The National Institute of Health (NIH) recently released its final policy related to sharing human and non-human genomic data (GDS Policy). The GDS Policy applies to all NIH-funded research, regardless of the level of funding, that generates large-scale human or non-human genomic data, including the use of the data for subsequent research. The effective date of the GDS Policy is (i) grant applications with due dates on or after January 25, 2015; (ii) contracts submitted on or after January 25, 2015; and (iii) intramural research projects generating genomic data on or after January 25, 2015. In conjunction with the GDS Policy, NIH also released supplemental information regarding the scope of the GDS Policy.
Significantly, the GDS Policy places a number of obligations on researchers, institutions and institutional review boards for NIH-funding research. For example, the GDS Policy requires investigators to de-identify human genomic data submitted to the NIH-designated data repositories in accordance with the Health and Human Services (HHS) Regulations for the Protection of Human Subjects and the Health Insurance Portability and Accountability Act (HIPAA) Privacy Rule. The GDS Policy also makes it clear that it expects researchers to obtain broad consent from participants for future research and sharing of genomic data, and to provide information to NIH regarding any limitations on the use of such data. The NIH specifically stated in its press release regarding the GDP Policy that compliance with the policy will be a special condition in the grant or contract award and failure to comply could lead to enforcement actions.