How Figshare.com meets the OSTP and NIH “Desirable Characteristics for Data Repositories”
Policies around open access and data sharing are expanding for federal funders. Data repositories that make research data and other outputs accessible and citable are a core piece to these policies.
Three sets of guidance/policies in particular are significant because of how many funders, publishers, or researchers are affected.
- In May 2022, the National Science and Technology Council (NSTC) published a document, Desirable Characteristics of Data Repositories for Federally Funded Research. The NSTC is part of the Office of Science and Technology Policy (OSTP) and this document describes the features and functionality desired by the OSTP “to reduce the complexity for the research community — including investigators, program officers, data managers, librarians, and others — in complying with Federal data sharing policies.”
- In January 2023 a new NIH Policy for Data Management and Sharing went into effect. It includes supplemental information on Selecting a Data Repository (NOT-OD-21-016), which outlines desirable data repository characteristics that researchers should seek out to share their NIH-funded research data and materials.
- In March 2023, the U.S. Repository Network published its Desirable Characteristics of Digital Publication Repositories with an eye “to increase interoperability across the national and global repository network and establish suitability of a digital publication repository to be an “agency-designated” repository for federally funded research.”
Figshare.com is an appropriate and well-established generalist repository for researchers to permanently store the datasets and other materials produced from their Federally-funded research. Figshare Plus uses the same repository infrastructure to offer support for sharing large datasets including transparent costs that can be included in funding proposal budgets.
Figshare.com and Figshare Plus offer established repository infrastructure including adherence to community best practices and standards for persistence, provenance, and discoverability with the flexibility to share any file type and any type of research material and documentation. Figshare makes it easy to share your data in a way that is citable and reusable and to get credit for all of your work.
The following table lists the desirable characteristics for each policy. The ‘Figshare compliance’ column indicates how Figshare.com and Figshare Plus comply with the desirable characteristics from repositories as outlined by the OSTP and NIH, and links to more information further down the page.
For users of an institutional or organizational instance of Figshare or those considering using Figshare at their organization, please see our support article for more on how our institutional portals offer additional compliance with funder requirements.
| OSTP | NIH | U.S. Repository Network | Figshare.com compliance |
| Organizational Infrastructure | |||
| Free and Easy Access | Free and Easy Access | Free and Easy Discoverability & Access | Fully met |
| Clear Use Guidance | Clear Use Guidance | Clear Use Guidance | Fully met |
| Risk Management | Confidentiality | Partially met on figshare.com, fully met on Figshare Plus | |
| Retention Policy | Retention Policy | Preservation | Fully met |
| Long-term Organizational Sustainability | Long-term Sustainability | Long-term Organizational Sustainability | Fully met |
| Digital Object Management | |||
| Unique Persistent Identifiers | Unique Persistent Identifiers | Unique Persistent Identifiers | Fully met |
| Metadata | Metadata | Metadata | Fully met |
| Curation and Quality Assurance | Curation and Quality Assurance | Curation and Quality Assurance | Partially met by Figshare.com, fully met by Figshare Plus |
| Broad and Measured Reuse | Broad and Measured Reuse | Broad and Measured Reuse | Fully met |
| Common Format | Common Format | Common Format | Partially met |
| Provenance | Provenance | Provenance | Fully met |
| Technology | |||
| Authentication | – | Authentication | Fully met |
| Long-term Technical Sustainability | Long-term Sustainability | Long-term Technical Sustainability | Fully met |
| Security & Integrity | Security & Integrity | Security & Integrity | Fully met |
| Additional Considerations for Repositories Storing Human Data: Figshare is not designed for sensitive data. However, de-identified data from human participants may be shared in the repository when the data collection process is managed and data files are processed in order to safely allow for this in accordance with all applicable regulations, IRB protocols, participant consent, and the institution’s terms of use. See additional information from the NIH on sharing human data |
|||
| Fidelity to Consent | Fidelity to Consent | – | Responsibility of the user |
| Security | Privacy | – | Fully met |
| Limited Use Compliant | Restricted Use Compliant | – | Partially met |
| Download Control | Download Control | – | Partially met |
| Request Review | Request Review | – | Not applicable |
| Plan for Breach | Plan for Breach | – | Partially met |
| Accountability | Violations | – | Partially met |
Desirable Characteristics of Data Repositories for Federally Funded Research
Organizational Infrastructure
Free and Easy Access
Fully met
Figshare believes that data should be as open as possible and should always be free to access. All content hosted on Figshare can be downloaded by anyone, with no need to log in. The content can also be mass downloaded or mined using the Figshare API, also openly available to anyone at docs.figshare.com. All Figshare metadata is licensed CC0 for broad reusability.
