Chapter 5: Research Data

In keeping with its mission of knowledge in the service of society, Duke University strives to cultivate an environment that enables and encourages members of the research and scholarship enterprise to produce, curate, and disseminate high quality research data and outputs. As a research institution, the University has the resources to secure and manage research data and outputs and the associated responsibility for establishing consistent standards and supporting procedures to enable the responsible management of research data.

The following policies set the institutional expectations and requirements for engaging with research data amongst Duke University research personnel, which include faculty, staff, trainees (e.g., medical residents, degree pursuing individuals, and post-doctoral candidates) and other individuals (e.g., visitors, affiliates, visiting scholars). These policies are built upon principles of integrity, sound management, reproducibility, and collaboration in the pursuit of knowledge. They reflect an awareness that research communities, funders and publishers play important roles in encouraging best practices for researchers; while reflecting the heterogeneity of sources, modes of data creation and analysis, and kind of research outputs that characterize research and scholarly activity at a major research university.

All members of the research and scholarly community share in the responsibility of applying research data management practices that allow the University to respond, in sufficient detail, to questions of accuracy, authenticity, and privacy and to remain in compliance with laws and regulations governing the conduct of the research. Duke expects all research personnel to apply the policies and principles outlined below to the procedures and practices of their day-to-day research operations.

Definitions

Data Management Plan (DMP): A written description of the data and workflows associated with the lifecycle of research projects. A DMP may be required by funders or other agreements in support of a funding application or article submission. Individual funders or data providers may have varying format, content, and submission requirements which must be followed by researchers.

Data sharing: The act of making research data available for use by others (e.g., the larger research community, institutions, the public), for example, via an established repository or through contractual agreements.

Research data: The recorded, retrievable information and/or forms of evidence collected, generated or created in the pursuit of new knowledge and is necessary to validate research outputs. Research data is sufficient to facilitate 1) reconstruction of experimental methods or other analytical practices that underpin scholarly interpretations and arguments and, where appropriate 2) accurately interpret research data outputs, regardless of form or recorded medium. Research data comprises a portion of the research record.
Research data may also be defined by or subject to sponsor, funder or publisher requirements and standards.

Research outputs: The results, findings, or reports produced by the design and execution of research inquiries that contribute to any body of knowledge. The research community may seek to replicate or validate research outputs through the review and analysis of research data. The form of research outputs may vary according to scholarly disciplines, but could include computer code, algorithms, curated or analyzed sets of data, videos, films, patents, archives and publications. Research outputs comprise a portion of the research record.

Retention period: The length of time research data and outputs must be retained following the dissemination of knowledge from research, the method of which may vary according to scholarly disciplines. Research outputs may be subject to University policy, sponsor, funder or publisher retention requirements or expectations for placement in repositories.

Research record: Any data, documents, computer files, or materials that document a scientific or other form of scholarly inquiry. Research records can be written or non-written, electronic or hard-copy. Regardless of the form in which personnel maintain research records, they should be able to meet reasonable expectations to provide evidence or information regarding the proposed, performed, reviewed, or reported research. A research record may include, but is not limited to, grant or contract applications, whether funded or unfunded; grant or contract progress and other reports; collections of primary sources, whether textual, auditory, or visual; notes taken from research in physical or digital archives; laboratory notebooks (physical and electronic); printed or electronic communication; ethnographic field notebooks; interviews and survey data; podcasts; videos; photographs; films; slides and exhibits; biologic materials; computer files and printouts; manuscripts and publications; equipment use logs; laboratory procurement records; animal facility records; human and animal subject protocols; consent forms; medical charts; participant research files; abstracts, theses, oral presentations, and internal reports.

Trainees: Individuals who will interact with research data and outputs in 1) the pursuit of a University degree, 2) enrollment in a University training program designed to transfer professional skills, or 3) acceptance of funds administered through the University designated for career or training development. This includes, but is not limited to, undergraduates, graduate and professional students, medical/clinical residents, and fellows.

Roles and Responsibilities

Research personnel: The following are responsibilities for any individual interacting with research data or outputs. As research data stewards, individuals engaged in research are accountable to the Principal Investigator and the University for their handling of research data and outputs throughout the research data lifecycle, from design or collection to preservation. Specific expectations and responsibilities include:

• Adhering to all University, regulatory, sponsor, and provider requirements regarding the collection, curation, management, analysis, retention, and sharing of research data and outputs.
• Adhering to terms and conditions set forth in contracts or other relevant agreements relating to research data and outputs.
• Adhering to appropriate security and privacy measures as necessitated by the nature of the research data and terms and conditions of relevant agreements.
• Engaging with institutional support offices as necessary and appropriate to maintain research data integrity.
• Completing required training relating to the compliance or execution of the following policies or related procedures.

