GRAIL Metadata
Metadata summarizes participants (n=198), samples (n=396), basic clinical information, and analysis. analysis1: raw sequencing reference alignment files (bam/bai) analysis2: error-corrected sequencing reference alignment files (bam/bai) analysis3: variant calling using error-corrected sequencing reference alignment (vcf)
- 396 samples
- DAC: EGAC00001001284
GRAIL and MSKCC Data Access Committee and Agreement
DATA ACCESS AGREEMENT These terms and conditions govern access to and processing of the managed access datasets (details of which are set out in Appendix I) to which the User Institution has requested access. The User Institution agrees to be bound by these terms and conditions and any appendices or addenda hereto, which are hereby incorporated (collectively, the “Agreement”). Definitions Authorised Personnel: Those individuals employed at the User Institution to whom the GRAIL & MSKCC Data Access Committee specifically grants access to the Data. This is limited to the User, the individuals listed in Appendix II and any other individuals at User Institution for whom the User Institution subsequently requests access to the Data and to whom GRAIL & MSKCC Data Access Committee agrees in writing to grant access. Data: The managed access datasets to which the User Institution has requested access. Data Producers: GRAIL and MSKCC, which are responsible for the development, organisation, and oversight of these Data through the GRAIL & MSKCC Data Access Committee. External Collaborator: A collaborator of the User, working for an institution other than the User Institution. GRAIL: GRAIL, Inc., a Delaware company, with offices at 1525 O’Brien Drive, Menlo Park, CA 94025. GRAIL & MSKCC Data Access Committee: means the access committee consisting of two members from GRAIL and two members from MSKCC, as designated by GRAIL and MSKCC, respectively, from time to time (and any other members added in GRAIL and MSKCC’s discretion) to govern and decide whether to approve access to the Data for a particular Project. MSKCC: Memorial Sloan Kettering Cancer Center, a New York not-for-profit corporation with offices at 1275 York Avenue, New York, NY 10065. Project: The project for Research Purposes for which the User Institution has requested access to these Data, as set out expressly in Appendix II. Publications: Includes, without limitation, articles published in print journals, electronic journals, reviews, books, posters and other written, visual and verbal presentations of research. Representative: An individual on the GRAIL & MSKCC Data Access Committee, or his or her designee, who is a representative of the Data Producers and a member of the GRAIL & MSKCC Data Access Committee. Research Participant: An individual whose data form part of these Data. Research Purposes: Research that is (1) seeking to advance the understanding of genetics and genomics, including the treatment of disorders, and work on statistical methods that may be applied to such research; or (2) being conducted for any purpose deemed appropriate by the GRAIL & MSKCC Data Access Committee, subject to the terms and conditions of this Agreement, informed consents, and any other applicable laws, regulations and professional and ethical standards. User: The principal investigator for the Project. User Institution(s): The institution that has requested access to the Data and any of its Authorised Personnel. 1. The User Institution agrees not to use these Data except for the purpose of the Project, which, for clarity is only for Research Purposes. The User Institution further agrees that it will only use these Data for Research Purposes 2. The User Institution agrees to preserve, at all times, the confidentiality of these Data. In particular, it undertakes not to use, or attempt to use these Data to compromise or otherwise infringe the confidentiality of information on Research Participants. Without prejudice to the generality of the foregoing, the User Institution agrees to perform in accordance with the Privacy and Data Security Addendum set out in Attachment 1 (the “Data Addendum” or “Addendum”) with respect to any Processing (as defined in the Addendum) of Data. 3. The User Institution agrees to protect the confidentiality of Research Participants in any research papers or publications that User Institutions prepares by taking all reasonable care to limit the possibility of identification of Research Participants. 4. The User Institution agrees not to link or combine these Data to other information or archived data available in a way that could re-identify the Research Participants, even if access to these Data has been formally granted to the User Institution or is freely available without restriction. 