You are using an outdated browser. We suggest you update your browser for a better experience. Click here for update.
Close this notification.
Skip to main content Skip to search

COVID-19: Obtenez les dernières mises à jour ou faites une autoévaluation.

Request Data for Research

We accept data requests for record-level data for research purposes from researchers, health system providers and government organizations. Once a data request form is submitted, our staff will work with applicants to determine the feasibility, timelines and cost of the requested data.

There is a current hold on accepting new requests. Please check back here for updates

Data Request Process

We encourage applicants to contact the Data Disclosure Team as early in the research approval process as possible. By contacting the team early, applicants will get a better understanding of data availability and its limitations, expected timelines and estimated costs associated with the data request. 

Note: Even with this initial review by the Data Disclosure Team, the application package is not considered complete without all of the required documentation.

How the Process Works

A typical research data request requires input from a number of teams across the organization.

Once the completed application package is submitted, a feasibility assessment is conducted to ensure we have the ability to complete the request.

  1. The Data Disclosure Team then works with the research team who submitted the application to draft the dataset creation plan and estimate the cost of the request. The request is reviewed by the Data Disclosure Working Group, comprised of research, privacy and data subject matter experts. 
  2. The working group recommends the request for approval by the Data Disclosure Subcommittee. If approved, the applicant is sent a copy of the Research Data Disclosure Agreement. Once the cost estimate provided earlier is signed, our analysts can begin the work. This may include creating a cohort for a study, extracting the data required, linking multiple datasets and quality assurance steps.

Dialogue with the research team may be required. Upon completion of the data extraction and quality checks, as well as execution of the Research Data Disclosure Agreement and administrative fee payment by the applicant, the data is disclosed in a secure manner.

How Long the Process Takes

The time from intake to data disclosure will depend on several factors, including the completeness of the application package, the complexity of the request and the number of requests currently in process. A fulfillment time estimate will be provided as part of the dataset creation plan.

The complexity of a request is determined by:

  • number of data sources required
  • type of data required (some datasets are more complex than others)
  • size of study cohort
  • whether the cohort is generated by the Ontario Health (Cancer Care Ontario) analyst
  • type of quality assurance steps required

Simple data requests are quicker to fulfill than complex ones. In all cases, the Data Disclosure Team will keep the applicant fully informed about fulfillment time during the process. If the applicant is providing the cohort, fulfillment time will dependent on when we receive the cohort. 

Please note that the Data Disclosure Team is now working with fewer resources than before. This means the review, approval and fulfillment of the request may take longer.

Required Documents

To complete the application package, the following documents are required:

  • A research plan.
  • Approval letter from a Research Ethics Board (REB). The REB must meet the requirements of s.44(2) of the Personal Health Information Protection Act, 2004 (PHIPA) and s.16 of Ontario Regulation 329/04 (see Data Request FAQs for more information on PHIPA and REB).
  • A copy of the REB application form, including relevant requests for amendments.
  • Evidence of funding approval to cover costs associated with the data request.
  • Name of the sponsoring organization and/or grant details.
  • Components of the dataset creation plan, if applicable.

Cost Details

As of January 4, 2021, an administrative fee of $3000 or an amendment fee of $1500, as well as an hourly analytical fee of $75 per hour, will be applied to all research data requests. For more information on how this will apply to your request, see the Data Request Frequently Asked Questions.

  • The administrative fee accounts for the time and effort required for request intake, feasibility assessment as well as bringing research data requests before the Data Disclosure Subcommittee. The administrative fee is invoiced once approval has been granted. Payment is required before data extraction can begin.
  • Amendments are requests to update, refresh or add variables to an existing request that we received and reviewed after September 1, 2015. In these cases, the amendment fee ($1500) accounts for the time and effort required for an initial feasibility assessment, completion of the dataset creation plan, and bringing amended research data requests through the approval process. Where it applies, the amendment fee replaces the administrative fee. It must be paid before data extraction can begin.
  • The analytical fee accounts for execution of the Dataset Creation Plan, which may include identifying study cohort(s), data extraction, linking multiple datasets and multiple quality assurance steps.

A second invoice for the analytical hours will be sent with the final data disclosure. Data will not be disclosed until the administrative fee or amendment fee is paid. Where a complex data request involves a multi-staged dataset creation plan, disclosure and invoicing may be broken out into stages. A staged schedule will be agreed upon by the Principal Investigator and Ontario Health (Cancer Care Ontario) in advance.

Estimating the Cost of Data Requests

Where requested, the Data Disclosure Team will support researchers in their grant submission by providing a cost estimate of the data request in advance of submission of the application package. The accuracy of the estimate will depend on the level of detail the requester provides about the data they will be requesting. The estimate will be based on the complexity of the data request (e.g., size of the cohort, number of databases to be linked, number of data elements etc.).

The Data Disclosure Team will provide a cost estimate before the Data Disclosure Subcommittee reviews the request. For more complex requests, a cost estimate may not be provided until the Subcommittee approves the request. In all cases, the applicant must sign off on the cost estimate before the request is fulfilled. Please note, having a cost estimate does not guarantee approval by the Subcommittee.

Data Handling Guidelines

Preferred Method of Data Transfer

For the purposes of data disclosures, our method of choice is managed file transfer (MFT). MFT is used to provide secure external data transfers through a network. Users can send or receive files using a client application or via a web interface. During the intake phase of a data request, the Data Disclosure Team will provide applicants with a form to set up an MFT account. Once the account is set up, applicants will receive further instructions on how to access the data files.

Retaining Data Guidelines

Records of personal health information (PHI) disclosed by Ontario Health (Cancer Care Ontario) for research purposes must not be retained for a period longer than the time set out in the approved research plan. Researchers must destroy all data provided by Ontario Health (Cancer Care Ontario) within 60 days of the date indicated on the Research Data Request Form.

Destruction of Data Rules

Data disclosed by Ontario Health (Cancer Care Ontario) for research purposes must not be retained for a period longer than the time set out in the approved research protocol. Researchers must destroy all data provided by Ontario Health (Cancer Care Ontario) within 60 days of the date indicated on the Research Data Request Form.

The researcher should supply us with a Certificate of Destruction setting out the date, time and location of the secure destruction, the method of secure destruction employed, as well as details of the items destroyed. The Certificate of Destruction will bear the signature of the persons who securely destroyed the information. A Certificate of Destruction from a third party service provider will be acceptable if it contains all of this information required. For a copy of a Certificate of Data Destruction, email


Email the Data Disclosure Team with questions about the data request process.