/Docs/G/GA4GH/Accountability-Policy/Form/0.md
  Source views: Source JSON(ish) on GitHub (VSCode)   Doc views: Document (&k=2.0.r00t): Visual Print Technical: OpenParameters Xray
Global Alliance for Genomics and Health: Accountability Policy
  1. Stakeholders involved in oversight of data sharing and data users (e.g., employers or guarantors) should establish clear policies and processes to address cases of non-compliance. In the context of this Policy, non-compliance should be understood in relation to locally adopted data sharing standards. Categories of non-compliance may include:
    • Data misuse (non-compliance with applicable laws, regulations, guidelines, policies, approved protocol, or access agreements);
    • Data breach (the wrongful release of data, whether as a result of accident, negligence or malice);
    • Data hoarding (unreasonable or unjustified withholding of data);
    • Non-compliance with security procedures;
    • Provision of inaccurate or incomplete data or information (e.g., in data submission, access application, or progress report);
    • Failure to obtain prior ethics approval before starting a research project, if required;
    • Failure to appropriately acknowledge the efforts of contributors;
    • Failure to respect benefit sharing requirements; or
    • Inadequate supervision of research by an employer or guarantor.
  2. Such policies and processes should aim to mitigate harm, deter future non-compliance, and educate stakeholders to prevent future non-compliance, in order to maintain trust in the research enterprise. The system established to monitor, adjudicate, and respond to non-compliance should be proportionate to the risk and harms of non-compliance. Responses to non-compliance may be either facilitative or punitive. It may be premature to apply punitive sanctions where data sharing standards are still evolving, and they cannot be applied at all in the absence formal oversight. To enhance accountability throughout the research ecosystem, stakeholders must collaborate to establish common data sharing standards; shared definitions of non-compliance; common monitoring, reporting, and investigation processes; as well as consistent responses to noncompliance.