Figshare has endorsed the TRUST principles for Digital Repositories, the FAIR principles for open data, and is ISO27001 certified.
At the same time, there are some cases when it is appropriate to restrict access to data, which Figshare supports via embargo, private link, and linked data options. An embargo can be applied for any period of time on either the files only or the entire item.
Learn more:
About Figshare
Data Access Policy
Clear Use Guidance
Fully met
Content on figshare.com must be licensed under a machine readable license: either a CC0 or CC-BY license, or a GPL, MIT, or Apache license for code, to encourage broad reusability of the data. Additional open licenses are available in Figshare Plus.
Researchers are encouraged to include additional documentation regarding any access or reuse requirements as a README file and in the dataset description.
Learn more:
Copyright and License Policy
Terms of Use
Risk Management & Confidentiality
Partially met
Figshare is ISO27001 certified, meaning we adhere to their framework of policies and procedures regarding information risk management processes.
Researchers are directed not to share sensitive data on figshare.com per the terms of use. While Figshare employs stringent security protocols, these may not meet the requirements for restricted and human identifiable data. Nonetheless, Figshare data is stored securely and carefully monitored to ensure integrity and privacy.
Learn more:
Data Storage and Security
Terms of Use
Retention Policy / Preservation
Fully met
All content on Figshare will be retained for the lifetime of the repository. Figshare has been working hard to establish a business model that supports sustainability of the research outputs hosted on Figshare. Data is stored redundantly in the cloud as well as archived for long-term preservation.
Learn more:
Persistence of Data
Data Storage and Security
Long-term Organizational Sustainability
Fully met
Figshare was founded in 2011 and in 2012 became a part of the Digital Science portfolio of companies that support the research lifecycle. Over this period of time, it has grown into a sustainable company with more than 150 clients including research institutions around the world. Using a subscription model for software as a service, Figshare is able to provide policy-compliant infrastructure for FAIR data sharing to users at institutions and freely on Figshare.com.
All content in Figshare will be retained for the lifetime of the repository. All public research data published using the free version of figshare.com is stored redundantly in the cloud on Amazon Web Services S3 storage.
Learn more:
Persistence of Data
Data Storage and Security
Digital Object Management
Unique Persistent Identifiers
Fully met
All research made publicly available on Figshare gets allocated a DataCite Digital Object Identifier (DOI) at the point of publication. DOIs can also be reserved in advance to be included in associated publications. This ensures the unique identifier for the dataset is persistent and will not easily disappear as public content cannot be deleted from Figshare.
A globally unique identifier is one that once assigned to one entity cannot be assigned to another. But equally important, persistence means that resources must be allocated to the entity to ensure that reference rot (comprising link rot and content drift) do not occur. All items published through Figshare receive a DOI which is accessed by clicking on the Cite button on a Figshare item page.
Figshare authors can also add their ORCID iD, a unique author identifier to their Figshare Author Profile and can sync Figshare with ORCID and DataCite so that all of their public items from Figshare are pushed to ORCID.
The Funding field in Figshare metadata allows authors to add the specific grants and other sources of support for a project either by searching the linked Dimensions grants database or with free text. Researchers can add grants by searching for the grant ID or title and selecting the appropriate grant.
