For the 1997-2023 Data

When requesting access to the SEER Research Plus Data, you will have an option to also request access to the NCCR Data Platform. If you make that selection, you must agree to the NCCR Data Platform Data Use Agreement as well (learn more about this option in the FAQs). You may review the language of the agreement below (this cannot be used to request access to the data).

This National Childhood Cancer Registry (NCCR) Data Platform Data Use Agreement (DUA) (the "Agreement") outlines the terms and conditions for access to data through a Research Plus account in the National Cancer Institute (NCI) NCCR Data Platform (the "Data"). The parties to this Agreement include the "Authorized User" (Data Access Requester) indicated in this data use request, the home institution or corporation or "Institutional Requester", and the NIH. Research outputs ("Publications") include any reported findings based on the Data in any context, such as reports, manuscripts, presentations, or digital media. The effective date of this Agreement is the date of Authorized User's acceptance of the agreement ("Effective Date"). This agreement must be renewed annually, one year from Authorized User's Effective Date. By electronically clicking through and initialing this DUA, the user is agreeing to comply with the terms of the Agreement.

AGREEMENT AND TERMS OF USE

  1. The NCCR Program developed the Data to support research and makes them available through the NCI software offerings. All Authorized Users conducting “human subjects research” within the scope of 45 CFR 46 must comply with the requirements contained therein.
  2. This Agreement governs Authorized User's use and disclosure of data obtained from the Data and data derived from that data (collectively referred to in this Agreement as "Data").
  3. For Research Projects that involve multiple individuals, a DUA must be executed separately by each individual participating in the research project.
  4. To protect and assure the confidentiality and privacy of all persons represented in the data, Authorized User and Institutional Requester requesting these Data must adhere to all terms of use outlined in this DUA.
  5. Use and Disclosure Restricted. Authorized User and Institutional Requester will use or disclose the Data only for the purposes for which they were approved by the NCI. Requests for Data with increased risk to re-identify individuals will require additional data access requests and Authorized User and Institutional Requester will only use Data for the purposes approved by the NCI.
  6. Compliance. Authorized User and Institutional Requester will use Data in full compliance with all applicable laws and NIH policies and guidance documents, as well as any nonconflicting, applicable policies and requirements of Institutional Requestor.
  7. No Data Linkage. Authorized User and Institutional Requester will not link or attempt to link the Data with information in other data, at the individual level, nor permit others to do so. This includes, but is not limited to, links or attempts to link two or more SEER and NCCR Data releases to which Authorized User and Institutional Requester has access. Analyses using Data for approved projects with a government-provided encrypted identifier are permitted.
  8. No Re-Identification of Individuals. Authorized User and Institutional Requester will not attempt to learn the identity of any individual who is represented in the Data or share information that would lead to the identification of individuals represented in the Data. If Authorized User inadvertently discovers, or learns that another person has discovered, the identity of an individual whose is represented in the Data, Authorized User and Institutional Requester will: (a) not use this identifiable information or inform others, other than NCI, of the discovered identity, (b) not contact any such individual, and (c) notify NCI of the incident under Section 14, below. Authorized User and Institutional Requester agree not to generate information from Data that could allow the identities of individuals to be readily ascertained.
  9. No Release to Others. Authorized User and Institutional Requester will not release, in full or in part, nor permit others to release, the Data to any other person. Authorized User and Institutional Requester will not disclose Data in any Federal, State, or local civil, criminal, administrative, legislative, or other proceeding without advance written notice to the NIH and the NCI Surveillance Research Program. Authorized User and Institutional Requester will not make copies or remove Data from their approved Institution except as authorized by this Agreement. Authorized User and Institutional Requester will not sell the Data, in whole or in part, to any individual for any purpose.
  10. No Attempt to Identify Any Geographic Area. Authorized User and Institutional Requester will not attempt to identify or infer any geographic area if they are not specifically released in the Data (e.g., identify state, registry, or county, etc. if they are not included in the specific Data).
  11. No Attempt to Identify Any Data Source. Authorized User and Institutional Requester will not attempt to identify or infer any Data source or individual healthcare provider or healthcare facility (e.g., hospital, laboratory, oncology office, etc.).
  12. Required Safeguards. Authorized User and Institutional Requester will use appropriate safeguards to prevent unauthorized use or disclosure of the Data. Authorized User will not share their login credentials (e.g., login account and password) with any other person. Authorized User will not allow any other person to use Authorized User's computer account after Authorized User has logged on with Authorized User's credentials (refer to the NIH Security Best Practices for Users of Controlled-Access Data). Authorized User will securely transmit Data to other Authorized Users of the research group within the institution and, if multiple institutions analyze Data for the project, between institutions.
