Sensitive Data Decision Tool
If your study analyzes any of the following sensitive data types, there may be nuances to the NIH data sharing requirement.
- Genomic information
- Data from private data sources
- Data from administrative data sources
- Personal health information (PHI)
- Small Business Innovation/Technology Research/Transfer (SBIR /STTR) generated data and Intellectual Property (IP) data
- Data related to populations at risk for social and cultural stigma (e.g., American Indian/Alaska Native (AI/AN) communities, substance use disorder (SUD) patient records, mental health patient records, formerly incarcerated individuals, data on sexual orientation and gender identity (SOGI), and more).
Continue along the decision tree to identify additional or specialized requirements for your data type(s).
For detailed insights, visit our HEAL Sensitive Data Resource Page
Additional Information
*Administrative data is collected by government entities for program administration, regulatory, or law enforcement purposes.
- Examples: government health records, tax records, enrollment and attendance records, special service records, criminal records, employment and unemployment records, licensing records, housing and urban development data, transport and infrastructure data, etc.
**Private data is not available to the general public, for example: personally identifiable business confidential data
- Examples: medical records from private hospitals, loyalty card data, private surveys and polls, corporate financial data, web analytics, subscription service data, proprietary research data, insurance claim records, real estate transactions, etc.
Substance use disorder (SUD) patient records are "pre-existing data from non-public sources.” Visit the HEAL Sensitive Data resource page on SUD patient records for more information.