This information is over 2 years old. Information was current at time of publication.

Sharing Genomic Data: An Overview of NIH Policy

Does your research do all of the following?

  • Generate genomic data, either human or non-human.
  • Produce “large-scale” data, i.e., genome-wide association studies (GWAS), single nucleotide polymorphism (SNP) arrays, genome sequence, transcriptomic, epigenomic, and/or gene expression data.
  • Receive funding by the National Institutes of Health (NIH), either intramural, contract, or grant-based.

If so, NIH policy now requires you to share your data. To learn more, keep reading.

In effect as of the January 25, 2015, NIH grant application receipt date, the Genomic Data Sharing (GDS) Policy “describes the responsibilities of investigators and institutions for the submission of human and non-human genomic data to data repositories and the secondary research use of such data as well as expectations regarding intellectual property.” Also taken into account are human data privacy/protection concerns and responsible data stewardship. Information on IRB considerations and policy oversight is available, as well as FAQs and links to related resources.

Expectations are that data will be submitted to an NIH-designated data repository, including but not limited to dbSNP, dbVar, FlyBase, GenBank, GEO, or MGI. The GDS Web site has more examples and links to the databases. Further expectations on the scope of the policy, including specific data types, processing level, and timeline of data release may be found in the Supplemental Information to the NIH Genomic Data Sharing Policy.

A statement released on April 6, 2015, announced the NIH position on the use of cloud computing services for the storage and analysis of controlled-access data, subject to the GDS Policy. In summary, investigators are allowed to request permission to transfer controlled-access data from NIH-designated data repositories (e.g., dbGaP, the database of Genotypes and Phenotypes) to public or private cloud systems for data analysis and storage. It is critical to point out that data security is the responsibility of the investigator/institution, not the cloud provider. The NIH has provided guidelines on security best practices to assist PIs, institutional signing officials, and IT staff with proper implementation.

Please refer to the GDS Web site for complete details on the GDS Policy.

~ Carrie Iwema