  13. Change of Institution by the Authorized User. If the Authorized User plans to leave their institution, the Authorized User must contact NCI in writing prior to the transition for instructions on how to handle the Data. If the Authorized User fails to do so, then the Institutional Requester assumes this responsibility to contact NCI. Authorized User and Institutional Requester may not duplicate any Data prior to the transition nor can Authorized User take Data with them without written permission from NCI. All Data under the purview of the Authorized User and Institutional Requester must be destroyed prior to their departure or someone must agree to assume the responsibilities of the Authorized User as described in this Agreement. The new Authorized User must also receive approval from the NCI to hold those data through a data access request and sign a Data Use Agreement before assuming the responsibility of the Data. If the original Authorized User continues the project at a new institution, then the Authorized User must register and submit a new access request through the new Institutional Requester. If data destruction is required by NCI, data must be destroyed in accordance with the NIH Security Best Practices for Users of Controlled-Access Data, incorporated by reference herein.
  14. Notice of Unauthorized Data Use, Unauthorized Data Sharing, Identification of Individuals in Data, or Breaches of Security. Authorized User agrees to notify the NCI (seerdataaccess@mail.nih.gov), the NCI DAC (ncidac@mail.nih.gov), the NIH Incident Response Team, and NIH Office of Extramural Research Data Sharing Policy Implementation (OER/DSPI) Team of any unauthorized Data use or disclosure, identification of individuals represented in the Data, or breaches of security that may compromise the confidentiality of Data, within 24 hours of when the incident is discovered. For the NIH Incident Response Team, notifications can be made by phone (301) 496-HELP (4357); Toll Free Number: (866) 319-4357 or TTY: (301) 496-8294 and can also be sent electronically to NIHInfoSec@nih.gov or: https://irtportal.ocio.nih.gov/. Additionally, notifications must be sent to NIH Data Management Incident Notification inbox, email DMI_OER@mail.nih.gov. Within 3 business days of notification, Authorized User and Institutional Requester agree to submit to the NCI and all NIH entities a detailed written report including the date and nature of the incident, actions taken or that will be taken to remediate the issue(s) and to prevent further problems (the "Remediation Plan"), and a timeline for actions in the Remediation Plan. Authorized User and Institutional Requester agree to cooperate with any investigation by NIH (or another entity designated by NIH) on a data security incident or policy violation, to work with NIH to assure that the Remediation Plan is sufficient, and to provide documentation for NIH to verify that the Remediation Plan has been implemented. Authorized User and Institutional Requester agree to work with NIH to assure that plans and procedures that are developed to address identified problems are mutually acceptable and consistent with applicable law. NIH may apply for injunctive or other equitable relief before courts of competent jurisdiction as remedy for breach of the Agreement, in addition to all other remedies available by law or in equity. Repeated violations or unresponsiveness to NIH requests related to any terms of this Agreement may result in further compliance measures affecting Authorized User and Institutional Requester.
  15. Software. For all software provided to Authorized User by the NCI ("NCI Software"), Authorized User and Institutional Requester will not copy, distribute, reverse engineer, sell, lease, or incorporate NCI Software into any other software system. All agreement terms related to provided NCI software are incorporated by reference into this Agreement.
  16. Data Access. Access to the Data shall be restricted to persons within the United States and in compliance with NIH Security Best Practices for Users of Controlled-Access Data.
  17. Publication. It is NIH's intent to promote the dissemination of research findings as widely as possible through scientific publication or other appropriate public dissemination mechanisms. However, Authorized User and Institutional Requester will not present or publish Data or the results of research conducted with Data in which an individual can be identified. Authorized User and Institutional Requester will not publish information on an individual, including information generated by individual-level data, even if such information cannot directly identify an individual. Authorized User and Institutional Requester will follow all NIH policies, including any policy on small cell sizes. After release, Authorized Users or Institutional Requestor will provide NCI with the appropriate citation of any Publications, abstracts, presentations, manuscripts, book chapters, intellectual property or other materials generated through analysis conducted with the Data by emailing ncichildhoodcancerdatainitiative@mail.nih.gov. Upon NCI request, Authorized Users or Institutional Requester will send a copy of any materials generated through analysis conducted with the Data. Publication in open access journals is preferred as NCI recognizes the full value of Childhood Cancer Data Initiative-supported projects can only be realized if Publications are disseminated as promptly and broadly as possible and investigators adhere to NIH data sharing policies.
  18. Required Acknowledgments. Authorized User agrees to acknowledge the NCCR Data and specific version of the dataset(s) analyzed, in all oral and written presentations, disclosures, and publications resulting from any analyses of Data. The appropriate citation is associated with the data file used, which may be found on NCCR Data Platform website and in the downloaded Data Dictionary for each data request.
