Data Management: Data sharing

When considering who owns the data produced by research, it's important to consider the circumstances under which the data was produced

• University/Industry Partnership - when accepting money from a private company, it's important to determine issues of data ownership upfront
• Government Funded Research - research support is usually awarded to an institution and not an individual.  Therefore institutions have a lot of responsibilities in the areas of regulatory compliance, monitoring budgets, etc.  Any individual doing grant-funded research shouldn't automatically assume their data belongs to them if they move to another institution.
• Grant vs Contract - researchers who receive funding need to be sure whether their funding is considered a grant, meaning the research must be performed as described in the grant application with the resulting data being controlled by the institution.  If the funding is in the form of a contract, then the research may be owned by the funding agency.

NIU (n.d.) Responsible Conduct in Data Management: Data Ownership. https://www.niu.edu/rcrportal/datamanagement/dotopic.html 

HHS-ORI (n.d.) Data Ownership. https://ori.hhs.gov/content/Chapter-6-Data-Management-Practices-Data-ownership

• As is the case when using information from a published journal article or book, it's important to give proper attribution to the creators of datasets that you use.
• A data citation should include the following elements:
  • Creator of the data
  • Title of the dataset
  • Date the data was published
  • Version of the data being cited
  • Name of the archive where the data was found
  • URL of the dataset within that archive
• Example of a data citation in APA format
  • Green, L.W. (2020) May 2020 ocean temperature conversions (ICPSR, Version 2.3) [Data set]. ICPSR. https://doi.org/10.37892/ICPSR49239.v1

Lamar Soutter Library (n.d.) Data Sharing & Reuse Policies. https://library.umassmed.edu/resources/necdmc/modules

GW Policy on Regulated Information

The GW Office of Ethics, Compliance, and Privacy defines 'regulated information' as "...information that is protected by local, national, or international statute or regulation mandating certain restrictions. For example, student academic and financial records are regulated by the Family Educational Rights and Privacy Act (FERPA) and certain personal health information is regulated by the Health Insurance Portability and Accountability Act (HIPAA)...." 

In their 'Policy Statement' on information security, GW's Office of Ethics, Compliance, and Privacy defines the responsibilities that authorized individuals, schools, and divisions have to secure and protect 'non-public' information (a designation which includes 'regulated information').  

Data Use Agreements (DUAs)

However, it is possible to share regulated information with non-GW entities, by means of a Data Use Agreement (DUA) - here are some common characteristics of DUAs

• DUAs allow for sharing of limited data sets (data sets stripped of all direct personal identifiers)
• DUAs limit who can view/use the shared data
• DUAs describe a specified purpose for which the data may be used
• DUAs dictate appropriate measures that the recipient will need to take in order to safeguard the information

To learn more about GW's policies regarding DUAs, see the Office of the Vice President of Research's (OVPR) Research Integrity - Date Use Agreements page.  Since all DUAs must be reviewed and approved by GW's Office of Research Integrity, interested individuals should submit a DUA Intake Form to get the process going. 

GW Office of Ethics, Compliance, and Privacy (2018) Information Security - Policy Statement. https://compliance.gwu.edu/information-security