Article IV

The Council shall establish a standing committee, known as the National Committee for Monitoring the Exchange and Conservation of Research Data and Biomaterials, which shall be responsible for:

a.  Coordination with health research authorities on the organization of the exchange and preservation of research data and vital materials and follow-up on their implementation.

b.  Adoption of mechanisms for the implementation of those rules.

c.  Identify the observer for the sharing of research data and vital materials and enable him to perform his functions as set out in article V of these Rules.

d.  Coordinate with health research authorities to adopt the nomination of an officer to control research data and vital materials and link it to the observer for data sharing.

e.  Dissemination of culture and awareness among researchers in the exchange of research data and vital materials.

f.  Provision of advice to assist in the implementation of these rules.

g.  Biannual reports to the Council on the results of the Committee ' s work.

​

Article V

The observer for the sharing and protection of research data and vital materials coordinates with the Office of Research Ethics Control of the National Commission on Bioethics with respect to:

(1) Ensure control of the implementation of the responsibilities (data controller, data protection officer (DPO), data processor) contained in these rules.

(2) Organize the exchange and preservation of research data and vital materials and coordinate with local committees to verify the following:

   a. Include in all health research funded or supported by government agencies a data management and participation plan that is compatible with the data management and participation policies of the researcher, taking into account the following:

   b. Include in the plan how the four enabling principles (FAIR) on research data and/or vital materials (capable / accessible / mutually beneficial / reusable) can be achieved.

   c. The plan includes any potential conflict of interest.

   d. Include in the plan mechanisms to protect research data/biomaterials from diversion or participation with anyone not previously referred to in that plan.

   e. Include in the plan any barriers that may arise through data sharing and an explanation of those barriers, such as (specific limitations - not being able to participate in all data).

Article VI: Responsibilities of data controller:

(1) To take the necessary measures to protect data in accordance with ethical and organizational standards and in conformity with the system of searching for living creatures and established regulations, regulations and instructions.

(2) Ensure that all data collected by the controller as a result of previous health research take into account the four principles of empowerment as defined in the context of these rules:

   a. The first enabling principle: enable data to be found: all research databases and biomaterials available to data controllers must be disclosed in a clear and public manner to all interested in scientific research. The declaration contains a list of research with a list of data collected for each search with keys to the nature of those graphic variables, in a manner that is easy to find and to plan for the use of both all and part of the data, according to the new research proposal.

   b. The second enabling principle: access to data: data must be controlled by specific and clear requirements for access to research data and vital samples (how to access them fairly, fairly and transparently, including requests for approval by local committees (IRBs/IECs) and contract clauses under which the data will be transferred.

   c. The third enabling principle: enable mutual access to data: the research data held must be ready to be combined when needed with other data sets, whether the integration mechanisms are carried out by the researcher himself or using statistical programmes (logarithms).

   d. Fourth enabling principle: Enable data reuse: Data keys must be well-defined so that researchers can plan for their reproduction and/or integrate them in proportion to the new research proposal.

(3) Ensure that the standards adopted for the processing of research data and vital materials are met.

(4) Requiring researchers not to participate in research data and/or to transfer vital materials without the explicit and valid approval of the research to be carried out by the local committees so that such approval would include a review and acceptance of the DMSP data management and participation plan in conformity with the four enabling principles set out in these Rules.

(5) To ensure that all research data and vital materials are subject to the exercise of equitable empowerment and that the data controller has the right to seek fair financial compensation for the use of data in accordance with the rules to be determined by the National Commission for the Control of the Exchange and Preservation of Research Data and Biomaterials.

(6) Examination of the data processor ' s request for an extension of the protection period, provided that the requested extension period does not exceed a period of time equal to that approved in the new research proposal.

(7)Ensure that the data are encrypted to conceal the source ' s identities, such as names or any other knowledge that may reveal their identities.

(8) Ensure that all necessary policies and procedures are in place to prevent any leakage of the identifying data of the source and to report any leaks within specified periods.

(9) In the case of a new data processor or researcher requesting knowledge data that is not encrypted, the objectivity of that request must be ascertained that the new search can only be carried out through uncoded data and that the encrypted data are not sufficient (for the purposes of the planned research).

(10) Identification of the person responsible for data protection (DPO) in the enterprise, including:

   a. Ensure that the responsibility for data protection in the facility and the data processor is clear.​

   b. Emphasis on the independent communication between the data protection officer and the observer for the participation and protection of research data and vital materials.

(11) Upgrade the National Committee for Monitoring the Exchange and Conservation of Research Data and Biomaterials and the National Committee for Bioethics, as appropriate, with any impediments that may arise from the application of these rules.

(1) Ensure that the research data and vital materials held by the data controller are accurate and updated.

(2) Review all data processing methods for Snow Y to ensure that research data and/or biomaterials that are in conformity with these rules and the data management and participation plan (DMSP).

(3) Ensure that the audit process is conducted in accordance with an agreed policy to comply with these rules, whether internal or external.

(4) Assessment of the risk of diversion or misuse by the data processor, such as failure to comply with what was agreed in the new research proposal by reviewing the annual data-processing record.

(5) Assess any other risks depending on the nature of the new research data, such as genetic, criminal, psychological or other data, which need care and may lead to the risk of personal, family, tribal or community stigmatization.

(6) Review and update research databases and vital materials processed by the data controller where necessary, emphasizing that their data are accurately described to enable future use.

(7) Any overruns or leakages of data for both data control and control over the sharing of research data and vital materials.

Article VIII: Responsibilities of data processor:

(1) Disclosure of any actual or potential conflict of interest with respect to the purpose of research data and vital materials.

(2) To limit the work on vital data and materials to the scope of the approved research project, the purpose of which is explained in the data management and participation plan (DMSP) and the agreements adopted in the new research proposal.

(3) Ensure that the data management and participation plan (DMSP) is activated in the new research proposal and that the resulting processed data are made available to the data controller so that it can be made available in accordance with the four enabling principles after the period of protection against publication approved in the new research proposal has passed.

(4) Not to deal with a third party unless there is prior express consent in the new research proposal.

(5) Not make any changes to the previously approved DMSPDMSP plan, and in the event of need for change, the data processor must ensure that there is approval by the local data control committee (IRB).

(6) Take the necessary action to protect the data from any risks that lead to a breach of the database, or any potential risks to individuals or groups.

(7) Ensure that the data obtained are sufficient and relevant to the purpose for which the data are treated.