Data Access Instructions

To apply for data access, please read the instructions below, prepare the required documents, and submit the form here.

Please contact us if you have questions.

Checklist

All fields are required unless otherwise noted.

  • Name
  • Email
  • Name of organization
  • Organization website (optional)
  • Addresses: main, billing and shipping
  • Phone
  • Cover letter
  • Funding information
  • NIH biosketches: applicant, relevant investigators and co-investigators with full legal names.
  • Internal and External Collaborators
  • Facilities and other resources
  • At least one of the following:
    • Requested phenotypic datasets
    • Requested samples
  • Optional: requested genetic data
  • Digitally signed distribution agreements if you are requesting samples.
  • Data and resource sharing plan
  • Data Use Certification signature if requesting data.
  • Research Use Statement (see below)
  • Information Technology Director (see below)
  • Cloud Use Statement if applicable.
  • Human subjects approval
  • Billing and shipping addresses
  • P.O. Box # and FedEx account numbers are optional.

Research Use Statement

The approval of project requests depends on a carefully written Research Use Statement (250 words maximum).  The statement should include the following components:

  • Objectives of the proposed research
  • Study design
  • Analysis plan, including phenotypic characteristics that will be evaluated in association with genetic variants.
  • Brief description of any planned collaborations with researchers at other institutions, including the name of the collaborator(s) and their institutions

Data use is limited to non-profits and is only for substance use and addiction research. Other data for substance use research that can be used in other studies may be found in dbGaP. Research should not deviate from the description in the approved Research Use Statement.  If the scope is expanded, investigators must submit another research statement.  Conducting research not described in the Research use statement is violation of the terms of the Data Use Certification.

Attestation by Information Technology Director

You must provide the full legal name and contact information of an IT Director with the necessary expertise and authority to affirm the IT capacities your institution. The IT director is expected to have authority and capacity to ensure the institution and users are compliant with NIH Security Best Practices for Users of Controlled-Access Data.

The NIH Security Best Practices for Users of Controlled-Access Data is intended to ensure that Approved Users of NIH controlled-access data under the GDS Policy maintain such data on institutional IT systems and third-party computing infrastructures that meet certain standards in accordance to NIST SP 800-171 “Protecting Controlled Unclassified Information in Nonfederal Information Systems and Organizations.” To that end, NIH expects that:

  • Approved Users of NIH controlled-access data will attest to NIH that their institution is compliant with NIST SP 800-171.
  • Approved Users choosing a third-party IT system and/or Cloud Service Provider (CSP) for data analysis and/or storage will provide NIH with an attestation affirming that the third-party system is compliant with NIST SP 800-171.
  • Non-U.S. users that are unable to attest to the NIST SP 800-171 may attest to the equivalent ISO/IEC 27001/27002 standard.

The process for submitting an attestation will vary and may be incorporated as part of the process for accessing controlled data or through other agreements.

Expectations under the NIH Security Best Practices for Users of Controlled-Access Data are in addition to, and do not supersede, any local, State, Tribal, Federal laws and regulations, and/or relevant institutional policies.

Application Form

When you have gathered the required documents, please submit the application form here.

Data Access Committee

Members of the data access committee, please see instructions here (login required).