1.0 Policy Purpose
The purpose of this Policy is to establish the expectations of Brown University (“Brown” or “University”) with respect to the management, sharing, and retention of Research Data and Research Materials for projects conducted at the University, or with University resources, monetary or otherwise. As sponsors’ and publishers’ expectations of data sharing continue to evolve, so too must Brown researchers’ practices and commitment to ensuring transparency and replicability of research findings. As recipients of sponsored awards and stewards of public trust, Brown, its researchers, and other Brown personnel have responsibilities and rights concerning access, use, sharing, and maintenance of Research Data. Ultimately, any Research Data and Research Materials generated Brown researchers using University resources are owned by and therefore the responsibility of the University.
2.0 To Whom the Policy Applies
This policy applies to all members of the Brown community including, but not limited to, faculty, staff, students, visiting scholars, and postdoctoral fellows, and any other persons at Brown involved in the creation, acquisition, access, use, management, sharing, retention, and destruction of Research Data and Research Materials at or on behalf of Brown; and
Regardless of the source of support for the research project/activity and therefore does not distinguish between funded and unfunded efforts, except where specific sponsor requirements prevail.
3.0 Policy Statement
Brown maintains a steadfast commitment to supporting the academic freedom of its research community. This includes researchers’ rights and responsibilities to determine the direction of their research and scholarly work and dissemination of their findings. Brown researchers are expected to pursue their work in accordance with Brown policies, ethical standards, award terms and conditions, and any additional requirements set forth in applicable agreements (e.g., Non-disclosure or Confidentiality Agreements, Data Use Agreements, etc.) that govern the retention and responsible use and disclosure of Research Data and Research Materials.
Collection and generation of Research Data are integral aspects of research activity at Brown. These data serve several purposes: to provide a record of the investigation, to form the basis from which conclusions are drawn, to enable the reconstruction of procedures and protocols, and to allow for the replication of the work. Research data management practices at Brown are expected to uphold the University’s promotion of integrity in the scholarly process, and therefore should ensure open and timely access to and sharing of Research Data. Appropriate maintenance of, access to, sharing of, and retention of Research Data are critical to assuring compliance with legal and regulatory requirements governing the conduct of research, the accuracy or authenticity of data, the primacy of findings, and the reproducibility of results.
The Vice President for Research (VPR) has final authority for compliance with this Policy and is responsible for its implementation. Consistent with this responsibility, the VPR has delegated authority to the Office of Research Integrity (ORI) to serve as the subject matter expert and contact for questions about interpretation and implementation of this Policy.
3.2 Ownership of Research Data and Research Materials
Brown maintains ownership of Research Data and Research Materials for projects conducted at the University, under the auspices of the University, or otherwise with University resources. Brown ownership applies in all cases except where explicitly precluded by the specific terms of sponsorship or other agreement.
When they leave Brown, Principal Investigators (PIs) have the right to access and in most cases may take copies of Research Data that they generated while at Brown. Other co-investigators involved in the creation of Research Data may access and take copies of Research Data for projects, or the portions of projects, on which they have worked. Students and postdoctoral trainees must receive permission from their PIs before making copies of any Research Data they generated while at Brown before leaving the University and are expected to make such copies prior to leaving Brown. All researchers must comply with the Brown University Data Use Agreement Guidance for Researchers, including the requirements for outgoing Data Use Agreements (DUAs). Brown researchers are encouraged to contact the Brown University Library for assistance to generate high-quality copies of physical Research Data.
Physical laboratory notebooks may not be taken from Brown by any party departing the University except in exceptional circumstances approved in writing by the VPR. In the case of Electronic Lab Notebooks (ELNs), the departing laboratory member must transfer ownership of the ELN to the PI. The PI is responsible for ensuring that access to the ELN by the departing laboratory member is discontinued on the last day of the laboratory member’s appointment or employment. The departing laboratory member is permitted to make a copy of the ELN; the original must remain at Brown.
Access to Research Materials may be restricted or otherwise limited; nonetheless, the University remains committed to providing appropriate access to Research Materials as needed to further work initiated at the University.
3.3 Stewardship of Research Data
Proper data stewardship is expected of all Brown researchers and personnel. Responsibilities are detailed below.