5. The User Institution agrees not to transfer or disclose these Data, in whole or part, or any material derived from these Data, except to the Authorised Personnel. User Institution shall not share these Data with any External Collaborator. Any External Collaborator must complete a separate application for access to these Data. 6. The User Institution agrees that the Data Producers, and all other parties involved in the creation, funding or protection of these Data: a) make no warranty or representation, express or implied as to the accuracy, quality or comprehensiveness of these Data; b) exclude to the fullest extent permitted by law all liability for actions, claims, proceedings, demands, losses (including but not limited to loss of profit), costs, awards damages and payments made by the User Institution that may arise (whether directly or indirectly) in any way whatsoever from the User Institution’s use of these Data or from the unavailability of, or any limitation of access to, these Data for whatever reason and; c) bear no responsibility for the further analysis or interpretation of these Data. 7. The User Institution agrees to follow the Fort Lauderdale Guidelines (as set forth by The Wellcome Trust in its report titled “Sharing Data from Large-Scale Biological Research Projects: A System of Tripartite Responsibility” in January 2003) and the Toronto Statement (as set forth by various authors participating in the Toronto International Data Release Workshop in May 2009). This includes but is not limited to recognising the contribution of the Data Producers and including a proper acknowledgement in all reports or publications resulting from the use of these Data. 8. The User Institution agrees to follow the Publication Policy in Appendix III. This includes respecting the moratorium period for the Data Producers to publish the first peer-reviewed report describing and analysing these Data. 9. The User Institution agrees not to make intellectual property claims on these Data and not to use intellectual property protection in ways that would prevent or block access to, or use of, any element of these Data, or conclusion drawn directly from these Data. 10. OMITTED. 11. The initial members of the GRAIL & MSKCC Data Access Committee are listed in Appendix I. The initial Representatives are Alexander M. Aravanis from GRAIL and David B. Solit from MSKCC. 12. The User Institution will notify the GRAIL & MSKCC Data Access Committee within thirty (30) days of any changes or departures of Authorised Personnel. 13. Without limiting anything in the Addendum, the User Institution will notify the GRAIL & MSKCC Data Access Committee if it desires to make any significant changes to the Project. 14. The User Institution will notify the GRAIL & MSKCC Data Access Committee as soon as it becomes aware of a breach of the terms or conditions of this Agreement. 15. GRAIL or MSKCC may terminate this Agreement by written notice to the User Institution. 16. The User Institution accepts that it may be necessary for the Data Producers to alter the terms of this Agreement from time to time. As an example, this may include specific provisions relating to the Data required by Data Producers other than GRAIL or MSKCC. In the event that changes are required, the Data Producers, the GRAIL & MSKCC Data Access Committee, or a designee of GRAIL or MSKCC will contact the User Institution to inform it of the changes and the User Institution may elect to accept the changes or agree to the termination of this Agreement. 17. The User Institution agrees to distribute a copy of this Agreement to the Authorised Personnel. The User Institution will ensure that the Authorised Personnel comply with the terms of this Agreement. 18. This Agreement may be executed in counterparts, which together shall constitute one and the same instrument. [Signatures to follow] Agreed for User Institution Signature: Name: Title: Date: Principal Investigator I confirm that I have read and understood this Agreement. Signature: Name: Title: Date: Agreed for GRAIL & MSKCC Data Access Committee: From Grail: Signature: Name: Title: Date: From MSKCC: Signature: Name: Title: Date: APPENDIX I – DATASET DETAILS APPENDIX II – PROJECT DETAILS APPENDIX III – PUBLICATION POLICY APPENDIX I – DATA DETAILS Dataset reference (EGA Study ID and Dataset Details): The Data are comprised of sequencing data (patients and controls), process metrics, and de-identified clinical data. These Data were used to produce the results presented in the paper. Name of project that created the Data: High-intensity sequencing to reveal sources of plasma circulating cell-free DNA variants. Names of initial members of the GRAIL & MSKCC Data Access Committee: Alexander M. Aravanis, MD, PhD (aaravanis@grailbio.com; GRAIL, Inc.; Menlo Park, CA); Earl Hubbell, PhD (GRAIL, Inc.; Menlo Park, CA); Pedram Razavi, MD (Memorial Sloan Kettering, New York, NY); David B. Solit, MD (Memorial Sloan Kettering, New York, NY) Specific limitations on areas of research: GRAIL & MSKCC Data Access Committee may specify additional limitations on areas of research with respect to the Data from time to time. User Institution will be informed of any such limitations and the User Institution may elect to accept the limitations or agree to termination of the Agreement. Minimum protection measures required: File access: Data may be held in unencrypted files on an institutional computer system, with Unix user group read/write access for one or more appropriate groups but not Unix world read/write access, behind a secure firewall. Laptops holding these Data must have password-protected logins and screenlocks (set to lock after at most five (5) minutes of inactivity). Data held on USB keys or other portable hard drives must be encrypted. APPENDIX II – PROJECT DETAILS (to be completed by the Requestor) Details of Data requested i.e., EGA Study and Dataset Accession Number: Brief abstract of the Project in which the Data will be used (500 words max): All Individuals who the User Institution to be named as registered users: Name of Registered User Email Job Title Supervisor All