This guidance provides specific information relating to the policy principles in the MRC data-sharing policy. Each principle is cross-referenced by their numbering and heading.
1. Planning research
1.1 Data management plans
Full funding proposals and funding reviews should include a data management plan. Data management plans must include details of planned data-sharing activities and be in line with this policy.
Guidance
Data management plans (DMPs) are the primary mechanism the Medical Research Council (MRC) uses to ensure that the research it funds generates data that is shareable and shared. DMPs should be written following the MRC data management plan template and guidance.
1.2 Funding proposal costs
Funding proposals should differentiate in broad terms between the proposed costs of:
- collecting or generating data
- the research project
- ongoing data curation
- data sharing
- data archiving
Costings should be proportionate to the intended activities.
Guidance
To help us assess the costs involved in making data available to share, proposals should be explicit in highlighting these costs as distinct from the costs of the primary research.
Costs relating to data sharing can include people, equipment, infrastructure, and tools to:
- manage data
- store data
- analyse data
- provide access to data
- manage legacy data
The guidance for applicants includes information about what MRC funds. The UK Data Service checklist also describes some of the potential costs involved with making data available for sharing.
1.3 Data use
In addition to the primary research purposes, project design must consider the widest range of potential uses of data and seek to establish broad and enduring legal avenues for data sharing. When consent to share data will be obtained, the consent should reflect this policy as far as possible.
Guidance
Participant information sheets and consent forms must be clear about how the research team will make data available for data sharing. If this involves processing of confidential information, then consent for this should be obtained. For more information on consent best practice including template paperwork, see the Health Research Authority’s (HRA) ‘Informing participants and seeking consent’ guidance.
1.4 Data sharing
Where appropriate, plans for data sharing must involve meaningful and proportionate public involvement and engagement. Funding proposals and data management plans should be clear on how this engagement is reflected in data-sharing activities.
Guidance
Funders, research approvers and data providers expect public involvement and engagement in research planning and research. Examples of this have been published by Health Data Research UK (HDR UK), and HRA provides guidance on public involvement in research.
Public involvement and engagement should also include activities specifically around data sharing. For more information see the Public Engagement in Data Research Initiative.
1.5 Data protection law
Projects must be designed to comply with relevant data protection law and provide proportionate transparency information that facilitates data sharing.
Guidance
Good data protection practice (by design and default) facilitates data sharing, and guidance is available from the MRC Regulatory Support Centre. For legal and ethical reason it is important to be transparent about how people’s data will be shared (NHS research transparency).
This includes participant information sheets and consent forms, but also extends to ensuring that information provided on websites and other communication resources is kept up to date.
1.6 Data providers
Where other organisations act as data providers (for example, the NHS), all potential data sharing should be discussed with the data providers as early as possible.
Guidance
Data provided by some organisations may have accompanying restrictions that hinder or prevent data sharing, even after effective anonymisation. Some data providers, such as NHS England, make this information publicly available.
2. Data collection, generation and curation
2.1 Metadata standards
Accurate and consistent metadata standards must be utilised in a way that supports high-quality research and data sharing. These standards should use a vocabulary that is consistent with FAIR (findable, accessible, interoperable, and reusable) principles.
Guidance
Data sharing is easier when providers and users operate to an agreed set of data standards. The Data Documentation Initiative is an international metadata standard. Other standards are also available, for example Data Catalog Vocabulary and CSV on the Web. More information about metadata standards can be found at:
- the CLOSER Learning Hub
- the Office for National Statistics
- the Research Data Alliance’s Metadata Standards Catalog
- the Digital Curation Centre
2.2 Metadata documentation
Metadata documentation, a metadata catalogue, or personnel with relevant knowledge and expertise that can support the understanding and use of datasets, must be available to facilitate data sharing. This documentation should be reviewed regularly to ensure that data remains usable.
Guidance
For small amounts of data sharing, it may be appropriate for this responsibility to be delegated to a person or team. Otherwise, research teams should develop and publish a metadata catalogue.