  19. NCI Use of Information about Authorized Users. Authorized User and Institutional Requester understand and agree that information about Authorized User and the approved research will be posted publicly on NIH websites, including Authorized User's name, the project name, and information provided in the Data Access Request (DAR). Authorized User and Institutional Requester agree that citations of Publications resulting from the use of the Data may be posted on NCI websites. Authorized User and Institutional Requester agree that NIH may use information provided in the DAR for purposes of enforcing this Agreement and administering NCI programs.
  20. Term and Termination of Agreement. This Agreement will continue until terminated by Authorized User or expiration date. NIH will require Authorized User to submit an application annually to continue access to the Data. This Agreement will automatically terminate if Authorized User fails to submit a renewal application. NIH also may terminate this Agreement and immediately revoke or suspend access to Data if NIH determines the Authorized User or Institution has breached this Agreement or the policies, principles, and procedures of NIH.
  21. Disposition of Data upon Termination and Project Close-Out Form. Upon termination of this Agreement, Authorized User and Institutional Requester agree to destroy all Data in accordance with the NIH Security Best Practices for Users of Controlled-Access Data, including copies and derivatives of Data, wherever located, including local servers and hardware, media, paper, and cloud computing storage, virtual and physical machines, databases, and random-access archives. Authorized User may retain the database as necessary to comply with law, regulation, and government policy; however, the Data may not be used to answer any additional research questions, even if they are within the scope of Agreement, unless the Authorized User submits a new Agreement and is approved by NIH to conduct additional research. An Authorized User who retains data for any of these purposes, and their Institutional Requester, continue to be stewards of the Data and are responsible for the management of the retained data in accordance with the NIH Security Best Practices for Users of Controlled-Access Data, this Agreement, and any institutional policies.
  22. Permitted Use of AI/ML Tools. Except as provided in this section, the Authorized User and Institutional Requester may not use or share Data, including individual-level or case-level data, with any artificial intelligence (AI) or machine learning (ML) tools, including, but not limited to, generative and analytical models, public cloud AI services, browser-based AI assistants, or any other tool that transmits data to an external provider, regardless of whether such tool has a public-facing interface. This Agreement explicitly prohibits Authorized User from sharing Data, specifically individual-level data or case-level data, with any other individual or entity that is not described in the data request, in any forum, in any medium. The use of AI tools, including generative and analytical models, poses a genuine risk of inadvertent data sharing due to the nature of how AI tools process, store, and regenerate information. AI tools include but are not limited to: proprietary Large Language Models (LLMs) such as OpenAI GPT Series, Google Gemini, Anthropic Claude or similar and open-source models such as Meta Llama, Mistral AI, DeepSeek, Qwen, and similar platforms, usually do not offer guarantees regarding the containment of data inputs. Any data input into a prompt or output generated from a prompt could result with proprietary data infringed, sent, saved, viewed, misinterpreted, or used in unforeseen public ways. As a result, the use of such AI tools which may release individual-level data to others, is in direct violation of this Agreement. Authorized Users of Data may develop or validate analytical and generative AI models using the Data so long as the use is described in an approved data request and performed on infrastructure compliant with NIH Best Practices for Users of Controlled Access Data. Authorized Users must maintain records of all AI and Machine Learning (ML) tools and workflows used with the Data, including software versions, usage logs, and locations of processing, and must provide such records to NIH upon request. Authorized Users may not share the model, including model parameters, except with collaborators who are also Authorized Users and may not retain the AI model, including model parameters, upon closeout of the project. Authorized Users may request to renew any expiring projects in order to continue using analytical and generative AI models. Authorized Users may not use the Data with any AI tool, product, or service that transmits data outside of their secure computing environment, or that retains, reuses, or incorporates data for purposes other than the expressly permitted research activities approved in the Data Access Request. Prior to submission for publication or external presentation of any results derived from AI analyses involving the Data, the outputs must be reviewed by a qualified human to ensure that no Data are disclosed, intentionally or unintentionally, in the publication or presentation.
  23. No Warranty. DATA IS PROVIDED ON AN AS-IS, WHERE-IS BASIS, AND ARE NOT WARRANTED TO BE ERROR-FREE OR COMPLETE. NIH MAKES NO EXPRESS OR IMPLIED WARRANTIES AND EXPRESSLY DISCLAIMS THE IMPLIED WARRANTIES OF PERFORMANCE, MERCHANTABILITY, AND FITNESS FOR A PARTICULAR PURPOSE.
  24. Liability. Each party will be responsible for its own actions. The NIH, as an agency of the United States government, may be liable only to the extent provided under the Federal Tort Claims Act, 28 USC 2671 et seq.