Skip to main content

NYU Libraries logo

Copyright for Authors and Creators: Research Data Policies

A guide to understanding and managing your work as intellectual property.


Almost all forms of research result in the creation of data--and engage with that data throughout the research lifecycle. Researchers of all disciplines process data, analyze data, preserve data, publicize data, and reuse data in some way or another.

In fact, data themselves have a complete lifecycle during the course of research projects, just like the overarching research itself. At each stage of the data lifecycle, researchers need to be aware of what they can, cannot, and should do with their data.

This guide provides an overview of NYU's policies regarding data ownership and management to help researchers navigate their responsibilities throughout the data lifecycle.

For more information regarding data management practices, please also refer to Data Services' Data Management Guide.

Data Ownership

Data Ownership Logo

Image credit: Andrien Coquet, The Noun Project. CC-BY.

To start, who owns the copyright of the data created in a research project?

According to NYU's Intellectual Property Policy:

  • In general, data generated in the course of research are owned by the researchers. NYU does not claim ownership of these data.
  • Except when the data are closely associated with inventions or patents, special types of commercializable work over which NYU may claim ownership rights. In these cases, NYU may claim ownership of the data, even though the data themselves may not be patentable. 

Data Publication

Data Publication Logo

Image credit: Andrien Coquet, The Noun Project. CC-BY.

Once obtaining and analyzing the outputs of their research, researchers may want to publish their data. In some cases, funders and publishers may also require researchers to publish data and make it openly available for reuse. To learn more about federal requirements regarding open data publication, please refer to the Federal Funder Public Access page.

NYU's Intellectual Property Policy states that:

  • In general, researchers are free to publish their data.
  • However, when it comes to inventions or patents, NYU may require the delay of publication of related data for up to 90 days, so as to protect its intellectual property rights or to meet legal or contractual obligations. The Provost may also authorize longer review or delay periods if needed.

Data Access

Data Access Logo

Image credit: Andrien Coquet, The Noun Project. CC-BY.

Researchers publish and retain their data so that others may have access to the data to replicate results or test new theories related to the data.

According to NYU's Data Retention and Access Policy:

  • As a general rule, NYU always has the right to access research data.
  • Sponsors and publishers may also require data to be made openly accessible.
  • For projects sponsored by the U.S. government, the general public can also request access to data through the Freedom of Information Act (FOIA). This is the case for data that are later used to develop governmental policy and law.

The resource page (PDF) of NYU's Data Retention and Access Policy also links to several sponsor policies.

Data Retention

Data Retention Logo

Image credit: Andrien Coquet, The Noun Project. CC-BY.

After the results of a research project have been published, the data must then be retained. It is important for researchers to engage in carefully planned data retention practices so as to keep their research outcomes accountable even after the researchers have moved on to another project.

According to NYU's Data Retention and Access Policy:

  • In general, researchers are required to keep data available for at least 3 years after final project close-out, or 5 years after final reporting/publication.
  • Data related to inventions or patents should be kept for as long as necessary.
  • In the event ethical charges or allegations are made against researchers regarding research practices or outcomes, related data need to be kept for at least 7 years after those proceedings are completed.
  • If students are involved in research, data must be kept at least until the student's degree is awarded, or after the student has abandoned the project.

Data Security

Data Security Logo

Image credit: Andrien Coquet, The Noun Project. CC-BY.

Certain data may contain personally identifiable information protected by privacy laws, and others may contain security information that, once leaked, can threaten the safety of certain computer systems. Besides, loss of important data caused by physical damage or cyber attack can also cost researchers. Therefore, research data need to be carefully handled for publication and storage. Researchers should evaluate the risk of their data and take steps to protect sensitive information.

For this purpose, NYU has set up the Electronic Data and System Risk Classification Policy, which divides data into Low, Moderate, and High Risk classes and gives criteria and examples for each class. The appendix of this policy also outlines special cases that need to be handled under more specific policies (such as FERPA, HIPAA and GDPR regulations). The policy also provides links to practical procedures and special policies to help researchers navigate data security.