2.3 Metadata accessibility
Metadata must be easy to find by the research community to facilitate data sharing. Unique and persistent identifiers, searchable registers or similar must be used to aid discoverability.
Guidance
Placing metadata catalogues on a website allows researchers to easily establish the utility of the data to their research. Examples of metadata catalogues can be found at:
- Dementia Platform UK (DPUK) Cohort Directory
- Health Data Research Innovation Gateway
- Office for National Statistics: Secure Research Service Metadata Catalogue
2.4 Data-sharing policy or protocol
A data-sharing policy or protocol must be freely and readily discoverable. This should be available by the time of the first publication. The priorities and criteria for data sharing and any constraints must be transparent and clearly justified. The type and extent of exclusive use by the research team must be defined and justified.
Guidance
Policies and protocols are crucial in establishing the ground rules of data sharing. They should be proportionate to the anticipated volume of data sharing. Examples of data-sharing policies can be found at:
- the UK Dementia Research Institute data sharing policy
- the Million Women Study (Oxford Population Health)
2.5 Data access statement
Peer-reviewed publications must include a data access statement. This must include sufficient information to allow others to understand how to access the underlying data and comply with the UKRI open access policy.
Guidance
Even when data is not available for sharing, a statement should be included to explain the reasons it cannot be shared.
3. Data analysis
3.1 Intellectual property (IP)
IP relating to the use of data must be suitably protected and managed, in line with the UKRI knowledge exchange principles. Any delays or restrictions on data sharing due to managing IP must be minimised as far as possible.
Guidance
UKRI knowledge exchange principles must be followed to help protect intellectual property.
3.2 Research outputs
In terms of research outputs, a limited and defined period of exclusive data use to realise the benefits of the research is reasonable. Details of this must be outlined in the data management plan.
Guidance
MRC accepts that the research team should initially have exclusive use of data, but do not expect that to be a long-term situation. Proposals should outline and justify how long this period will be, or the criteria to be met before data is made available for access.
This period may be indicative, and different periods may be applied to different datasets. For example, this could be expressed as ‘six months after the end of the grant’, ’12 months after final data collection’, ‘three months after first publication’.
3.3 Recognising contributions
The contributions of those who are involved in generating, collating, linking, and analysing data should receive appropriate recognition. Therefore, adequate and permanent references (for example, Contributor Roles Taxonomy (CRediT)) must be provided in publications to increase the visibility and recognition of all those involved.
Guidance
The research data lifecycle involves contributions from multiple people, not necessarily just researchers. To help increase the recognition of everyone involved in data sharing MRC recommends using a taxonomy such as CRediT.
4. Data sharing
4.1 Partnerships
MRC encourages researchers to work in productive, equitable partnerships, for example with other research organisations, medical charities, and industry. Data sharing involving commercial or non-UK based organisations must conform to the same principles and practices as the UK academic community, including UKRI’s trusted research and innovation principles.
Guidance
Exclusive relationships for the use of data should be avoided, both for commercial and non-commercial purposes. Data sharing with commercial organisations must be for research that is in the public interest. International partnerships should take place with integrity and within strong ethical frameworks, as set out in the trusted research and innovation principles.
4.2 Revenue generation
Unless otherwise approved by MRC, projects should not seek to generate revenue through data sharing, although cost-recovery for data sharing is acceptable.
Guidance
MRC-funded research should not seek to generate financial profit. However, it is appropriate to charge to cover any costs associated with data sharing.
Research teams should ensure that they have accurately estimated data-sharing costs readily available to researchers (see UK Data Service costing guidance).
4.3 The Fives Safes framework
Where appropriate, projects must follow the principles and procedures of The Five Safes framework, which protects the confidentiality and rights of research participants and the security of datasets when shared.
Guidance
Data access is likely to be classified as one of the following:
- unrestricted access: data (for example, summary tables) for which the risk of disclosure is extremely low (see UK Data Service research data management guidance)
- unrestricted controlled access: data available as part of a controlled access process within the terms of participant consent and with no legal, contractual or ethical constraints
- restricted controlled access: data available as part of a controlled access process but with constraints on use, such as limited consent or legal restrictions
- no access: data not available for sharing because of legal, ethical, or commercial reasons
Regardless of how data access is organised, it must follow the Five Safes framework.