Metadata
Fully met
To publish on Figshare, all outputs must include mandatory metadata including: title, author(s), category, item type, keywords, description, and a machine-readable license. Funding sources, author ORCID, title and DOI of an associated peer-reviewed publication, and links to other references may also be included.
Metadata on Figshare is represented in a number of languages including but not limited to HTML, Dublin Core (oai_dc), Datacite (oai_datacite), RDF (rdf), CERIF XML (cerif), Qualified Dublin Core (qdc) (hasPart support), Metadata Encoding and Transmission Standard (mets) and UKETD_DC (uketd_dc). The Figshare OAI-PMH v2.0 implementation has the following baseURL: https://api.figshare.com/v2/oai.
The link between data and metadata needs to be made explicit by clearly stating the globally unique and persistent identifier in the metadata that relates to the data. Figshare does this in all metadata export languages, including Schema.org which is used to ensure indexing of Figshare content on Google, Google Scholar, and Google Dataset Search.
Curation and Quality Assurance
Partially met
Currently, research published on figshare.com is not reviewed before it is published and checks are limited to verifying the output is within our terms of use. Nonetheless, researchers are encouraged to share high quality research outputs that are well documented and can use our user guides for guidance in doing so.
Figshare Plus, Figshare’s repository for big datasets, does include expert review of files and metadata before they are published to maximize discoverability and reuse.
Broad and measured reuse
Fully met
Data on figshare.com must be licensed under a CC0 or CC-BY license (or a GPL, MIT, or Apache license for code) in order to encourage broad reusability of the work. Metadata is licensed CC0.
Metrics of reuse are openly tracked for each public item on Figshare including the number of Views, Downloads, and Citations and the Altmetric score. Views and downloads are COUNTER compliant and citation data is harvested from the full text of preprints and publications based on the dataset’s unique DOI. Figshare has also implemented Make Data Count to meet community standards for metrics.
Learn more:
Copyright and License Policy
Common Format
Partially met
Figshare accepts all file formats in order to keep the barriers to data sharing low for researchers. This allows researchers to share the data according to the best practices of their research communities as well as allows flexibility for certain methods or disciplines where specific file types that may not be open are required for data access or reuse. Figshare does not currently perform file conversion en masse specifically because we cannot know the open formats that would be best suited for specific data types or disciplines, although this is under consideration for future development.
Figshare encourages researchers to apply best practices for data sharing according to the FAIR principles, archival best practices in particular for file formats, the standards of their specific methodology or discipline, or the requirements of the funder, publisher, or data management plan (see our Guide to Best Practice for sharing data on Figshare).
All files and metadata publicly available on Figshare are available to be freely downloaded, including via the Figshare API at https://docs.figshare.com/. Figshare’s Open API supports OAI-PMH, which gives a simple technical option for data providers to make their metadata available to services, based on the open standards HTTP (Hypertext Transport Protocol) and XML (Extensible Markup Language). For more information please visit: https://www.openarchives.org/pmh/.
Provenance
Fully met
Figshare tracks all uploaded files and any revisions made to the files or metadata of draft and published items. Once published, Figshare supports version control. DOIs are version controlled and publication dates are openly tracked. Published data cannot be deleted from Figshare. For Figshare Plus, actions such as changes made by a reviewer or by an administrator impersonating a user are logged.
Learn more:
How does versioning work on Figshare.
Technology
Authentication
Fully met
User accounts on figshare.com are required to authenticate their account before the account is created.
Figshare authors can add their ORCID iD, a unique author identifier to their Figshare Author Profile so their ORCID is linked to published items and can sync Figshare with ORCID and DataCite so that all of their public items from Figshare are pushed to ORCID.
Long-term Technical Sustainability
Fully met
Figshare’s technical infrastructure is designed and backed-up regularly to ensure sustainability and security. Files uploaded by users are backed up, the core metadata database and statistics database are backed up and tested regularly, and the search engine indexes are backed up and tested regularly. Source code and configuration files are backed up on change and tested at build time.
