Controlled-access repository (e.g. Database of Genotypes and Phenotypes/dbGaP): access to the repository is restricted to bonafide researchers and a Data Access Committee (DAC) reviews applications to ensure future use is consistent with data restrictions.
Unrestricted repository (e.g. GEO): data are made freely available on the internet for anyone to use.
Samples collected after 1/25/2015: consents must explicitly mention future use, broad sharing and whether individual level data will be deposited into a controlled-access or unrestricted repository.
Samples collected before 1/25/2015: consents must not be inconsistent with data sharing.
Data Use Limitation (DUL) Request Form: A document signed by an IRB indicating that the submission of data to dbGaP and subsequent sharing for research purposes are consistent with the informed consent of study participants.
Institutional Certification (IC): A certification letter that must accompany dbGaP submissions, signed by the Broad's Chief Compliance Officer, certifying that the submission is consistent with all applicable laws and regulations; the appropriate research uses of the data and the uses that are specifically excluded by the informed consent documents are outlined; the identities of research participants will not be disclosed to the dbGaP; and an IRB has verified that the submission is consistent with the informed consent.
NIH Genomic Data Sharing Policy: policy implemented on January 25, 2015 to ensure the broad and responsible sharing of genomic research data generated from NIH-funded research. (https://osp.od.nih.gov/scientific-sharing/policies/)