4.4 Data access governance
Data access governance processes should be appropriate and proportionate to the nature and scale of the project, the level of risk and the likely demand for access.
Guidance
MRC-NIHR Trials Methodology Research Partnership has guidance on sharing individual level trial participant data (PDF, 1MB). Depending on anticipated demand, research teams may wish to:
- manage their own data access process
- develop an institutional service, such as the MRC Clinical Trials Unit
- deposit data in a suitable repository such as UK Data Service
Re3data maintain a registry of data repositories.
4.5 Transparency
The criteria and processes governing data access should be transparent and readily discoverable. The principal stages and decisions should be clearly documented, along with effective mechanisms for enquiry and timely feedback.
Guidance
Transparency of data access processes is essential in establishing and maintaining trust and integrity. The Global Alliance for Genomics Health and HDRUK have published guidelines on what transparency looks like in practice. Examples of data access processes can be found at:
- Dementias Platform data access policy
- Avon Longitudinal Study of Parents and Children (ALSPAC) access policy
4.6 Accountability
Data access processes should include accountable independent input, and this must be outlined in funding proposals and reviews. Additionally, MRC strongly encourages public involvement in the data access process.
Guidance
In this context, ‘independent’ means being impartial towards decisions about the research data. In other words, although it is appropriate that the process involves people that are familiar with the data, research teams must be able to demonstrate that the process also involves people that are not directly involved.
Similarly, bringing the public’s perspectives into the process adds benefit and value. This may involve having members of the public on access committees or the setting up of:
- data trust committees (UCL Hospitals)
- data trusts (Data Trust Initiative)
- data access boards (Our Future Health)
4.7 Data-sharing agreements
Data sharing must only proceed with an appropriate data-sharing agreement. Data-sharing agreements must follow recognised standards (for example, the Information Commissioner’s Office (ICO)).
Guidance
Data-sharing agreements (also called data access agreements) are documents describing the data provider’s requirements for use of the data, including purpose, duration, restrictions and other aspects. The ICO provides details of what should be in a data-sharing agreement, and organisations provide templates such as:
- HDR UK: trusted research environment data access agreement (PDF, 6.4MB)
- ALSPAC: data access agreement (PDF, 496KB)
- Born in Bradford data-sharing agreement
4.8 Reporting to MRC
Data-sharing activities must be reported to the MRC during a given period of funding. Data-sharing activities should also be made public via a data use register.
Guidance
The research team should provide a short report, or provide a link to a data use register that includes the following:
- number of requests
- number of requests that were accepted or declined
- organisations or researchers that requested data
- title of the research projects
- any data breaches
- any other indicators to illustrate the value created through data sharing
MRC encourages research teams to detail this information in a data use register (working paper), such as the one published by The Longitudinal Linkage Collaboration.
4.9 Acknowledging contributors
Acknowledgement of the significant contributions of all parties creating new value through data sharing should be promoted. Data providers must provide persistent identifiers (such as DOIs and ORCID iDs) that allow data to be appropriately cited, and data users must acknowledge data sources by using these citations.
Guidance
Identifiers for people (like ORCID) or for digital objects (like DOIs) must be used. In addition to facilitating recognition, they will be one of the metrics that MRC will use to assess the extent of data sharing when reviewing funding applications.
4.10 Restrictions to sharing
MRC recognises that for legal, ethical, or contractual reasons, some datasets cannot be shared beyond the primary research. When this is the case, the reasons for this should be made clear in funding proposals and reviews, and data access statements.
Guidance
Funding proposals and data access statements must be explicit in describing why data cannot be shared or de-identified to a standard that allows sharing (UK Data Service). Lack of expertise, resource or finance are unlikely to be acceptable reasons for not sharing.
5. Archiving
Archiving of data must align with this policy, good research practice and be adequately described in funding proposals and reviews.
Guidance
To assist with archiving, the MRC Regulatory Support Centre has written a retention Framework for research data and records.