3.3.1 Data Users
PIs and other researchers or personnel who create, access, maintain, or store Research Data and Research Materials are accountable as Data Users. Ultimately, the PI of the research retains primary responsibility to the University for the stewardship of Research Data and Research Materials, while the University is responsible to the research sponsor.
All Brown researchers and other personnel that have access to Research Data and Research Materials are responsible for the following:
- Collecting, recording, managing, retaining, and sharing Research Data and Research Materials in accordance with the terms and conditions of sponsored awards, Brown University policies, and any other legal requirements;
- Ensuring the retention of original Research Data and Research Materials as set forth in this Policy;
- Abiding by any licenses, terms, or conditions set forth by third parties that retain ownership of data used in research; and
- Maintaining the confidentiality and ensuring appropriate protection of Research Data, particularly human subject Research Data, in accordance with established protocols.
3.3.2 Brown University
As the recipient of sponsored awards and in furtherance of its commitment to free inquiry, Brown is responsible for the following:
- Protecting the rights of Brown researchers as provided in this Policy, including their rights to academic freedom, rights to access data from research in which they participated, and rights to take copies of data when they leave the University;
- Developing and implementing policies, guidance, and processes to ensure compliance with sponsor terms and conditions and other applicable legal requirements, including processes for investigating allegations of research misconduct and other University compliance reviews that may necessitate sequestration of, analysis of, or access to Research Data and Research Materials; and
- Supporting University systems to ensure Brown researchers are able to maintain Research Data and Research Materials in secure computing and physical environments.
3.4 Data Security
Ensuring appropriate protection of Research Data and Research Materials is a fundamental responsibility of all members of the Brown research community and others who may have access to Research Data and Research Materials. In some instances, the obligation to protect access to Research Data is rooted in a commitment to integrity (i.e., not breaching the trust of collaborators when results are not yet published), whereas on other occasions ensuring the security of Research Data is governed by commitments made to human subjects, other data providers or data sources (through contracts and agreements), or federal laws and regulations (i.e., export control laws). Brown’s Computing and Information Services (CIS) has established a risk-based approach to categorizing data at Brown, including Research Data, as described in its standards based on risk classification.
3.4.1 Data Users
Researchers have the following responsibilities for data security:
- Identifying and complying with confidentiality and data security obligations based on laws, regulations, policies, and binding commitments, such as informed consent documents, Data Use Agreements, and any other binding written agreements governing security and/or confidentiality of the Research Data or Research Materials;
- Identifying the appropriate risk level for the Research Data in accordance with the CIS Data Risk Classifications; and
- Ensuring the security controls commensurate with the data risk levels are implemented.
Note: CIS is available to assist researchers with self-classification and can be contacted at [email protected].
3.4.2 Brown University
Brown University has the following responsibilities for data security:
- Establishing and maintaining an audit and assurance framework for identifying and managing risk associated with the collection, storage, and destruction of Research Data;
- Establishing and maintaining minimum security standards describing controls (i.e., mechanisms, rules, and procedures) necessary to help ensure compliance with framework;
- Providing expertise, consultation, and education on data security best practices; and
- Supporting the installation and management of infrastructure enabling research.
3.5 Sharing Research Data and Research Materials
Increasingly, academic societies, publishers, and funders are requiring that protocols, data sets, metadata, and code underlying researchers’ published results be retained and preserved, their locations be cited within publications, and they be shared with other researchers and the public online. Brown encourages the responsible sharing of Research Data in accordance with its mission and in furtherance of its commitment to transparency, accountability, and reproducibility in research.
When sharing Research Data or Research Materials, researchers must follow established University procedures to ensure stipulations regarding re-use of the Research Data or Research Materials are documented. In some instances, sharing data external to Brown may require a Data Use Agreement, whereas sharing of Research Materials may necessitate execution of a Material Transfer Agreement.
Brown recommends that researchers submit data to an established digital archive or repository whenever possible and offers the Brown Digital Repository (BDR) as an option to meet researchers’ needs for retaining digital copies of their data and laboratory notebooks and/or as a complementary option for local access to data deposited in external or national repositories. The deposits in the BDR endeavor to align with FAIR Principles (Findable, Accessible, Interoperable, Reusable) for making data machine-actionable. While personal or lab websites, ELNs, wikis, and similar tools may be sufficient for the short term, Brown does not recommend them as long-term data retention or sharing solutions.
