/Docs/G/GA4GH/Accountability-Policy/Form/0.md
  Source views: Source JSON(ish) on GitHub (VSCode)   Doc views: Document (&k=2.2.r00t): Visual Print Technical: OpenParameters Xray
Responding to Non-Compliance
  1. A range of appropriate responses or sanctions (minimum to maximum) should be defined and made available for each category of non-compliance. Depending on the seriousness of the noncompliance and the type of stakeholder(s) involved, responses may include:
    • Call for an explanation;
    • Additional training;
    • Financial or technical aid;
    • Warning;
    • Compliance audits;
    • Suspension/termination of employment;
    • Suspension/termination of access;
    • Suspension/termination of related services;
    • Suspension/termination of funding;
    • Suspension/retraction of publication; or
    • Report of non-compliance to:
      • o Data steward(s) who provided the data;
      • o Data donor(s) who provided the data;
      • o The employer of the data user;
      • o The ethics body responsible for the project;
      • o Funders, data stewards, or journals implicated in the research;
      • o Regulatory authorities or law enforcement officials; and/or
      • o The general public.
  2. Criteria should be defined for assessing the severity of a sanction, for example, first or repeat non-compliance; non-compliance not self-reported in a timely manner; sensitivity of data; or impact on data donors, data stewards, or vulnerable populations. Where repeated incidents occur at the same institution, it may be appropriate to apply sanctions both to individual researchers and to the institution. In assessing non-compliance, elements of procedural fairness should be respected, including transparent, fair, and independent adjudication, a reasonable opportunity for affected parties to be heard, and specification of circumstances where an appeal is possible (e.g., when substantial sanctions are applied).
  3. To improve collective knowledge of non compliance events, the compliance officer (or other person) should prepare a summary log of the nature of each non-compliance event and how it was resolved. This information should only be released once the non-compliance has been resolved, and should not identify the parties involved. Such a log would provide important data on the frequency, nature, and source of non-compliance events for future policy development.