Effective: February 1, 2021
Contact: Office of the Vice President for Research
Under the Office of Science and Technology Policy memorandum entitled “Increasing Access to the Results of Federally Funded Scientific Research” (dated February 22, 2013), the federal government requires that “to the greatest extent and with the fewest restraints possible…the direct results of federally-funded scientific research are made available to and useful for the public, industry and the scientific community…maximizing access…while (i) protecting confidentiality and personal privacy, (ii) recognizing proprietary interests, business confidential information, and intellectual property rights….and (iii) preserving the balance between the value of long term preservation and access and the associated cost and administrative burden.”
Consistent with the OSTP memorandum, the adoption of similar measures by other research sponsors, and the broader move towards open science and scholarship, ISU’s mission aligns with these requirements and applies this requirement more broadly to all research activities.
University ownership and stewardship of research data are based on applicable laws and regulations, sponsorship agreements, Iowa State University (ISU) policies, and sound management principles to ensure:
- alignment with the university mission;
- the preservation and accessibility for research data;
- the promotion of open science;
- the commitment to providing benefit to the public and;
- the availability of data supporting research publications to the public. top
See Definitions section below.
The purpose of the Research Data policy is to describe the rights and responsibilities of investigators and Iowa State University (ISU) in the use, retention, maintenance and sharing of data generated as part of ISU’s research enterprise. Except as noted below, this policy applies to all ISU personnel and encompasses all research data produced under ISU projects, whether funded through external or internal funding sources, or unfunded.
Research data produced at ISU shall be recorded, maintained, retained, used, protected and shared in accordance with state and federal regulations and with ISU policies and procedures. In cases where a conflict or discrepancy exists between these guidelines and federal or state laws, regulations or guidance, the more restrictive requirement shall take precedence. top
OMB Uniform Guidance, Section 200.315(a) provides guidance on ownership and use of intangible property, which includes research data. Ownership of university research data is automatically granted to ISU immediately upon its generation. ISU must first use research data for any originally authorized purpose as outlined in any agreement sponsoring the research. Multiple organizations or individuals may share ownership of research data if the research data are generated or acquired through collaborative research.
ISU does not claim ownership to research data generated or collected by:
- Investigators, if research data is considered the unrestricted property of the author, including scholarly works as defined in ISU’s policy on University-Sponsored Educational Materials, provided rights are not otherwise required in a sponsored project’s grant, contract or cooperative agreement.
- Students engaged in academic work, if the students:
- Are not employees of the university or otherwise supported with university funds for a work assignment related to research; or
- Are engaged in activities conducted with incidental use of university resources, including ISU facilities, equipment, materials, or financial support.
The principal investigator is the steward of the research data that is under their control. Principal investigators are responsible for managing access to research data under their stewardship in consultation with the university as applicable. Principal investigators will select the vehicle(s) for publication or presentation of the research data. Principal investigators share research data, including placing the research data in public repositories, unless specific terms of sponsorship or other agreements supersede this right. The principal investigator is responsible for informing all research data recipients of any limitations or restrictions on the use or dissemination of the research data. top
Principal investigators are responsible for ensuring that research data under their stewardship are preserved. The principal investigator is responsible for determining what needs to be retained in sufficient detail and for an adequate period of time to enable appropriate responses to questions about accuracy, authenticity, importance, and compliance with laws and regulations governing the conduct of research.
Research data must be retained in accordance with 2 CFR 200.333 for federally funded research (i.e., a minimum of three years after the submission of the final expenditure report). Similarly, for non-federally funded research, research data must be retained for a minimum of three years after the completion of the research project under which it was gathered. Retention requirements must be compliant with any data restrictions, as outlined below. Longer retention of research data may be required under additional circumstances including the following:
- Conditions of the funding agency
- Regulatory obligations
- Program income transactions
- Protection of intellectual property
- Student involvement (to the extent retention requirements of the Graduate College exceed conditions of the funding agency)
- Charges, audits, claims, or litigation regarding research, such as allegations of scientific misconduct, non-compliance or fraud or abuse. Consult the Offices of University Counsel, Internal Audit, Office of Research Ethics, the Research Integrity Officer (Office of the Vice President for Research), and the Iowa State University Research Foundation as appropriate for specific retention requirements when audit, investigations or legal proceedings incorporate research data.
