Research Data Sharing Agreement

Internal Operations Manual guidance

11 May 2026

This Operations Manual page explains how BNR staff should use the Research Data Sharing Agreement.

The agreement form itself is maintained as shared content, so the public-facing Methods page and this Operations Manual page remain consistent.

WarningInternal operational guidance

This page includes internal instructions for BNR staff. The shared agreement text below may also appear on the public-facing Methods pages.

When to use this agreement

Use this agreement when a researcher or research team requests access to restricted, de-identified BNR data.

This agreement is intended for releases that are more detailed than standard public outputs, even where direct identifiers have been removed.

This agreement is not normally required for:

  • fully public aggregate tables already approved for publication;
  • figures, summaries, or downloads already published on the BNR Information Hub;
  • internal BNR quality assurance work conducted under existing registry governance;
  • exploratory internal analysis that does not involve release outside the approved BNR team.

Staff workflow

BNR staff should follow this sequence:

  1. Confirm that the request is within the scope of BNR data-sharing policy.
  2. Confirm that the request has a named lead researcher and institution.
  3. Confirm the proposed purpose and public health or academic value of the work.
  4. Check whether ethics approval is required.
  5. Agree the dataset scope, disease area, time period, file format, and release version.
  6. Complete the agreement with the researcher.
  7. Obtain approval from the BNR Technical Lead.
  8. Store the completed agreement in the approved internal location.
  9. Record the release in the data-sharing log.
  10. Release the dataset only after approval and agreement completion.

Internal completion notes

When preparing the agreement:

  • complete the Data requested section before release;
  • record the dataset version or release date clearly;
  • ensure the disease area, period covered, and format match the released dataset;
  • list any conditions of approval in the BNR review section;
  • do not release data if the storage or access arrangements are unclear;
  • do not release data before the agreement has been signed by both parties.

Minimum internal record

For each approved data-sharing request, retain an internal record of:

  • researcher name;
  • institution;
  • project title;
  • dataset released;
  • disease area;
  • period covered;
  • dataset version or release date;
  • release format;
  • approval date;
  • approving BNR lead;
  • storage location of the signed agreement;
  • any restrictions or conditions attached to the release.

Storage and audit trail

Completed agreements should be stored in the approved internal BNR location.

Do not store signed agreements in the public website repository.

Do not store signed agreements in /outputs/.

Do not commit signed agreements, completed forms, researcher personal details, or correspondence about individual data requests to GitHub.

A simple internal filename pattern is recommended:

dsa_researcher-institution_project-short-name_YYYYMMDD.pdf

This filename is for internal storage only. It should not be published.

Version control of the template

The shared agreement text is maintained in:

site/_shared/data-sharing-agreement-body.qmd

Any substantive change to the agreement text should be reviewed before publication.

Substantive changes include:

  • changes to data-user responsibilities;
  • changes to retention or storage conditions;
  • changes to approval requirements;
  • changes to wording linked to data protection or confidentiality;
  • changes to the diseases, datasets, or release formats covered by the agreement.

Minor wording fixes do not normally require a changelog entry.

Current agreement template

ImportantWe do not store your data

This is not an online form. Nothing you type is submitted to the website or stored by the BNR Information Hub.

NoteHow to complete this agreement

To use this form, complete all fields, then print or save the page as a PDF for signature and submission.

1. Purpose of this agreement

This agreement allows an approved researcher or research team to access restricted, de-identified data from the Barbados National Registry for Chronic Non-Communicable Disease (BNR).

It supports the use of data for public health and academic research while ensuring compliance with the Barbados Data Protection Act (2019) and BNR’s duty of confidentiality.

2. Parties

Data Custodian:
The Barbados National Registry for Chronic Non-Communicable Disease (BNR)
George Alleyne Chronic Disease Research Centre
The University of the West Indies, Cave Hill Campus

Data User / Researcher

3. Description of data

Data requested

Type of data

Restricted, de-identified dataset

Disease area(s)

All direct identifiers, including names, addresses, and ID numbers, have been removed.

Although the data are de-identified, users must handle them with care to prevent any risk of re-identification.

4. Agreed purpose

The data are supplied only for the approved research project listed below.

Approved research project

The data may also be used for closely related analyses, peer-review, or follow-up publications linked to this project, provided that the BNR is notified.

5. Conditions of use

The Researcher agrees to:

  1. Keep the data secure and limit access to authorised project team members.
  2. Not attempt to identify individuals or link BNR data to other datasets without BNR approval.
  3. Use the data only for research that has ethical or institutional approval.
  4. Not share the data with anyone outside the approved research team.
  5. Retain the data only while the research, analysis, and related publications are active, then either archive them securely within the institution or delete them under institutional policy.
  6. Acknowledge the BNR and the Ministry of Health and Wellness in all outputs.
  7. Share with the BNR a copy or citation of any reports or publications arising from this work.
  8. Report any suspected data breach or misuse immediately to the BNR Technical Lead.

6. Data retention and security

The Researcher agrees that the data will be stored and managed as follows:

  • Store data on secure, password-protected and encrypted institutional systems.
  • Institutional or cloud storage is acceptable if compliant with recognised standards, such as ISO 27001 or equivalent.
  • Do not store data on personal laptops or unencrypted media.
  • Data may be archived for reproducibility and verification within the research institution, under the same or higher level of security.
Secure storage location

7. Governance and oversight

All data sharing is subject to:

  • approval by the BNR Technical Lead, and
  • ethical approval by a recognised Research Ethics Committee, if required.

The BNR may withdraw access if these terms are breached or if continuing use no longer meets the public interest test under the Barbados Data Protection Act (2019).

BNR review and approval

8. Signatures

For the Barbados National Registry

Data Custodian approval

For the Researcher

Data User agreement

Last updated: May 2026

Internal pre-release checklist

Before release, confirm:

Back to top