not require that consent be obtained in any particular way, such as through broad consent. And I think it's really important for us to   acknowledge that research needs to include populations that are crucial to meet scientific objectives. And that's really a concept that's behind some of the supplemental information that we've provided as well. We've noted that limitations on sharing stemming from informed consent are potentially justifiable reasons for limiting sharing of data.

Q:  Regarding agreements and transferring data.  Who should be involved in these agreements? Is it every individual who might be given the data?  Is it when a public paper is published.

A:  I want caveat my answer by saying that I think it would be potentially fairly context specific, in terms of what the transfer   is and who it's between. But in general, the points that I think we've made in the supplemental information for protecting research participant privacy, where we talk about agreements that should cover the transfer of data. We don't recommend a specific individual or institutional components that would necessarily fill that role, but we do introduce the distinction between agreements for submitting data to repositories and agreements for obtaining data from repositories, and that agreements would generally be warranted in both situations. So certain parties would be the researcher and the actual data repository. And when data are shared between researchers,in that case, agreements would also be valuable there too.

Q:  Regarding data management and sharing plans, and the format of them. Is the format page a requirement, or are other formats allowed?

A:   NIH has published a format page, which is an optional, recommended way to format the information that we're looking for that the elements of a DMS plan. That is not required. So there may be other ways to represent the information as long as it does cover all the elements, and that will be accepted. But if you're looking for somewhere to start, especially for folks where this is new to you writing such a plan, then you might want to take a look at the format page, it just steps you through the elements of a DMS plan to make sure that you are not forgetting anything, because we do need that information so that those plans can be assessed appropriately.

Q:  When thinking about the requirement to make all data publicly available by the end of the award, how is the end of the award defined?  Is it the original end date? Does it include any data that are resulting in a period of no-cost extension?

A:  The definition for the end of the award or the performance period, that would change if you do receive a no-cost extension, for example, or a competitive renewal. And so it is the end of the project period. In case of a no-cost extension, that's your date by which if you haven't shared data already, and that's another thing to keep in mind, you shouldn't be holding things back to the end of your award, data should be made accessible as soon as possible. So if your data underlie results in publications, then that should be shared at the time of publication. But for other things that do meet the definition of scientific data, if you have findings that have not been published, then those would need to be shared no later than the end of award, and that is the specific question here, what exactly is that date? And that would include any no-cost extensions there. And then just to reiterate another point, if you do have a competitive renewal of a project, you need to look at whether you were able to complete what you anticipated in your original approved plan and update that as necessary

Q:  Regarding de-identification required in order to share the data?

A:  The Common Rule, the HIPAA Privacy Rule, these might all apply to your research and might set certain expectations, and we would expect you to continue to follow them. In the supplemental information for best practices, which we would expect you to follow as well as those laws and regulations, we've addressed the issue of de-identification by  recommending that data be de-identified to the greatest extent possible using the actual regulatory standard stated in the Common Rule and in the HIPAA Privacy Rule. This is not a requirement, but it is a recommendation, and we do acknowledge that there may be some cases where it may be appropriate to share certain kinds of information that may be  potentially identifiable. But I think the two key considerations there that we've talked about in that supplemental information in those cases are that if there's actual explicit consent to do so, and if you've   complied with all other regulatory and policy expectations that might be in place.

Q: Are these resources only applicable to American Indian/Alaska native?  Or does it apply to anyone where a participant   selects or self-identifies as an American Indian or Alaska native?

A:  So the supplemental information that we talked about earlier today really focuses on when you're working with sovereign tribal nations, but I think we had acknowledged in it that there may be aspects of it that I think are quite relevant for when you're working with other groups and other indigenous communities as well. And so they may not all have necessarily the same expectations when it comes to things like tribal laws, but they may be relevant in those cases, too.

Q: It was mentioned that the DMS plans are not reviewed by the scientific review panel, but rather by NIH program officers. Does this imply that there will be a scientific score and then separately a review of the DMS plans? How does that work?

A: This will be different than what happens now with resource sharing plans, this will be a new part of the application for these data management and sharing plans. And we did clarify this recently in a guide notice, it should be included in the resource deck, but I can sum up what we've said in there. And that is that the plans are assessed by NIH program staf but not peer reviewers. And the program staff will be looking at these plans to make sure that the elements have been adequately addressed and look at the reasonableness of those responses given this specific type of science that is being proposed. This is all within the context of the research project. And during peer review, the peer reviewers are not looking at the plans, they are looking at the budget that is being requested. And when NIH will be putting out comprehensive application instructions this fall, and so you'll see in there exactly what information you should be putting in the budget section. And that budget aspect of data management and sharing is what peer reviewers will be looking at, but the plan itself will be assessed by NIH program staff.

Q:  Clinical trial data is often not fully de-identified. The question is, should all clinical data be shared under controlled access?