Principal investigators may choose to retain the data beyond the minimum period. However, principal investigators must destroy research data when required by laws, regulations, or other agreements, on or before a specified deadline and follow the applicable process for destroying research data:
Generally, original research data and preliminary data collected or acquired in the conduct of research at ISU must be retained at ISU. When an individual leaves ISU, the individual may take copies of research data and other data associated with the research when:
- The individual’s participation in the design, conduct or reporting of the associated project can be established; and
- Appropriate permission is received as provided below:
- for departing principal investigators, permission from the dean and the Vice President for Research;
- for departing students and other research personnel, permission from the dean (in consultation with the Vice President for Research and the principal investigator); and
- in cases where the research data has been protected as intellectual property, permission from the ISU Research Foundation.
When a principal investigator leaves ISU, the dean shall determine who will take stewardship responsibility for research data in consultation with the Office of Vice President for Research. When a student or research personnel leaves ISU, the principal investigator shall determine who will take stewardship responsibility for research data (in consultation with the Associate Vice President for Academic Programs as it relates to students). top
Research shall be understood to encompass all those activities carried out by investigators within their respective position responsibility statement, job description, or courses of study which are designed to increase knowledge, establish facts, and reach new conclusions or improve upon inventions.
Investigator shall mean a person, whether as an employee, or otherwise affiliated with ISU, whose position responsibility statement, job description, employment assignment and/or function within the university is, either in whole or in part, to carry out Research, whether sponsored by external sources, internal sources, or are unfunded. Such investigators shall include, but not be limited to, faculty, staff, other paid employees, or other individuals supported with university funds.
Personnel shall be understood to mean faculty, staff and other paid employees of ISU.
Principal investigator shall be an investigator who has primary responsibility for a research project within the university for the design, conduct and reporting of Research. top
Research data shall be as defined in the Uniform Guidance, 200.315(e) (iii), and shall mean:
“[T]he recorded factual material commonly accepted in the scientific community as necessary to validate research findings,”
Examples of research data: documents (text, Word), spreadsheets, databases, laboratory notebooks, field notebooks, diaries, questionnaires, transcripts, codebooks, audio recordings, video recordings, images, films, protein or genetic sequences, spectra, test responses, slides, artifacts, specimens, samples, collection of digital objects acquired and generated during the process of research, database contents (quantities and codes, text, video, audio, images, or other data objects), models, algorithms, scripts, contents of an application (input, output, logfiles for analysis software, simulation software, schemas), methodologies and workflows, standard operating procedures and protocols
Examples that are NOT research data: commercial information, information currently protected under obligations of confidentiality and Personnel and medical information and similar information the disclosure of which would constitute a clearly unwarranted invasion of personal privacy.
Intangible property, as defined in 2 CFR 200.59 shall mean “property having no physical existence, such as trademarks, copyrights, patents and patent applications and property, such as loans, notes and other debt instruments, lease agreements, stock and other instruments of property ownership,” and includes research data in accordance with 2 CFR 200.315(e)(3).
Tangible research property shall be as defined as “tangible items produced in the course of research, such as compositions, chemical compounds, biological materials, materials, drawings, devices, integrated circuit chips, computer databases, computer software, prototypes, circuit designs, and equipment.” Tangible property shall be treated as research data only to the degree that it meets the definition in 2.5 above, or when agency-specific regulatory language or contract language requires that it be classified as research data (e.g., physical samples or photographic images when they are used to support findings in published papers). top
Office of the Vice President for Research
- Fosters an environment that promotes the wide dissemination of research data in furtherance of the university’s mission.
- Ensures that research data management needs and regulatory obligations, including preservation and accessibility, are met for research data, and operational considerations with respect to the various types of research data are captured.
- Determines future research data management requirements in conjunction with Information Technology Services and the University Library.
- Coordinates response to charges, audits, claims, or litigation regarding research, such as allegations of scientific misconduct, non-compliance or fraud or abuse.
Information Technology Services
- Directs the information technology strategy for the university, which includes a strategy for research data storage, archiving, and information security and addresses the information technology needs of the university, including the needs of research data storage.
- Determines future research data management requirements in conjunction with the Office of the Vice President for Research and the University Library. top
- Ensures the long-term preservation, access, and curation of research data entrusted into its care to meet federal, state, sponsor, and university requirements.
- Provides support and training services for researchers in the creation and implementation of data management plans and best practices in data management and data sharing.
- Determines future research data management requirements in conjunction with Information Technology Services and the Office of Vice President for Research.
Office of Intellectual Property and Technology Transfer/ISU Research Foundation
- Ensures compliance with sponsor requirements for data sharing and that research data sharing practices do not conflict with the protection the university’s intellectual property or technology transfer activities.
