Skip to main content

Research Data Management for the Health Sciences: Policies and Compliance

Research data is becoming increasingly important. This Medical Library guide will introduce you to research data management skills, and connect you to relevant services and resources across the Yale Campus.

Policies Related to Research Data

There are various policies you should be aware of as you collect, store, share, and retain your research data. This page groups these policies topically and contains information on policies related to:

  • Data security
  • Data sharing
  • Human subjects research data policies
  • Data retention

Data Security

Much of the data generated during health science research is considered "High Risk" by Yale's Data Classification Policy.

Examples of High Risk data:

  • Personally identifiable patient and human subject information
  • Social security, driver's license, and passport numbers
  • Information pertaining to animal research protocols and researchers 
  • Databases or file servers containing personally identifiable patient or human subject data

Consult this table to determine whether or not the software you are using in your research is compliant with Yale's data classification policy.

Funder Data Sharing Policies

Data sharing policies are typically required at the funding level agency level to promote the sharing of future research to:

  • Verify research outcomes
  • Provide datasets to support or enhance future research   
  NIH Data Sharing Policy NSF Data Sharing Policy
Policy Summary Investigators are expected to submit a data sharing plan with their grant application or to indicate why data sharing is not possible. Investigators are expected to share with other researchers, at no more than incremental cost and within a reasonable time, the research data created or gathered in the course of work under NSF grants.
Applicability Investigators seeking more than $500k in direct support in any given year, starting October 1, 2003. All proposals submitted or due on or after January 18, 2011.
Guidance NIH Sharing Policies and Related Guidance on NIH-Funded Research Resources Dissemination and Sharing of Research Results
Mandated Repository NIH Sharing Policies and Related Guidance on NIH-Funded Research Resources Dissemination and Sharing of Research Results

 

Human Subjects Research Data Policies

HIPAA Policies, Procedures, and Forms

  • 5039. Use and Disclosure of De-Identified Information and of Limited Data Sets
  • 5040. Uses and Disclosures of Genetic Information for Underwriting Purposes
  • 5100. Electronic Protected Health Information (ePHI) Security Compliance: HIPAA Security Anchor Policy

IRB Policies, Procedures, Guidance, and Checklists

  • 420. Data and Safety Monitoring
  • 440. Data and Biological Specimens in Human Research
  • 445. Use of Stored Data and Biological Specimens in Human Research

Data Retention Policies

Standards for data retention policies are derived from OMB Circular A-110, "Uniform Administrative Requirements for Grants and Agreements with Institutions of Higher Education, Hospitals, and Other Non-Profit Organizations," under section 53, "Retention and access requirements for records."

  Yale Research Data and Materials Policy NIH Data Retention Policy NSF Data Retention Policy
Policy Research Data and Materials Policy - Retention 6001.2 NIH Grants Policy Statement 8.4.2 Grant Administration F. Records Retention and Audit
Length of Retention

3 years after publication of the findings

or

Until all required final reports for the project have been submitted to the sponsor

 3 years from the date the annual Federal Financial Report is submitted 3 years from the submission of the Final Project Report
Applicability All Yale faculty, staff, post-doctoral appointees, trainees, and students All recipients of research funding through NIH All recipients of research funding through NSF