In addition to the above, individuals may have further responsibilities within a research project, research protocol or clinical trial depending on their role. Such additional responsibilities are as follows:

Principal Investigator (which applies to sole researchers, whether faculty, staff, or students, leaders of research teams, whether faculty or staff, investigators, co-investigators): The PI is directly responsible and accountable to the University, any external sponsor(s), and data providers for proper stewardship of research records, data, and outputs within the PI’s portfolio. This includes responsibilities related to managing and supporting the project personnel and trainees who interact with research data:

• Reviewing Roles & Responsibilities with research personnel, trainees and other individuals; and appropriately delegating or assuming tasks.
• Ensuring project personnel have the requisite experience, training, and permissions to execute assigned responsibilities.
• Consulting sponsor, publisher and/or award documents and ensuring compliance with external terms and requirements therein.
• Ensuring that agreements are in place prior to sending, receiving, or handling research data.
• Consulting with unit or school officials in the event of conflict of obligation in the management of research data and outputs.
• For contracts and agreements that obligate the University, obtaining signatures from authorized organizational representatives.
• Ensuring appropriate protections are in place for research data, which may include assessing available infrastructure in collaboration with support personnel.
• Determining research data sharing requirements.
• Fostering a culture of quality and compliance.

Trainees: Trainee responsibilities include, but are not limited to:

• Providing PIs and unit, school, and institutional officials with means to access research records prior to graduation or dissolution of relationship with the University. This includes the provision of all components of the research data and outputs generated at or on behalf of the PI and/or institution, and all supporting source data, data processing, and data analysis.

Visitors, affiliates and other individuals: This includes individuals who acquire a Duke NetID or have demonstrable involvement in a project, but are not Duke University faculty, staff, or trainees. Their responsibilities include, but are not limited to:

• Obtaining PI approval for project involvement.
• Completing any required institutional requests, training, agreements, and registration prior to accessing or interacting with research data or research outputs.
• Following research project or protocol processes for dissolving access to research data or research outputs in a timely manner, including providing relevant research personnel and institutional officials the ability to access any and all research data and outputs generated at or on behalf of the PI and/or institution.

Institutional: The University’s responsibilities, as carried out by department, school, center, institute, or administrative staff include, but are not limited to:

• Implementing, through the Duke University Office for Research & Innovation, relevant policies and procedures that set institutional expectations and requirements for responsible management of research data and the proper conduct of individuals interacting with research data.
• Protecting Duke University’s commitment to academic freedom, including the right of research personnel to carry on research and publish the results.
• Protecting the rights of Duke University research personnel to access research data resulting from research in which they participated. Reviewing, negotiating, and executing required agreements and contracts associated with data use, sharing, transfer, and collaborations to ensure the University can meet obligations concerning the protection and integrity of research data.
• Assessing compliance with University policies, requirements from regulatory and compliance bodies, applicable laws and other relevant agreements regarding the management, retention, and sharing of research data and outputs; and coordinating institutional response and actions as necessary.
• Assessing available infrastructure for the storage, computing, and protection of research data and outputs.
• Providing training (directly or via third-party) to support best practices in data management.

5.1 Research Data Ownership

Duke University assumes the responsibility for the security and management of research records, including research data, outputs, that are collected, generated, or created under the auspices of the University. Therefore, the University also assumes the roles of owner and primary steward, providing it the authority to set institutional expectations and requirements for the proper conduct and responsible management of research records.

Except where precluded by pre-existing rights or the specific terms of sponsorship or other agreements, Duke University is the owner of research records, including research data and outputs, that are collected, generated, or created during research conducted 1) within the course and scope of an individual’s assigned or assumed duties; 2) using University resources, such as facilities, infrastructure, equipment, or supported technology; or 3) with funding from or administered through the University.

To fulfill the responsibilities and obligations associated with research data ownership, the University may execute agreements and contracts associated with research data use and collaborations. The terms and conditions of all such agreements are subject to University review and approval. The University may also provide or deny access to research records, including to University personnel as needed to provide suitable assurances of security and the protection of research data.

If an individual who has collected, generated, or created research data or outputs ceases to have a relationship with the University (whether that relationship be one of employment, collaboration, or pursuit of a degree or training program), the University retains ownership of the research data as it exists at the time the relationship ceases. Individuals who wish to have access to research data generated through their relationship with the University after the relationship ceases are responsible for requesting access to those research data through proper University channels and executing any necessary data transfer agreements.

For further details: Researcher offboarding procedures.

5.2 Research Data Management

Research data management describes the practices used by research personnel when collecting, processing, publishing and storing research data and outputs. Duke University expects research personnel to employ research data management practices that enable the reproduction and validation of research outputs.

