The National Institutes of Health (NIH) has issued updated data management policies, which introduce new security standards in the Genomic Data Sharing (GDS) Policy. Specifically, “NIH Security Best Practices for Users of Controlled-Access Data” require that data managed on institutional IT systems and third-party computing infrastructures that meet certain standards in accordance with NIST SP 800-171 “Protecting Controlled Unclassified Information in Nonfederal Information Systems and Organizations.” These new policies will be effective on January 25, 2025, at which point adherence to this standard will be included in new or renewed Data Use Certifications or similar agreements stipulating terms of access to controlled-access human genomic data regardless of whether the Approved User is supported by NIH or not.

Read more.