Security, Integrity & Privacy
Fully met
Figshare has clear policies on security, integrity, and privacy:
- Data Integrity and Authenticity Policy
- Data Moderation and Take-Down Notice Policy
- Data Storage and Security
- Privacy Policy
- Terms of Use
Figshare is ISO27001 certified.
Figshare has a documented Incident Management Procedure as does Digital Science.
Note that researchers are directed not to share sensitive data on Figshare per the terms of use.
Additional Considerations for Repositories Storing Human Data
When sharing data from human participants, particular consideration must be paid to data sharing practices from the beginning of the project (e.g., IRB protocol and informed consent language) through data management and sharing (e.g., de-identification, access). Researchers must manage and share data in accordance with Federal Regulations for the protection of human research participants, NIH expectations for sharing data from human participants (NIH Human Subjects Research), and any requirements of their academic institution or Institutional Review Board.
Figshare does not accept “health or other sensitive personal, highly classified or regulated information or personal information of others, or which you are not authorised to upload, publish or share.” However de-identified data from human participants may be shared in the repository when the data collection process is managed and data files are processed in order to safely allow for this in accordance with all applicable regulations and the Figshare terms of use.
Figshare may also be used in combination with other data repositories to share some research outputs in a restricted manner and others more openly. Links between these related outputs can be specified in the dataset description and metadata.
Figshare.com does not currently meet the considerations for documenting fidelity to consent or security features specific to human data (e.g. tiered access, credentialing of data users) or data access requests, however some of these considerations are met by Figshare Plus, which employs dataset review.
Fidelity to Consent
Responsibility of the user
Meeting this characteristic is entirely dependent on the user. Users are responsible for ensuring that their research outputs are suitable for upload to Figshare and that access to research outputs is consistent with participant consent and changes to consent.
Security, Integrity & Privacy
Fully met
Figshare has clear policies on security, integrity, and privacy:
- Data Integrity and Authenticity Policy
- Data Moderation and Take-Down Notice Policy
- Data Storage and Security
- Privacy Policy
- Terms of Use
Figshare is ISO27001 certified.
Figshare has a documented Incident Management Procedure as does Digital Science.
Note that researchers are directed not to share sensitive data on Figshare per the terms of use.
Limited / Restricted Use Compliant
Partially met
Figshare does not currently administer restricted access to datasets but researchers using Figshare Plus may apply an embargo to files only or to files and metadata. Linked files can also be hosted elsewhere, and private access can be provided by private link to unpublished items.
Learn more:
Guide to Embargoed and Restricted Access Items
Download Control
Partially met
Access to files uploaded but not yet published on figshare.com is limited to the user account that uploaded them. Private links may be generated by a user to provide access to others, however access is available to anyone with the link and is not audited. For published items on figshare.com, access is freely available to all without an account unless an embargo has been applied and this access is not audited. Views and downloads are counted on a per item basis and are logged by IP address but not by user account or any other end user information.
Request Review
Not applicable
figshare.com and Figshare Plus do not administer restricted access to data.
Plan for Breach
Partially met
Figshare has a security policy and a documented incident management procedure that includes handling breaches. Note that the Figshare plans are not specific to breaches of sensitive research data such as identifiable human subjects’ data as storing this type of data is prohibited by the Figshare terms of use.
Accountability / Violations
Partially met
The Figshare terms of use prohibit certain uses of the repository including the upload of certain categories of materials. In the case that Figshare terms are violated, we have a transparent take-down policy we will follow in addition to procedures in the terms of use including termination of a user account if appropriate.
How data published on Figshare is reused is generally not monitored nor addressed by Figshare, but we encourage researchers to follow any stated terms including license requirements. Misuse of the platform for download of data would also constitute a violation of terms of use and access may be terminated.
Learn more:
Inappropriate Content Policy
Terms of Use
Want to know more?
Can’t find your answer here, check the community discussion or raise a support ticket