3.5.1 Private and Confidential Research Data
Researchers may have ethical or legal obligations to maintain confidentiality of data and to protect the privacy of research subjects, or may have other circumstances requiring restricted access to data, such as licensing restrictions that prohibit data sharing. Data may also be part of a research project with commercialization potential, and a delay in data sharing may be critical to preserving patentability. Both sponsors and journals recognize that there are legitimate circumstances under which an investigator can share only aggregate data that are anonymized or de-identified, as well as circumstances under which an investigator cannot publicly share data, such as when sharing is limited to qualified researchers, as defined and determined by a sponsor’s Data Use Committee or equivalent body, via a virtual or physical data enclave.
Research Data and Research Materials that are subject to a Technology Control Plan or other export control or security restrictions must be maintained in accordance with written agreements governing their use and only shared if/as set forth in such agreements.
3.5.2 Data Users
Researchers have the following responsibilities with respect to data sharing:
- Ensuring that their plans for data retention and sharing as outlined in applications to sponsors are actionable and executed;
- Maintaining compliance with all legal agreements under which data are accessed or acquired, including, but not limited to, Data Use Agreements, Non-Disclosure or Confidentiality Agreements, and licensing agreements;
- Obtaining appropriate informed consent from research participants for retaining and sharing their personally identifiable data and complying with any data sharing restrictions; and
- Following all established University policies, guidance, and procedures for the appropriate retention and sharing of Research Data and Research Materials.
3.5.3 Brown University
Brown University has the following responsibilities with respect to data sharing:
- Maintaining policies and procedures to facilitate and support compliant Research Data and Research Material retention and sharing for the Brown research community; and
- Providing researchers with the appropriate infrastructure to preserve and retain Research Data to enable compliance with sponsor and publisher requirements.
3.6 Data and Research Materials Retention
Research Data and Research Materials that are commonly accepted in the scientific community as necessary to validate research findings must be retained by Brown researchers for three (3) years after publication of the findings, and/or three (3) years from the date of submission of the final expenditure report to a sponsor, whichever event is later, unless a longer period is provisioned.
The following circumstances may require a longer period of retention:
- Research Data must be kept as long as necessary to preserve and protect any intellectual property resulting from the work.
- If litigation or other dispute resolution procedures, claims, financial management reviews, or audits related to the research project are started before the expiration of the three-year period, or commenced after the three-year period but the relevant data and records have not been destroyed, the Research Data and other project records must be retained until all such litigation/dispute resolution procedures, claims, financial management reviews, or audits involving the records have been resolved, final action has been taken, and the University has confirmed in writing that the subject data and records may be destroyed. If a University litigation hold has been issued with respect to Research Data and records, the Data User must comply with the University’s Litigation Hold Policy and the specific terms of the litigation hold at issue.
- In cases where an allegation of research misconduct is made, Research Data and Research Materials must be retained for the duration of the University proceeding. If the matter is under Health and Human Services’ jurisdiction, Brown must maintain records of the research misconduct proceeding for seven (7) years following completion of the proceeding unless the federal ORI has advised the University in writing that it no longer needs to retain the records.
- Research Data for any project to which a student has substantively contributed, and which are necessary for the student to fulfill a degree requirement, must be retained until the student’s degree is awarded (or the student otherwise leaves the University) and any resulting dissertation/thesis/academic papers are published.
- When research is funded by an award to or contract with Brown that includes specific provision(s) regarding ownership, retention of, and access to technical data, which provisions exceed or conflict with the terms of this Policy, the provision(s) of that agreement will supersede this Policy.
- Research Data from human subject research studies must be maintained consistent with the approved protocol. In the case of a Food and Drug Administration (FDA) Clinical Investigation, researchers must comply with the FDA’s Investigator Recordkeeping and Retention Requirements. If the research involves Protected Health Information (PHI), the PI must retain the permission (i.e., the consent form or authorization) to use the PHI for six (6) years beyond the expiration date of the authorization (completion of the research).