A: I think in the supplemental information for protecting privacy, we indicated a couple of different factors that researchers and institutions can consider when they are determining whether to share data through controlled access or through unrestricted access. So these include, if you're considering to share it through controlled access, whether there might be specific limitations that stem from things like informed consent or from laws that would need to be followed that might impose restrictions on subsequent use, as well as things like whether there are privacy risks or privacy concerns that really can't be mitigated by applying   relevant de-identification techniques or even things like certificates of confidentiality. On the other hand, we've also given people some factors to consider in terms of whether things should be made available through unrestricted access, which would include things like whether people have explicitly consented to doing so. And I think a more specific consideration of the level of risk that would be involved in doing so.

Q: Regarding DMS plans when the data use is already controlled by a pre-existing data use agreement, for example, secondary data from some large Ministry of Health datasets, for example.

A: In those cases, the policy has a number of different pieces that relate to this. So, first off the policy would not necessarily expect that researchers that are doing secondary data, or a secondary research that involves analysis of primary data that have already been shared in some way, would not be expected to share those data again, particularly things that are   made available through things like government repositories.   I've seen some other questions in the chat about things like CMS data, these are not things that we would expect, to be shared again. There's also an important consideration her that sometimes secondary research can generate things that would be considered scientific data, and that the policy would normally expect those to be shared as well. But again, in many cases, when you're accessing data, there can be agreements that may be necessary in order to enter into to get access to the data and to do the research in the first place, that may impose, restrictions on how things like derived data, can be shared. And I think the policy has been pretty clear that that's something that we would generally consider to be potentially justifiable as a limitation in sharing, but we would also expect those kinds of things to be disclosed in plans.

Q: Their are some concerns about researchers being scooped by sharing their data ... we definitely recognize those concerns. How does NIH plan to address this?

A:  I guess the main message is that we would really liketo see some prospective planning, and that thinking this through at the beginning and thinking about your timelines for when your data will be generated when you expect to complete your analysis published ideally, and that we do - yes, so if you do publish your research, then that would occur before the end of your award. And anything that hasn't been shared at that point, the last opportunity would be by the end of your award. And in terms of compliance, that is really the last date.  And so we do understand, we certainly are hearing  concerns about how you can make sure to do what you need to with your data, but we don't really have any new solution now. Regarding compliance, we're going to have more information on how the compliance piece is going to work in the future, and we'll be communicating that out.  It was also mentioned the possibility of the utilizing no-cost extension mechanisms to accommodate some of those concerns. And that is something that our policy colleagues are looking into to make sure that we can address that as part of any compliance guidance.

Q.  What accountability measures are in place for ensuring that what people say they're going to do in their plan happens, similarly, for ensuring that folks who access the data are doing so responsibly?

A: In terms of accountability for making sure that award recipients do what they said they would in their approved plan, again, just coming back to that prospective planning, that we want to make sure that you're thinking through the right way to do this for your particular project, and are providing those details at the beginning, so there can be a shared understanding between the research team as well as the NIH, who's overseeing your award and in terms of what to expect here. So ideally, there'll be perhaps fewer surprises at the end, because how things should go. In terms of compliance monitoring what is happening in terms of carrying out your plans, we will be updating the RPPR questions to ask about that progress. And this will be the chance for NIH staff to take a look at where you are, and if you are where you thought you would be when you put in your initial plan. And if there are issues at that time, then in general, working together to try and bring you back into compliance, if there are any issues, identifying those and dealing with those. The goal is to make sure that scientific data are useful, and if there are any issues impacting that, then we want to make sure that that can occur. 

As we pointed out earlier, we are still coming up with those compliance monitoring processes. But in essence, we'll be asking the award recipients to report on what they've done at regular intervals and making sure that that is done before the end of the project. Also, from a systems perspective, we are going to be updating our notice of award templates to be able to accommodate incorporation of the data management and sharing plans as part of the terms and conditions of Award, as well as our funding opportunity announcement templates to incorporate that information as well.  It will be part of the terms and conditions of award regarding the plan that is approved by NIH staff.

Q: Is there a help desk or other resources if there are questions about the DMS policy?

A:  It has been mentioned extensively that we have this NIH scientific data sharing site. This is really going to be a great place to start and look for resources. We're continually adding pieces to it. There is an email box And that is a great place to put some questions if you're not already finding the answer with the information that we've provided. We also have a learning page on our site. It's in the "About" section. And this is where you'll find all of the webinar resources, like the recordings and the resource slides and other useful pieces of information for folks to grab and go.

I did want to mention that on the news and events part of the sharing website, we   have a section for latest news upcoming and past events. And there is a way to sign up to get notified anytime a new news item or a new event is posted. To be notified when new information is coming out ...  Go to our news and events and select that you'd like to be notified. So that'll send you a quick email anytime that we post anything here.  Every time we add a resource to the website, we're add a little news item in the newsfeed so you can - so you can see the changes that have been made. In addition to this news and events page, we've got a number of blogs to keep folks in the loop, our social media channels, a number of listservs, if you're not already on all these listservs, please do get on them. They're a great way to stay informed