NIH has updated the security standards for controlled-access data repositories. Starting June 30, 2025, NIDDK-CR is enforcing the Requestor role as outlined in the Data and Resources Use Agreement (DUA). According to the DUA, the Requestor, also known as the Principal Investigator (PI), is the individual submitting the request for Data or Resources, must be a permanent employee of the Requesting Institution, and must have oversight authority to be primarily responsible for the Research Project. In line with NIH guidance, trainees, laboratory technicians, research assistants, graduate students, postdocs, and others without oversight authority are not eligible to submit a Data or Resource request.

Requests submitted and approved before June 30, 2025, with a Requestor who does not meet the defined criteria, are asked to identify a new PI no later than the Access Renewal period (1 year from the DUA effective date). If a suitable new PI cannot be identified, the request will be terminated, and closeout procedures will be initiated. Requests submitted after June 30, 2025, require a self-attestation checklist before proceeding with the request application.