- If other regulations, federal oversight, or journal guidelines require longer retention, all applicable sources must be reviewed and the Research Data must be kept for the longest period of time applicable.
- If a DUA or other agreement governing Source Data acquired by the University from an outside party specifies retention or destruction requirements, those Source Data must be retained and/or destroyed in accordance with the terms of the governing agreement. Brown investigators’ rights to retain results derived from use of Source Data in accordance with this Policy will be preserved and protected in all agreements reviewed and executed through established University processes.
The PI is responsible for the appraisal and selection of Research Data falling under the categories above and for complying with retention and destruction requirements set forth in this Policy. Research Data should be removed/destroyed in accordance with CIS Data Removal Recommendations or as otherwise stipulated in any agreement that governs the data’s removal and destruction. Brown recommends that a certificate or other documentation of destruction for confidential or otherwise sensitive data be maintained indefinitely by the PI.
The University Records Manager will work with PIs to (i) determine the most appropriate disposal solutions for data that has met and/or exceeds the periods outlined in this Policy, and (ii) assess the need and determine any storage solutions for data that should be retained beyond the minimum established retention periods. The University Archivist will work with PIs to help appraise and select data and materials having enduring historical value for the University and society.
This Policy should not be construed to limit the right of any member of the Brown community who is a Data User on a project/activity to have access to and to work with the Research Data generated in that project/activity, nor should this Policy be construed to constrain the practices that are particular to the field of inquiry of which the data are a part.
For the purpose of this policy, the terms below have the following definitions:
- Data User:
Under this Policy, a Data User is any PI or other researcher or personnel who creates, accesses, maintains, or stores Research Data and/or Research Materials at Brown.
- Research Data:
The recorded factual information associated with the research, including, but not limited to, all records necessary for the reconstruction and evaluation of the results of research, regardless of the form or medium on which the material is recorded (such as lab notebooks, photos, digital images, data files, data processing or computer programs [software], statistical records, etc.).
- Research Materials:
Tangible items that are the product of research or that are used to conduct research. Examples of Research Materials include reagents, cell lines, plasmids, vectors, chemical compounds, and some kinds of devices and software.
- Source Data:
Data or other information necessary to perform the research received from a party external to Brown via a properly executed agreement. Source Data does not include original data generated by Brown researchers or the results of analyses conducted using Source Data.
5.1 Compliance with the Policy
All individuals to whom this Policy applies are responsible for becoming familiar with and following this Policy. University supervisors are responsible for promoting the understanding of this Policy and for taking appropriate steps to help ensure compliance with it.
5.2 Reporting Violations
All members of the Brown community have a responsibility to report violations of this Policy to the Policy Owner or Contact identified below.
6.0 Consequences for Violating this Policy
Failure to comply with this and related policies is subject to disciplinary action, up to and including suspension without pay, or termination of employment or association with the University, in accordance with applicable (e.g., staff, faculty, student) disciplinary procedures.
7.0 Related Information
Brown University is a community in which employees are encouraged to share workplace concerns with University leadership. Additionally, Brown’s Anonymous Reporting Hotline allows anonymous and confidential reporting on matters of concern online or by phone (877-318-9184).
The following information complements and supplements this document. The information is intended to help explain this Policy and is not an all-inclusive list of policies, procedures, laws and requirements.
7.1 Related Policies:
- Brown University Acceptable Use Policy
- Brown University Data Removal Recommendations
- Brown University Data Risk Classifications
- Brown University Data Use Agreement Guidance for Researchers
- Brown University Litigation Hold Policy
- Brown University Material Transfer Agreements
- Brown University Openness in Research Policy
- Brown University Patent and Invention and Copyright Policy
- Brown University Records Retention Policy
7.2 Related Procedures:
7.3 Related Forms:
7.4 Frequently Asked Questions (FAQs):
7.5 Other Related Information:
- Brown Digital Repository
- Brown University Research Data and Management Services
- Brown University Research Data Management and Sharing Plans
- CIS Data Removal Recommendations
- Investigator Recordkeeping and Retention Requirements
- National Institutes of Health Sharing Policies
- National Science Foundation Data Sharing Policy
- The Research Data website includes example case studies to assist with application of this Policy.