Individuals that should have an account created at the EGA: Name of Registered User Email Job Title APPENDIX III – PUBLICATION POLICY GRAIL and MSKCC intend to publish the results of their analysis of these Data and do not consider the deposition of these Data into public databases to be the equivalent of such publications. GRAIL and MSKCC anticipate that the Data could be useful to other qualified researchers for a variety of purposes. However, some areas of work are subject to a publication moratorium, as follows: The publication moratorium covers and neither User Institution nor any User shall make any disclosures or publications (including poster and oral communications) that describe the use of the Data or results of the Project. For research papers or poster/oral communications, submission for publication or presentation by User Institution and/or User shall not occur until eighteen (18) months after these Data and analyses therefrom are first made public in manuscript by GRAIL and MSKCC, unless the GRAIL & MSKCC Data Access Committee has provided express written consent to earlier submission. Any publications based on these Data must describe how the Data can be accessed, including the name of the hosting database (e.g., The European Genome-phenome Archive at the European Bioinformatics Institute) and its accession numbers (e.g., EGAS00000000029), and acknowledge the use of such Data in a form submitted by the User Institution for the GRAIL & MSKCC Data Access Committee review and approval prior to publication. Attachment 1 Privacy and Data Security Addendum This Privacy and Data Security Addendum (this “Addendum”) is made a part of the Data Access Agreement entered into by and between the GRAIL & MSKCC Data Access Committee and User Institution and any appendices thereto (the "Underlying Agreement"). Capitalized terms used in this Addendum and not otherwise defined herein shall have the meaning set forth in the body of the Underlying Agreement. To the extent this Addendum and the Underlying Agreement contain any terms that conflict regarding the Processing of Data (as each term is defined below), this Addendum will govern with regard to such conflict. RECITALS WHEREAS, User Institution endeavors to use Data to perform the Project and the GRAIL & MSKCC Data Access Committee has agreed to make Data available to User Institution for use in conducting, or in furtherance of, the Project subject to the terms and conditions set forth below. NOW, THEREFORE, in consideration of the above, and of the mutual covenants and promises contained herein and other good and valuable consideration, the receipt and sufficiency of which are hereby acknowledged, the parties agree as follows: 1. DEFINITIONS 1.1. “Applicable Privacy and Data Security Laws” means laws, orders, regulations, or other requirements with similar effect of any governmental authority that limit, restrict, or otherwise govern the collection, use, disclosure, security, storage, protection, or disclosure of Data. 1.2. “Data Breach” means any: (i) compromise of the security, confidentiality or integrity of, unauthorized access to, unauthorized acquisition of, or unauthorized or unlawful Processing of Data; (ii) unauthorized intrusion into, control of, access to, modification of, or use of any System used by User Institution to secure, defend, protect or Process Data; or (iii) event leading User Institution to suspect that either (i) or (ii) has occurred. 1.3. “User Institution Systems” means any System owned, licensed, operated, or controlled by or on behalf of User Institution that Processes Data. 1.4. “Process(es),” “Processed” or “Processing” means any operation or set of operations which is performed upon Data, such as creation, collection, access, disclosure, recording, organization, storage, maintenance, use, retrieval, transmission, erasure, retention, or destruction. 1.5. “System” means any file system, computing system, database, device, equipment, server, website, application, software, storage media, network, infrastructure, networked environment, or domain. 2. CONFIDENTIALITY 2.1. Compliance with Laws. User Institution hereby represents, warrants, and covenants that it is and will remain at all times during the term of this Addendum, and at all times after the term of this Addendum to the extent it Processes any Data, in compliance with all Applicable Privacy and Data Security Laws. 2.2. Use of Data. User Institution will not Process Data for any purpose other than as minimally necessary to conduct the Project, as expressly granted in the Underlying Agreement, or as otherwise required by applicable law. 2.3. Disclosure of Data. User Institution will not disclose Data to any person other than its Authorized Personnel, except as expressly permitted in this Addendum. 2.3.1. Access Restrictions. User Institution will implement and maintain technical access limitations subject to logging and auditing to ensure only Authorized Personnel have access to Data. User Institution agrees the GRAIL & MSKCC Data Access Committee may request at any time the list of individuals authorized to have access to Data, including their level of access. If any of User Institution's System containing Data is backed up, that backup will maintain similar levels of access controls. 