NIH 2023 Data Management and Sharing Policy

What's New?

As of January 25, 2023 NIH requires all researchers seeking grant funds that result in the generation of scientific data to:

  • Submit a 2-page Data Management and Sharing plan outlining how their scientific data and accompanying documentation will be managed and shared
  • As part of that plan, maximize the appropriate sharing of scientific data generated from NIH-funded or conducted research, with justified limitations or exceptions.

NIH Resources:

Data Management and Sharing (DMS) Plan Templates and Samples


Sample Plans

Budget Guidance

Planning for Data Sharing

Selecting a Data Repository

NIH recommends the use of well-established data repositories to share your data. To find the best repository for your research check out the UCSF Library guide to data repositories

Policy Presentations and Slides

How to get help

Questions about the new policy or need help selecting an appropriate data repository or metadata standard? Want someone to review your draft plan? Want someone to present on the policy to your team or department? Contact the UCSF Library's data management team.

For consulting on de-identification please visit UCSF CTSI Consultation Services

FAQs about the new DMS Policy

What is the overall goal of this policy?

The NIH encourages data sharing in order to:

  • Increase public access to federally funded research
  • Enable transparency and reproducibility of research results
  • Make data available for discovery and reuse
Which grants are covered by this policy?

The policy applies to all NIH grants that generate scientific data including research projects, some career development awards (Ks), Small Business SBIR/STTR, and Research Centers.

It does not apply to grants for Training (T), Fellowships (F), Construction (C06), Conferences (R13), Resource (Gs), and Research-Related Infrastructure Programs (S06).

See the complete list of activity codes covered by the policy.

What is considered "scientific data" for the purposes of this plan?

The final NIH Policy defines Scientific Data as: “The recorded factual material commonly accepted in the scientific community as of sufficient quality to validate and replicate research findings"

Researchers are not expected to share: data that are not necessary for or of sufficient quality to validate and replicate the research findings, laboratory notebooks, preliminary analyses, completed case report forms, drafts of scientific papers, plans for future research, peer reviews, communications with colleagues, or physical objects, such as laboratory specimens.

Are there justifiable reasons not to share my data?

Yes. NIH expects that researchers will take steps to maximize scientific data sharing, but may acknowledge in Plans that certain factors (i.e., ethical, legal, or technical) may necessitate limiting sharing to some extent. Foreseeable limitations should be described in DMS Plans. Per the supplemental information “Elements of an NIH Data Management Sharing Plan,” a compelling rationale for limiting scientific data sharing should be provided and will be assessed by NIH.

Potential examples of justifiable factors include:

  • informed consent will not permit or will limit the scope or extent of sharing and future research use
  • existing consent (e.g., for previously collected biospecimens) prohibits sharing or limits the scope or extent of sharing and future research use
  • privacy or safety of research participants would be compromised or place them at greater risk of re-identification or suffering harm, and protective measures such as de-identification and Certificates of Confidentiality would be insufficient
  • explicit federal, state, local, or Tribal law, regulation, or policy prohibits disclosure
  • restrictions imposed by existing or anticipated agreements (e.g., with third party funders, with partners, with repositories, with Health Insurance Portability and Accountability Act (HIPAA) covered entities that provide Protected Health Information under a data use agreement, through licensing limitations attached to materials needed to conduct the research)
  • datasets cannot practically be digitized with reasonable efforts

Examples of reasons that would generally not be justifiable factors limiting scientific data sharing include:

  • data are considered to be too small
  • data that researchers anticipate will not be widely used
  • data are not thought to have a suitable repository
What is included in a Data Management and Sharing Plan?

In these max two-page documents, researchers will describe their:

  • Data type
  • Related tools, software, and/or code
  • Standards
  • Data preservation, access, and associated timelines
  • Access, distribution, or reuse considerations
  • Oversight of data management and sharing

Read more about Data Management Plans and see sample plans

How should I be sharing my data? Can I make it available upon request?

No. NIH prefers that scientific data be shared and preserved through data repositories rather than kept by a researcher and provided upon request.

