Genomic Data Sharing Resources
As of January 25th, 2025, per notice #NOT-OD-24-157, the National Institute of Health (“NIH”) requires that approved users of NIH controlled-access data governed by the Genomic Data Sharing policy are compliant with the rigorous and complex NIST 800-171 standard.
Compliance with this standard involves many aspects and may require the coordination and involvement of information technology, human resources, procurement, and other university departments and personnel.
The Principal Investigator (“PI”) of a given award ultimately must attest to compliance as a part of a new application or renewal. The University has put together a resource for the PI to clarify the areas of responsibility for the various NIST 800-171 compliance areas. This resource is a starting reference point for the PI, it also describes Rockefeller’s technical enterprise level compliance controls. The resource can be downloaded HERE.
It is critical to note that several of these controls involve processes and practices that can only be addressed and implemented by the PI and the laboratory personnel working on the project.