The University encourages research personnel to develop and follow Data Management Plans (DMPs) as a means to document intended data management practices. DMPs should be developed at the beginning of the research data lifecycle or in the event that one of the following conditions is met: the project 1) is seeking or relying upon federal funding; or 2) uses data acquired through a contract or agreement, including data with export controls considerations; or 3) has funder, publisher or other external DMP requirements.

Research personnel should evaluate the need for a DMP prior to any dissemination of the research data. Research personnel should update DMPs as needed to ensure an accurate reflection of data management practices. If an external entity (funder, provider, or publisher) requires a DMP, PIs are responsible for meeting any deadlines and satisfying any requirements.

5.3 Research Data Access

Determination of appropriate access to research data requires research personnel to balance the principles of open science and public access with the security and privacy needs of the research data and outputs.

Providing members of the research community adequate access to research data enables the validation of research outputs and the advancement of knowledge intrinsic to the University’s mission. Prior to providing research data access to individuals or entities, research personnel must ensure that the access is allowable per: University policy and standards; compliance or regulatory body requirements; data provider or funder terms and conditions; and any other requirements articulated in agreements, consent forms, or University policies.

Research personnel must be provided access to research data and outputs at a level appropriate to their assigned project functions. The University further encourages Principal Investigators (PI) to provide access to research data to the fullest extent possible to all other members of the research community and public, without infringing upon or conflicting with the University policies on academic freedom or Intellectual Property rights.

The PI has the responsibility to establish, and communicate with relevant research personnel, a system for managing and documenting parameters and conditions for accessing research data. This includes engaging research support staff to ensure that the system accounts for security measures, relevant agreements, and technical needs required to appropriately access research data.

5.4 Research Data Transfer

Research data transfers occur when research data or outputs enter or leave a Duke-managed environment to or from a non-Duke managed environment. These transfers enable collaboration among researchers and institutions.

Prior to executing an initial research data transfer (i.e., to a data repository or the first time research personnel intend to transfer research data to a collaborator who will receive data throughout the project), the Principal Investigator must determine if a Data Transfer Agreement (DTA) or other agreement is needed. For identifying the appropriate research support office staff, consult myRESEARCHpath. DTAs ensure that individuals who will receive research data transfers have appropriate access rights and the transmission and storage methods are sufficiently secure.

5.5 Research Data Retention

The secure retention of research data and outputs is vital for substantiating research results and meeting the requirements of data providers, sponsors, and publishers. These requirements may include provisions relating to Open Access and data sharing. Duke University expects research personnel to retain, via archives and/or placement in established repositories, research data and outputs for a minimum of six years after the final reporting or publication of a project. The research data archived must be original and sufficiently document the methods and accuracy of research data generation as well as the methods and accuracy of research data analysis and interpretation. When determining the scope of research data to be retained, the PI should consider the standards of their discipline and practices of their organizational unit.

The retention period and the research elements that are retained may be altered by funders, publishers, contractual arrangements, compliance or regulatory bodies, and applicable laws, and the below conditions:

• Translation & Commercialization: Retain research data and outputs until any patentable invention resulting from the work is protected by the filing of a patent application or, if a decision is made by the University not to file for patent protection, until rights to the invention are returned to the inventor. See the Policy on Inventions, Patents, and Technology Transfer for further information.
• Investigations, Allegations, Litigation: Research data must be retained if relevant to an investigation or legal proceeding, including, but not limited to, research data under a legal preservation notice or deemed relevant to Research Misconduct proceedings. See the Policy on Misconduct in Research for further information on impact to retention period.
• Trainee-Engagement in Research: If, in the course of advancement to a degree, a trainee serves as the sole PI in the design, conduct or reporting of research, the research data and outputs connected to that research must be retained according to the practices of the organizational unit.

It is the responsibility of the PI to compare external requirements and determine the appropriate retention period. PIs should take particular care to follow any requirements regarding research data destruction listed by data providers or specific terms of sponsorship or other agreements.

As permitted by the nature of the research data and sponsor, regulatory or contractual requirements, archived research data must be accessible to institutional officials, external sponsors, and fellow members of the research community.

5.6 Public Access Requirements

Public access refers to the concept of making research results (research data and publications) available to the public at no cost. Generally, the requirements include an expectation that the results will be available within a set amount of time. Public access requirements are set and maintained by funding agencies, including many federal and non-federal funders. Principal Investigators should review the requirements of each funded research activity and develop plans early in the project for making their publications and data available via appropriate venues. Failure to comply with these policies may result in loss of funding, eligibility for future awards, or other penalties.

To assist with assessing compliance with public access requirements, many funders require applicants to include a formal data management plan or data availability statement as a part of the award proposal. Additional resources and information for complying with data management and public access requirements may be found on myRESEARCHpath.