What data repository should I use?

To select a data repository relevant to your research consider:

To learn more, check out the UCSF Library guide to data repositories

When do I need to make my data available?

NIH encourages scientific data be shared as soon as possible, and no later than time of an associated publication or end of the performance period, whichever comes first.

What is a standard? What standards are relevant to my research?

A standard specifies how exactly data and related materials should be stored, organized, and described. In the context of research data, the term typically refers to the use of specific and well-defined formats, schemas, vocabularies, and ontologies in the description and organization of data. However, for researchers within a community where more formal standards have not been well established, it can also be interpreted more broadly to refer to the adoption of the same (or similar) data management-related activities, conventions, or strategies by different researchers and across different projects.

Cheat sheet to common metadata and data standards from NIDDK

Learn more about standards on this guide from the UCSF Library.

What data management and sharing costs can I include in my grant?

Allowable costs can include:

  • data curation and developing documentation (formatting data, de-identifying data, preparing metadata, curating data for a data repository)
  • data management considerations (unique and specialized information infrastructure necessary to provide local management and preservation before depositing in a repository)
  • preserving data in data repositories (data deposit fees)

Read more about budgeting for data management and see the UCSF Budget Guidance

How will the plans be assessed?

NIH program staff will assess the DMS plans but peer reviewers may comment on the proposed budget for data management and sharing.

What happens if I do not comply with the NIH policy or make my data available as described in the DMS policy?

NIH Program Staff will be monitoring compliance with the policy during the funding period. “Noncompliance with Plans may result in the NIH ICO adding special Terms and Conditions of Award or terminating the award. If award recipients are not compliant with Plans at the end of the award, noncompliance may be factored into future funding decisions.”

What about secondary data analysis?

According to NIH researchers are not expected to share existing, shared primary data used to conduct secondary research. Researchers are, however, expected to maximize appropriate sharing of any new, derived data generated as a result of their research if at all possible. That said, one of the justifiable reasons not to share is "restrictions imposed by agreements" meaning that if you need to sign a strict DUA in order to access the data (for example CMS or other claims data) you are justified in not making the derived data public. In this case you would simply describe why data sharing is not possible in your DMS plan.

Here is an example NIH plan using secondary data.

Where can I learn more about this new policy?

General FAQs about Data Sharing

How should I plan for data management and sharing?

UCSF researchers should follow the guidance for sharing de-identified data to incorporate data sharing into their research process.

Does anyone need to approve my data before it is shared?

Yes, UCSF researchers sharing de-identified human subjects data need to do the following (note that no approvals are needed for researchers working with non-human data):

  • If you are sharing in a controlled access repository (recommended) work with UCSF Industry Contracts to evaluate and sign the repository's data sharing agreement.
  • If you wish to share your data in an open repository or a controlled access repository not listed on the above list, email with a short description of your data and the name of your chosen repository and the EIA Steering Committee will review and approve.
Where can I find information about de-identifying data?

Visit this page on de-identification to learn about UCSF offices that can offer de-identification advice and see additional resources.

I work with sensitive topics/populations - how do I protect my participants' privacy?

NIH strongly encourages researchers who work with sensitive topics and/or populations to address data sharing in the Informed Consent process. UCSF consent form templates include appropriate sample language.

Researchers should pay special attention to their de-identification process to ensure that all identifying information has been fully removed. CTSI’s data de-identification service can provide advice on de-identification and connect you with third party de-identification validation services.

Finally, UCSF recommends that researchers share their de-identified human subjects data in controlled access repositories that require data use agreements and research plans in order to access the data.

See more advice from NIH about protecting participant privacy.

What if I get scooped?

While sharing data can lead to scooping, this is very rare. If you are worried about scooping you may want to hold off publishing your data until your associated publication is ready to be published. Some repositories also have a "private for peer review" option which allows you to make your data available to peer reviewers but not fully publish your data until the article has been accepted.

Was this topic helpful?

Have more questions? Contact us