Important Update to NIH Genomic Data Sharing Policy
What could be more important than protecting the privacy of our biological code?
The National Institutes of Health (“NIH”) has issued NOT-OD-24-157 which implements heightened security requirements for controlled-access human genomic data, effective January 25, 2025. The updated NIH Security Best Practices for Controlled-Access Data Subject to the NIH Genomic Data Sharing (GDS) Policy (“NIH Security Best Practices”) requires compliance with “NIST SP 800-171 Protecting Controlled Unclassified Information in Nonfederal Systems and Organizations” (“NIST SP 800-171”) for accessing, handling, and storing applicable datasets. NIST 800-171 outlines a comprehensive set of implementable controls that address multiple areas of information security including audit and accountability, incident response, and risk assessment.
This requirement specifically targets the protection of human genomic data, a form of highly sensitive information that can reveal a person’s predisposition to certain health conditions, ancestry, and other personal details. The European Union’s GDPR recognizes genomic data as falling under special categories of personal data which merit higher protection. Numerous laws at the state level exist to protect citizens, and court cases will continue to paint a clearer picture of our genomic privacy rights.
This added security underscores the NIH’s recognition of the critical importance of genomic privacy. It aims to bolster public trust in biomedical research and assure research participants that their sensitive genetic data will remain confidential. In an era of expanding data-driven healthcare, personalized medicine, and pioneering genomic research, this notice will serve to standardize best practices, reduce the risk of breaches, and maintain the integrity of genomic research.
Are you performing research or considering applying for a grant and have questions? Please contact RO-Agreements@udel.edu to discuss research security and compliance, or it-grc@udel.edu for a security consultation. Additional NIH learning resources are available here.
Thank you for helping to secure UD!