NDAR has been developed for the autism research community. More broadly, NDAR has multiple stakeholders with differing needs. The NDAR policies and procedures defined here address the needs of all stakeholders. They are reviewed and approved by the NDAR Leadership Team.
The NDAR Policy is the primary overarching policy of NDAR addressing considerations for providing data to NDAR, outlining the requirements for data submission and the protection of research subjects. The Ongoing Study Policy is for the purpose of using NDAR as a collaborative space for an investigator determined period of time, subject to NDAR Data Access Committee approval.
As defined by the NDAR Policy, the NDAR Data Access Committee (DAC) has been established to objectively and systematically review data access and submission requests. Collectively, the DAC has overall responsibility for ensuring compliance with the NDAR Policy. Specifically, the DAC's responsibilities include the following:
The DAC consists of a minimum of three federal employees appointed by the NDAR Director. The DAC comprises the following individuals with expertise in science, policy, or bioinformatics resources:
NDAR is a protected resource for autism data contributed by investigators, funded by the NIH and other organizations. Contained in the NDAR Central Repository are detailed research data derived from consenting human subjects. Operational procedures have been established to ensure that the data contained in NDAR are efficiently made available to qualified researchers according to the protections defined in NDAR and other federal policies.
The SOPs described below are to be followed by NIH, their designees, and NDAR users. Note that these procedures often require an investigator to upload a document into their NDAR profile and possibly associate these documents with an NDAR Collection or NDAR Study. Only the investigator and NDAR staff will have access to these documents. For any other questions or feedback, please contact firstname.lastname@example.org.
The purpose of this SOP is to define the steps for requesting access to the shared data available in the NDAR Central Repository as well as multiple autism-relevant data sources federated with NDAR.
This procedure applies to all account requests and the investigators and data managers at research sites who request them. This procedure requires 1-3 business days for accounts. Accounts with shared data access to NDAR or data submission privileges will take longer.
The purpose of this SOP is to define the steps necessary to request, review, and approve data submission privileges in NDAR.
This procedure applies to all investigators and data managers who will submit descriptive data, analyzed data, and supporting documentation associated with a research study to an NDAR Collection. This procedure typically requires 5-7 business days.
As a Federal Information System, NDAR will follow NIH Security Certification and Accreditation. NDAR is rated at a Security Objective of Confidentiality and a Potential Impact Level of Moderate. This level of security is defined by NIST publication 800-18 Guide for Developing Security Plans for Federal Information Systems:
"The unauthorized disclosure of information could be expected to have a serious adverse effect on organizational operations, organizational assets, or individuals."
The purpose of this SOP is to establish the steps for requesting access to the shared data available in the NDAR Central Repository as well as multiple autism-relevant data sources federated with NDAR (e.g., AGRE, ATN, and IAN).
This procedure applies to all individuals interested in gaining access to shared data in NDAR. Each federated data source has its own specific procedure to request access to data. These requests can now be made through NDAR when requesting an NDAR account or in the "My Profile" page for current NDAR users. For more information on requesting access to the Pediatric MRI Data Repository, check the NIH MRI Study of Normal Brain Development Data Access Page. NDAR Help Desk with any questions.
The high quality of data within NDAR is crucial for ensuring its usefulness and reliability for research. Therefore, the NIH has implemented a multi-tiered quality control procedure for data contributed to NDAR.
Prior to a Data Dictionary release or the establishment of a federated data resource, NDAR Staff will certify that the fields defined do not include any information that can be reasonably used to identify a research subject or those associated with the research. Although not applicable to NDAR, the HIPAA Limited Dataset definition will be used as the basis for this certification. Specifically, NDAR Staff will ensure that the following direct identifiers of the research subject or of relatives, employers, or household members associated with the research subject are removed:
Any potential discrepancies to this privacy rule (e.g., genomics data or images that could be transformed) will be documented and approved/denied by the NDAR Data Access Committee (DAC).
Investigators may create an NDAR Collection or Study many months prior to submitting data to them. As containers empty of research data, Collections and Studies contain only general information such as the project title, contributing investigators and funding source. These containers may be shared either to specific individuals through NDAR's Ongoing Study capability or broadly with other researchers. The decision to share a Collection or Study is based solely upon the discretion of the owner. No additional review is necessary.
Sharing a Collection or Study only makes general information available to others. Documentation contained in the Collection or Study or data contained in the Collection must follow specific data sharing procedures, defined below.
For documentation uploaded to NDAR, the following procedure will be followed.
Datasets contributed to the NDAR Central Repository are shared with those that have appropriate access. The same process is followed for data shared broadly and data shared through NDAR's Ongoing Study capability.
The purpose of this SOP is to outline the steps required to establish a federated resource. The data federation provides investigators with a single point of access to multiple autism-related data sources in addition to the shared data stored in the NDAR Central Repository.
This procedure applies to NDAR Staff and the NDAR Data Access Committee (DAC).
The purpose of this SOP is to outline the steps for adding a data structure in NDAR's Data Dictionary.
This procedure applies to all investigators and data managers submitting data who wish to create a data structure. Duplication of data structures is to be avoided as much as possible. However, if no data structure exists for a given type of assessment or measure, we encourage the community to define the data structure.
Investigators are encouraged to extend the autism data dictionary available at http://ndar.nih.gov/ndar_data_dictionary.html?type=All&source=NDAR&category=All. To change a definition or use an existing one as a template, simply select the definition from the website and then select download definition, which will allow you to save your definition in csv format, which can be opened in Excel. Make your changes indicating the type of changes you have made and email the updated spreadsheet to the NDAR Help Desk. NDAR will then curate the definition and if no changes are needed, have it applied to the NDAR Data Dictionary. Please note that for all NDAR data definitions, subjectkey , src_subject_id , interview_age , interview_date , and gender are required.