Office of University Counsel
- Advises the university regarding research data sharing and compliance with state and federal regulations, sponsor requirements, and university policies to ensure that research data sharing practices do not conflict with other university policies or interests. top
- Acts as the steward of the research data.
- Determines what research data needs to be retained in sufficient detail and for an adequate period of time.
- Manages access to research data.
- Selects the vehicle for publication or presentation of the research data.
- Shares research data, including placing research data in public repositories pursuant to university policy, unless specific terms of sponsorship or other agreements supersede these rights.
- Ensures that research data under their stewardship are preserved.
- Educates all Personnel in the research project about their obligations regarding research data.
- Consults the Office of Research Ethics , the Office of the Vice President for Research and the Office of Intellectual Property and Technology Transfer/ISU Research Foundation as applicable to ensure the research data is protected and shared appropriately.
- Identifies a new steward for the research data when a principal investigator leaves ISU.
- Grants permission to take copies of the research data to principal investigators leaving ISU, in consultation with the Office of the Vice President for Research. top
ISU is subject to regulatory requirements that affect the acquisition and protection of research data. ISU complies with all applicable agency policies and makes research data available as broadly as possible while also providing protection to data collected or acquired in the planning or conduct of research that is specifically restricted or controlled under Federal laws and regulations.
Regulations and policies that govern ISU’s treatment of research data may include:
- The Privacy Act of 1974, 5 U.S.C. § 552a, governs the collection, maintenance, use and dissemination of information about individuals that is maintained in systems of records by federal agencies. Investigators should coordinate with the Office of Research Ethics when conducting research involving human subjects.
- The Health Insurance Portability and Accountability Act (HIPAA), 45 CFR Part 160 and Part 164, Subparts A, C & E, controls the use and release of Electronic Private Health Information (e-PHI). Investigators should coordinate with the Office of Research Ethics when conducting research involving human subjects.
- General Data Protection Regulation (GDPR): 2016/679 is a European Union data privacy and protection regulation concerning individuals within the European Union and the export of personal data outside the European Union. Investigators should coordinate with the Office of Research Ethics when conducting research involving human subjects.
- The Family Educational Rights and Privacy Act (FERPA) 34 CFR Part 99 and the associated Protection of Pupil Rights Amendment (PPRA) protects individual’s educational records and controls the information that can be gathered and released concerning students in US educational institutions. FERPA and PPRA impacts Research carried out with students in K-12 and institutions of higher education. Investigators should coordinate with the Office of Research Ethics when conducting research involving human subjects.
- Export Control regulations are contained in the Export Administration Regulations (15 CFR 730-774) and the International Traffic in Arms Regulations (22 CFR 120-130). These regulations are overseen by the Department of Commerce and the Department of State, respectively. Investigators should coordinate with the Office of Research Ethics when conducting research involving export control.
- National Institute of Standards and Technology Special Publication SP-800-171 Rev. 1 which governs the protection of controlled unclassified information (CUI) while residing in nonfederal information systems and organizations. Investigators should coordinate with the Office of Research Ethics when conducting research involving CUI.
- Sensitive but Unclassified refers to data subject to federal agency restrictions on release of information or technology developed under federal funding. The Office of Sponsored Programs Administration (OSPA) has primary responsibility for negotiating the terms of federal agreements and seeks to limit ISU’s liability related to data restrictions. Investigators should coordinate with the OSPA when they identify language that appears to restrict ISU’s ability to freely distribute research data. top
Policies and contractual obligations that govern ISU’s treatment of research data may include:
- Contract clauses that restrict the release of certain data are sometimes negotiated between ISU and non-federal research sponsors, for example, non-disclosure agreements and data sharing agreements. The Office of Intellectual Property and Technology Transfer (OIPTT) has primary responsibility for negotiating contracts with industry research sponsors. Investigators should coordinate with OIPTT to provide the least restrictions reasonable related to public release of research data.
- Intellectual Property protections are addressed in the ISU Patent Policy and reflect the requirements of the Bayh-Dole Act of 1980. Release of protectable information prior to taking steps to protect intellectual property rights limits ISU’s ability to establish patent or other rights. For additional information about intellectual property rights, contact OIPTT and the ISU Research Foundation.
- The IT Security Policy discusses oversight of ISU data and provides guidance on protection of restricted data, including physical security and information technology systems security, while the Data Classification Policy provides for the classification of data types. For additional information, contact Information Technology Services.
- The GDPR: Compliance with the European Union General Data Protection Regulation Policy provides guidance on the use, processing, and control of personal data of an individual residing within the European Union by the university. top