RDA Data Share Fellow Re-Introduction

15 Jun 2017

Hello RDA/NISO Privacy Implications of Research Data Sets Interest Group chairs,
To re-introduce myself, I am Sam Grabus, a 2017-2018 Data Share fellow. Thanks again for supporting my proposed project, which focuses on facilitating data sharing through the development of best practices for IRBs regarding data sharing and rights management metadata.
I attended the RDA Data Share orientation up in Troy, and began digging into some background reading to inform next steps. As a reminder, this was my proposed timeline for the project (though this is now a 1-year fellowship):
Progress so far:
Two gain an understanding of what has already been discussed and researched, I did a review of the existing literature regarding data sharing and IRBs. Two articles in particular were directly relevant. The first article discussed the results of a survey from 60 institutions about the handling of biomedical research data. Ambiguous or inconsistent IRB policies and practices regarding data protection makes data sharing challenging. The article is specific to biomedical samples/data, but it remains relevant for any human subject research data, and calls for interoperable policies regarding the secondary use of data. The second article, which is even more relevant, surveys 208 IRB professionals about their positions related to the sharing of genetic data. The survey found that there are inconsistent beliefs about the risks and repercussions involved with the re-identification of research participants. The article calls for regulatory measures or best practices to maintain consistency and avoid duplication of effort. Their recommendation also calls for regional or national IRB consortia to establish best practices, and discusses the need for understanding of researcher data sharing needs.
This is where I fit in:
This last article called for a greater understanding of researcher data sharing needs, and what better place to find out that information than data sharing agreements? For my work with the NSF Northeast Big Data Innovation Hub’s data sharing spoke, I am collecting and parsing attributes from as many data sharing licenses as I can obtain to determine commonalities among these requirements. So my next steps are to collect IRB protocols and find out what exactly they specify about data sharing and rights management metadata (if anything).
Next Steps:
I’m thinking I should do a little more follow-up reading to inform my research design. I know time will go quickly, however, so I need to think about how I might obtain my sample of IRB protocols. Currently, my thought process is to contact IRB officers, but I would be interested in advice that you might have on that, or suggested approaches for the endeavor.
Thank you for your time despite my long-windedness, and I look forward to hearing back from you about any ideas you may have!
Sam Grabus
Research Assistant, Metadata Research Center
PhD Student
College of Computing & Informatics
Drexel University
3141 Chestnut Street
Philadelphia, PA 19104
Tel: 410.262.3365 | ***@***.***

  • George Alter's picture

    Author: George Alter

    Date: 21 Jun, 2017

    Hi Sam,
    I think that it might be helpful for you to consider the limitations of IRB
    responsibility regarding data sharing.
    IRBs are responsible for protecting human subjects, and the Common Rule
    that created them (45 CFR 46) was not intended to promote data sharing.
    Some of the recent revisions to the Common Rule were intended in part to
    make it easier to share certain kinds of data, but IRBs are still not
    responsible for encouraging researchers to share data.
    IRBs do not have primary responsibility for the data use agreements (DUAs)
    that govern sharing of confidential data. If information about human
    subjects is involved, IRBs should approve the provisions in the DUA, but
    IRBs do not have authority to sign such agreements. DUAs are legal
    agreements, and they are negotiated and signed by university lawyers not by
    On one side, most data created at a university belong to the university not
    the PI. Any data created under a grant or contract belong to the
    university because the university is the "grantee" not the PI. PIs are
    considered stewards of any data they create, and university policies differ
    in how much authority the PI has to dispose of the data. Consequently, any
    data released under a DUA requires the explicit or implicit approval of the
    university, which is only available from a designated university official
    like a general counsel or research officer.
    On the other side, most universities will not allow individuals to sign
    DUAs to receive confidential research data, like genetic data. As Director
    of ICPSR, I was involved in many negotiations with other universities over
    DUAs. ICPSR DUAs are written to be signed by both a researcher and a
    designated representative of the researcher's university. It is not
    uncommon for the university official to delete the signature of the
    researcher from the DUA, so that only the university signs the agreement.
    IRBs play a very minor role in approving DUAs for receiving confidential
    data. In my opinion, IRBs should be responsible for assuring that
    researchers manage confidential data in a responsible way, but IRBs are
    often not interested at all in data created somewhere else.
    If you really want to understand how confidential data are shared, you need
    to look at the role of university lawyers, who play a much larger role in
    the process than IRBs.
    There are a couple sources that you may find useful:
    1. Lisa Neidert has done a comparison of a number of DUAs used for social
    science data:
    2. The Databrary Project (https://nyu.databrary.org/) has created a very
    interesting comprehensive approach to data sharing, in which they get
    universities to agree to sign a standard agreement covering informed
    consent, data sharing, and data use.
    3. The National Academy of Sciences has done a series of reports about
    sharing confidential data. The volume that responded to proposed changes
    to the Common Rule has a lot of information about how the process actually
    works in the social sciences. (National Research Council. 2014. Proposed
    Revisions to the Common Rule for the Protection of Human Subjects in the
    Behavioral and Social Sciences. Washington, DC: The National Academies
    Press. doi:https://doi.org/10.17226/18614.) In the end, HHS did not adopt
    most of the proposals that they considered.
    4. The Cancer Biomedical Informatics Grid (caBIG) developed a tool for
    writing data use agreements. caBIG ended a few years ago, and I could not
    find the tool online. But you may find it somewhere.
    George Alter
    ** Feb.-June. 2017 Visiting Fellow at Australia National University
    Research Professor, ICPSR
    Professor of History, University of Michigan
    PO Box 1248, Ann Arbor, MI 48106-1248
    Tel: 734-478-0783 Fax: 734-647-8200
    Email: ***@***.***

submit a comment