Request for Use of De-Identified Data
Generally a data sharing agreement is needed when sharing non-public data with individuals or groups who are not named in the research protocol. Consent agreements must be reviewed to ensure participants have been informed about future use and sharing data. Data sharing agreements can and should address methods for sharing and protecting data. Data sharing agreements may also address regulatory requirements unique to data originating in particular sites (e.g., data from European sources which may be covered by GDPR regulations).
While often data sharing occurs through research protocol provisions, sharing outside of the purpose of the protocol may require additional agreements. Sharing PHI requires a HIPAA Business Associates Agreement. Please contact the NYSPI HIPAA Security Official with questions or to initiate those process.
If you are required to share research data with NIMH, carefully review the NYSPI NIMH NDAR Data Sharing Standard PRIOR to data design and project implementation, to ensure requirements are addressed prior to data collection. Questions regarding this standard should be directed to psyIT or the NYSPI IRB.