2.3.2. Disclosures by User Institution to Permitted Subcontractors. User Institution may disclose Data to subcontractors that have a need to Process that Data in order to conduct the Project, provided that each permitted subcontractor that receives Data is contractually bound to comply with privacy, confidentiality and data security terms no less restrictive than the terms set forth in this Addendum. In the event that User Institution provides Data to any permitted subcontractor, User Institution will not be relieved of any of its obligations under this Addendum with regard to that Data, will remain liable and responsible for the performance of all of its obligations under this Addendum with regard to that Data, and will be liable to GRAIL and MSKCC for any acts or omissions of its subcontractors in relation to that Data. 2.3.3. Disclosures Required by Law. User Institution may disclose Data to a governmental authority if that disclosure is required by law, provided that: (i) to the extent permitted by law, User Institution provides prior written notice of such disclosure to the GRAIL & MSKCC Data Access Committee; (ii) User Institution takes all reasonable and lawful actions to avoid, and minimize the extent of, that disclosure; and (iii) before disclosing Data to the governmental authority User Institution reasonably cooperates with the GRAIL & MSKCC Data Access Committee to resist that disclosure if it chooses to do so. 2.4. Return or Destruction of Data. Upon the GRAIL & MSKCC Data Access Committee’s request, the termination or expiration of the Underlying Agreement, or whenever User Institution no longer needs to retain all or part of Data, unless prohibited under applicable law, User Institution will immediately destroy that Data including any Data maintained in backup form. User Institution will destroy Data using a final, secure and complete method that will render that Data permanently unrecoverable. 2.5. Re-Identification. User Institution acknowledges and agrees that Data will not contain any individually identifiable health information. User Institution will not attempt to re-identify any individuals whose health related information is contained within the Data. To the extent Data contains any individually identifiable health information, User Institution will immediately notify GRAIL at privacy@grailbio.com and MSKCC at privacy@mskcc.org. 2.6. Survival. This Section will survive any termination or expiration of the Underlying Agreement for so long as User Institution retains or otherwise Processes Data. 3. DATA SECURITY 3.1. Data Security Program. User Institution will implement, maintain, and comply with comprehensive information and network security programs, practices and procedures (collectively, “Data Security Program”). User Institution will ensure that the Data Security Program at all times: (i) meets current leading industry standards; and (ii) complies with all Applicable Privacy and Data Security Laws. User Institution will document its Data Security Program in written form and will make those documents available to the GRAIL & MSKCC Data Access Committee for review upon its request from time to time. User Institution will keep its Data Security Program current and up-to-date in order to continually improve the security of the Data Security Program, but in no event will User Institution render the Data Security Program less comprehensive, secure, or robust. 3.2. Safeguards. Without limiting the generality of subsection 3.1, User Institution represents, warrants, and covenants that it has adopted and implemented, and will continue to maintain, physical, administrative, and technical safeguards and other security measures to: 3.2.1. maintain the security and confidentiality of Data and protect it from threats or hazards to its security and integrity, as well as accidental loss, alteration, disclosure, and all other unlawful forms of Processing; 3.2.2. require Authorized Personnel to receive annual training regarding: (i) how to protect User Institution's Systems from security threats, (ii) their responsibilities regarding the protection of research data; and (iii) industry standard protocols for Processing research data; 3.2.3. prevent, detect, contain, recover, remediate, and respond to a Data Breach; 3.2.4. enforce the use of secure authentication protocols and access control measures, consistent with industry standards, on any User Institution Systems that protect, defend, secure, or Process Data; 3.2.5. implement regular and timely software security patches on any User Institution Systems that protect, defend, secure, or otherwise Process Data; 3.2.6. require the use of encryption for all storage and transmission of Data; and 3.2.7. include automated security measures, including, but not limited to, standard perimeter monitoring and protection systems, auditing systems, firewalls, and security agent software capable of detecting and mitigating threats from viruses, spyware, and other malicious code on any User Institution Systems. 3.3. Survival. This Section will survive any termination or expiration of the Underlying Agreement for so long as User Institution retains or otherwise Processes Data. 4. DATA BREACH OBLIGATIONS 4.1. Notice. User Institution will notify GRAIL at it-sec@grailbio.com and MSKCC at privacy@mskcc.org immediately, but in no event more than five (5) business days, after it is notified of or discovers a Data Breach. The notification will include the following, to the extent known by User Institution, and will be supplemented on an ongoing basis: (i) the general circumstances and extent of any unauthorized Processing of Data or intrusion into Systems used by User Institution to protect or Process Data; (ii) the types and volume of Data that were involved; (iii) User Institution’s plans for corrective actions to respond to the Data Breach; (iv) steps taken to secure Data and preserve information for any necessary investigation; and (v) any other related information reasonably requested by GRAIL and/or MSKCC. 