The purpose of this SOP is to define the steps for installing the free GUID Tool software. This includes GUID Tool request initiation, review, approval, and verification.
This procedure applies to all investigators and data managers who are required to generate GUIDs and pseudo-GUIDs for data submission.
The purpose of this SOP is to outline the steps for receiving the Ongoing Study capability. This includes request initiation, review, and approval.
The procedure applies to the Principal Investigators, Co-Investigators, and collaborators interested in this capability. This procedure typically requires 10 business days.
The PI sends the reason they would like to use NDAR's ongoing study capability including a description of the data that will be held by NDAR, the Co-Investigators, and the duration the data will be available only to the group. Note that the Principal Investigator must have a current Data Submission Agreement uploaded to their account.
The purpose of this SOP is to outline the steps for requesting a time extension for data sharing. These requests may be made if there are reasons for which the release of data would be considered premature. Extensions are not granted for the sole purpose of delaying QA/QC activities.
This procedure applies to investigators who have submitted data and only the data contained in the NDAR Central Repository. This procedure typically requires 10 business days.
The purpose of this SOP is to outline the steps necessary to change the data-sharing terms associated with NIH-funded research. Over the course of research, circumstances may arise that necessitate a change in the terms.
This procedure applies to all investigators who are required to submit data to NDAR.
The purpose of this SOP is to outline the steps for receiving administrative access to NDAR.
This procedure applies to all NDAR technical staff, NDAR operational staff, and extramural program staff who must have the ability to query and review data within NDAR in order to perform their job. Intramural staff who wish to request access to NDAR should follow SOP-04 Data Access Permission Request.
The NDAR Director is responsible for granting individual access to those administering NDAR. The Director may choose to delegate the responsibility of granting access to other NDAR Staff.
Requests for such access will be approved by the Data Access Committee (DAC). The procedure for requesting such access generally follows the procedure detailed in SOP-04 Data Access Permission Request, however, the request can be submitted by email in lieu of completing and submitting the NDAR Data Use Certification. Requests should be addressed to NDARHelp@mail.nih.gov and must provide the reason that access to data in NDAR is needed.
Beginning in fiscal year 2012, all NIH-funded human subject research data related to autism is expected to be shared through NDAR. For new projects, the data sharing terms will be included in the Notice of Grant Award (NGA) which will also include expected timelines for data submission. For projects enrolling new research subjects and collecting new data on those subjects, both descriptive and analyzed data are expected to be deposited into NDAR. When experimental results are obtained from a dataset originating from an NDAR federated source (e.g. ATP, AGRE), only the newly derived analyzed data are expected to be submitted to NDAR in an effort to avoid duplication. While most data are expected to be submitted directly into NDAR, there may be valid scientific and/or operational reasons for submitting data, either descriptive and/or experimental, into another repository and not NDAR. However, to ensure that data remains available to the research community, only repositories that are federated with NDAR, make the data generally available to the autism research community, and have a memo of understanding (MOU) in place with NDAR ensuring such data deposited remain available to the community in perpetuity, will be considered.
The following procedure should be followed for such cases.
An investigator who wishes to use another repository for data sharing should first consult with his/her Program Officer. If the Program Officer believes that it is appropriate for the investigator to submit to another repository, the investigator should provide the following information to the NDAR Help Desk:
NDAR Staff will provide the request to submit and share data through a federated repository and any related information to the NDAR Data Access Committee (DAC) for a decision. The DAC meets twice a month to review these requests. NDAR Staff may contact investigators and/or the Program Officer for additional information if required. The DAC reviews the request and makes a decision based on the information provided in the request. Final approval of the request to submit to another repository instead of NDAR is contingent upon approval from both the Program Officer and the DAC. Once approved, NDAR Staff will send an email to the lead investigator with the decision. The entire procedure typically requires 10 business days.
The purpose of this SOP is to outline the steps for requesting removal of participant data from the NDAR Central Repository.
SOP-14 applies to all investigators who have submitted data to NDAR and the investigator's lab that has received a request from individuals who were previously consented to have their data removed from NDAR.
Submitting investigators and their institutions may use the GUID as a means to request removal of data on individual participants from the NDAR Central Repository in the event that a research participant withdraws his/her consent. To have a subject removed, please email the NDAR Help Desk at email@example.com with your request referencing this procedure and the GUID(s) requiring removal. As per NDAR policy, data that have been distributed for approved research use will not be retrieved.
Investigators submitting data to NDAR must certify that all data contributed to NDAR is de-identified as defined in the NDAR Submission Agreement. While NDAR reviews all data submitted for PII (see SOP-5), the potential still exists for PII to be found. If this happens, the following procedure applies.
SOP-15 applies to individuals with access to NDAR protected data that may have discovered potential PII in NDAR or one of its federated repositories. This includes NDAR Staff, program staff, an individual at the submitting lab, or a user with permission to access data using NDAR.
Persons discovering potential PII will contact the NDAR help desk ideally including the lab, data structure, elements, and GUIDs that potentially contain the PII. Within 1 hour, NDAR will review and make a determination if the data is PII.
If a determination is made that the data includes PII and those data have not been shared or downloaded, NDAR will immediately expunge the data.
If a determination is made that the data contains PII and those data have been downloaded from NDAR, the data will immediately be moved to a private state to prevent any further downloads. NDAR will then work with the submitting lab to expunge the data. In some cases, resubmission of the data may be needed. NDAR staff will then notify those users that have downloaded the data containing PII and instructing them to expunge the PII. NDAR will notify the submitting lab that the users downloading the data have been contacted. An incident report will be maintained for a period of at least five years.