Skip to content

Golden Age Datasets - Data Licenses & Usage Rights

Overview

This document outlines the licensing framework for datasets used in the Golden Age Hub healthcare platform. All data usage must comply with applicable healthcare regulations, privacy laws, and ethical standards.

License Categories

Synthetic Data License

Creative Commons Attribution 4.0 International (CC-BY-4.0)

  • Applicability: Artificially generated datasets created for testing, development, and demonstration
  • Usage Rights: Free to use, modify, and distribute with appropriate attribution
  • Attribution Requirement: Must credit "Golden Age Technologies" as the data source
  • Restrictions: None beyond standard CC-BY-4.0 terms
  • Examples: Synthetic patient demographics, mock clinical scenarios, generated sensor data

Restricted Healthcare Data License

Internal Use Only - IRB/DUA/BAA Governed

  • Applicability: Real healthcare data governed by Institutional Review Board (IRB) approvals, Data Use Agreements (DUA), or Business Associate Agreements (BAA)
  • Usage Rights: Strictly limited to authorized internal use within Golden Age Hub platform
  • Access Control: Requires explicit authorization and compliance with data use agreements
  • Sharing Restrictions: No external sharing without written approval and additional legal agreements
  • Examples: De-identified patient data, clinical trial datasets, protected health information

Dataset-Specific Licenses

Current Dataset Inventory

Dataset Name License Type Description Access Level
synthetic_patient_demographics CC-BY-4.0 Generated patient demographic data for testing Public (with attribution)
mock_sensor_data CC-BY-4.0 Synthetic wearable sensor readings Public (with attribution)
clinical_scenarios CC-BY-4.0 Hypothetical clinical case studies Public (with attribution)
research_patient_data Internal Use Only IRB-approved research dataset Restricted - Authorized personnel
partner_clinical_data Internal Use Only Clinical data under BAA Restricted - Partner access
production_care_data Internal Use Only Active patient care data Restricted - Care team only

Usage Guidelines

For Synthetic Data (CC-BY-4.0)

## Attribution Example

This work uses synthetic datasets provided by Golden Age Technologies under the
Creative Commons Attribution 4.0 International License.

Source: Golden Age Hub Synthetic Data Repository
License: CC-BY-4.0 (https://creativecommons.org/licenses/by/4.0/)

For Restricted Data (Internal Use Only)

  1. Access Authorization: Obtain explicit written approval from data governance committee
  2. Purpose Limitation: Use only for approved research, development, or clinical purposes
  3. Data Minimization: Access only the minimum data required for the specific task
  4. Audit Trail: All access is logged and auditable
  5. No External Sharing: Data cannot be shared outside authorized systems without legal review

Compliance Requirements

  • HIPAA Compliance: All restricted data handling must comply with HIPAA Privacy and Security Rules
  • IRB Oversight: Research datasets require active IRB approval and oversight
  • BAA Requirements: Business associate agreements govern partner data sharing
  • DUA Terms: Data use agreements specify permitted uses and restrictions

Data Protection Standards

  • Encryption: All data must be encrypted in transit and at rest
  • Access Logging: Complete audit trail of all data access and modifications
  • Retention Limits: Data retained only as long as required for legitimate purposes
  • Secure Deletion: Proper disposal of data when no longer needed

License Management

Adding New Datasets

  1. Legal Review: All new datasets require legal review for compliance
  2. License Assignment: Determine appropriate license category
  3. Documentation: Update this registry with new dataset information
  4. Access Configuration: Set up appropriate access controls and permissions

License Review Process

  • Annual Review: All licenses reviewed annually for continued appropriateness
  • Compliance Audit: Regular audits ensure adherence to license terms
  • Stakeholder Notification: Changes communicated to all affected parties
  • Legal Consultation: Complex licensing situations require legal expert review

Data Sharing and Collaboration

External Collaborations

  • Research Partnerships: Governed by specific collaboration agreements
  • Academic Collaborations: Require IRB approval and data sharing agreements
  • Vendor Relationships: Business Associate Agreements for third-party processing
  • Open Source Contributions: Only synthetic data may be contributed to open source projects

Publication and Presentation

  • Anonymized Data Only: Remove all personally identifiable information
  • Synthetic Demonstrations: Use synthetic data for public demonstrations
  • Attribution Requirements: Credit data sources appropriately
  • Review Process: All publications require data governance review

Enforcement and Violations

Violation Consequences

  • Access Revocation: Immediate removal of data access privileges
  • Disciplinary Action: Up to termination for serious violations
  • Legal Action: Potential civil and criminal penalties for unlawful disclosure
  • Reporting Requirements: Mandatory reporting of violations to regulatory authorities

Reporting Violations

Report suspected license violations immediately:

Resources and References

Key Documents

Internal Resources

  • Data Governance Committee Charter
  • Information Security Policy
  • Privacy Program Documentation
  • Compliance Training Materials

This license framework ensures responsible and compliant use of healthcare data while supporting innovation and research. All data users are responsible for understanding and following these guidelines.

Last Updated: 9/28/2025 Version: 1.0.0