4.2. Remediation. User Institution will immediately detect, respond to, and contain all vulnerabilities, activities, or other circumstances that caused or gave rise to the Data Breach. User Institution will promptly and without unreasonable delay take all necessary and advisable corrective actions, and will reasonably cooperate with GRAIL and MSKCC in all reasonable and lawful efforts to prevent, eradicate, mitigate, and rectify such Data Breach. 4.3. Notice to Other Parties. User Institution will not notify any parties other than GRAIL and MSKCC and, to the extent required by law, relevant law enforcement agencies of any Data Breach unless such notification is agreed to in advance by GRAIL and MSKCC in writing. 4.4. Investigation. User Institution will investigate the causes of each Data Breach at User Institution’s expense. Upon the GRAIL & MSKCC Data Access Committee’s request, User Institution will provide it with in-depth supplementary reports regarding its investigation of the Data Breach and results of findings. 4.5. Survival. This Section will survive any termination or expiration of the Underlying Agreement for so long as User Institution retains or otherwise Processes Data. 5. AUDITS AND INSPECTIONS 5.1. Audit Records. User Institution will retain System audit records to the extent needed to enable the monitoring, analysis, investigation, and reporting of unlawful, unauthorized, or inappropriate information System activity and ensure that the actions of individual users of User Institution Systems can be uniquely traced. 5.2. Annual User Institution Audit Report. User Institution hereby represents, warrants, and covenants that: (i) User Institution will undergo annual (or more frequent) audits of User Institution Systems, facilities, policies, practices, controls, and practices (each, a “User Institution Audit”) and that audit will include in its scope all User Institution Systems and all of User Institution’s practices, controls, policies, and procedures relating to the protection, security, defense, or Processing of Data; and (ii) the User Institution Audits will include, at a minimum, risk assessments, security control effectiveness, credentialed vulnerability scans, and security controls map to an industry standard (such as NIST, HITRUST, ISO, or SOC2). 5.3. Ongoing Inspections. User Institution will, consistent with best industry practices, continuously monitor and inspect all User Institution Systems to identify security vulnerabilities (“Ongoing Inspections”). 5.4. Audit Remediation. To the extent that a User Institution Audit or Ongoing Inspection identifies any "material", "critical", or "high" security vulnerabilities, User Institution will remediate those vulnerabilities as promptly as reasonably possible not to exceed ninety (90) days. If security vulnerabilities cannot be remediated or contained by the User Institution within that period, User Institution should promptly notify GRAIL at it-sec@grailbio.com and MSKCC at privacy@mskcc.org of the increased risk. 5.5. Survival. This Section will survive any termination or expiration of the Underlying Agreement for so long as User Institution retains or otherwise Processes Data. 6. INDEMNIFICATION 6.1. Indemnity. Notwithstanding any provisions of this Addendum to the contrary, including but not limited to any limitation of liability or indemnity set forth in the Underlying Agreement, User Institution will defend, indemnify, and hold harmless GRAIL and MSKCC and their respective officers, directors, employees, and agents from and against all liabilities, obligations, losses, damages, costs, fees, penalties, fines, charges, or other expenses of any kind (including but not limited to costs and in-house or outside attorneys’ fees) resulting or arising from, relating to, or in connection with any actual or alleged: (i) Data Breach; or (ii) breach of this Addendum. 6.2. Additional Expenses. In addition to its indemnification obligations above, User Institution will pay for all costs and expenses reasonably incurred by GRAIL and MSKCC in connection with a Data Breach as they are incurred, including but not limited to forensics services and costs associated with investigating and responding to investigations and inquiries related to the Data Breach from federal and state regulatory authorities. 6.3. Survival. This Section will survive the termination or expiration of the Underlying Agreement. [END OF PRIVACY AND DATA SECURITY ADDENDUM]
Studies are experimental investigations of a particular phenomenon, e.g., case-control studies on a particular trait or cancer research projects reporting matching cancer normal genomes from patients.
Study ID | Study Title | Study Type |
---|---|---|
EGAS00001003755 | Other |
This table displays only public information pertaining to the files in the dataset. If you wish to access this dataset, please submit a request. If you already have access to these data files, please consult the download documentation.