Manage Research Data


FAIRport Guiding Principles drive the University’s scientific data management. Make sure you understand the type of data you want to share or exchange. Your proposal may require a data management plan and your award may need a data use agreement. Sharing data Stanford provides guidance and resources for research data acquisition, sharing and management. Some data is subject to particular protections which require additional terms and management considerations.

The Data Management Plan

A data management plan (DMP) may be required as part of your proposal documentation to comply with funding agency provisions on data management and to improve the visibility of their research. The DMP is a written document that describes the data you expect to acquire or generate during the course of a research project, how you will manage, describe, analyze, and store those data, and what mechanisms you will use at the end of your project to share and preserve your data.

The DMP Tool (Data Management Planning Tool) provides templates, Stanford-specific guidance, and suggested answer text for creating a data management plan for your next grant submission. 

Research Data Management 

Stanford University Libraries offer Data Management Services to assist Stanford's researchers with the organization, management, and curation of research data, including:

  • Understanding and creating data management plans

  • Organizing and backing up your research data

  • Acquiring and analyzing data

  • Assigning metadata to enable future discovery

  • Preserving your data for long-term access

In addition, the Stanford Digital Repository provides long-term preservation of your important research data in a secure, sustainable stewardship environment, combined with a persistent URL (PURL) that allows for easy data discovery, access, sharing, and reuse.

Data Use Agreements

A Data Use Agreement (“DUA”) is a contract that governs the exchange of specific data between two parties. DUA’s establish who is permitted to use and receive a unique data set, along with the allowable uses and disclosures of the data by the recipient.  A DUA also assigns appropriate responsibility to the researcher and recipient for using the data. The DUA must be entered into before there is any use or disclosure of a limited data set to an outside institution or party.  

Common terms of a DUA provide that the recipient will:

  • not use, disclose, or destroy the data set other than as permitted by the DUA, or as required by law;

  • use appropriate administrative, technical, and physical safeguards to prevent unauthorized uses or disclosures of the data set, including specific data transfer/access/disposition instructions;

  • report to the provider any uses or disclosures of the data set that are in violation of a DUA;

  • ensure that anyone to whom it provides the data set agree to the same requirements that apply to the recipient for receiving or accessing the data; and

  • not re-identify or contact the data subjects (for data related to a human subject).

Clinical Research Data

The Stanford Data Science Resources can help you access the tools, datasets, data platforms and methodologies for conducting innovative clinical and translational research.

The School of Medicine offers a limited initial consultation (underwritten by the Dean’s Office and Spectrum) to help you identify the resources you need. These consults may lead to longer-term engagements and partnerships with one or more of the consulting groups from across the School of Medicine.

Through these consulting groups, you can access datasets, a variety of platforms and tools and research services, including expert advice on databases and management, study design and implementation, biostatistics, informatics, technology integration, and much more.

Genomic Data Sharing

Effective January 25, 2015, all NIH-supported research that generates large-scale genomic data and uses large scale human or non-human genomic data, as well as the use of these data for subsequent research: 

  • Large-scale data include genome-wide association studies (GWAS), single nucleotide polymorphisms (SNP) arrays, and genome sequence, transcriptomic, metagenomic, epigenomic, and gene expression data, irrespective of funding level and funding mechanism (e.g., grant, contract, cooperative agreement, or intramural support). 

  • Examples include, but are not limited to, sequence data from more than one gene or region of comparable size in the genomes of more than 1000 human research participants; sequence data from more than 100 genes in the genomes of more than 100 human research participants; comparisons of differentially methylated sites genome-wide at single-base resolution within a given sample (e.g. within the same subjects over time or across cell types). Additional examples are available in the Supplemental Information to the NIH GDS Policy. When does the policy NOT apply? Examples of NIH-funded research or research-related activities that are outside the Policy’s scope include, but are not limited to, projects that do not meet the criteria above such as:  instrument calibration exercises  statistical or technical methods development, or  the use of genomic data for control purposes, such as for assay development. 

In addition, the following types of funding generally do not fall under the GDS Policy: Institutional Training Grants, K12 Career Awards, Individual Fellowships (Fs) such as the Ruth L. Kirschstein National Research Service Award, Resource Grants and Contracts (Ss), or Facilities and coordinating centers funded to provide genotyping, sequencing, or other core services in support of GDS.

Extramural Institutional Certification is required prior to depositing human genomic data into one of the NIH-supported repositories, even if the research itself is not NIH-supported. NIHsupported repositories include, but are not limited to Database of Genotypes and Phenotypes (dbGaP), Gene Expression Omnibus (GEO), or the Sequence Read Archive (SRA). 

The European Union GDPR

The European Union General Data Protection Regulation, or GDPR, is a new and substantial data privacy law that is relevant to 33 countries in the EU and European Economic Area. 

GDPR applies to individuals and organizations handling personal data within the EU, transferring data into and out of the EU, and processing of EU data anywhere. It is effective as of May 25th, 2018.