Data Access and Governance

This page will help users navigate access to datasets on the platform and give an overview of data governance on the platform


Your first step as a user is to log in to the platform to become a credentialed user.

Please log in using the Single Sign-on. Single Sign-on is currently only available using your University of Toronto UTORid. If you require access to the platform but do not have a UTORid, please email the Data Steward at

Please note that your UTORid must be enrolled in multi-factor authentication (MFA) with DUO. Please follow this link to set up MFA with your account.

Once you are logged in, you can credential your account by accessing the "Credentialing" tab under "Settings". Click "apply for access" and complete the listed steps to become an Authorized User on the account.


Once you are credentialed on the platform, you will need to complete steps specific to each dataset in order to become an Authorized Dataset User for that dataset. Typically, you will need to complete one or more trainings and sign a Data Use Agreement.

Trainings can be managed in the "Training" tab under "Settings". To access a typical dataset, you will need to complete the following three trainings:

  • TCPS 2: CORE 2022. Accessing a dataset requires completing training in the policy requirements laid out in the Tri-Council Policy Statement: Ethical Conduct for Research Involving Humans (TCPS-2). Follow this link to access the training.
  • ISED Cybersecurity Training for Researchers. Researchers must complete a training module in Cybersecurity for Researchers from Innovation, Science, and Economic Development Canada (ISED). Follow this link to access the training.
  • Health Data Nexus Data User Code of Conduct. All users must sign a Code of Conduct to become credentialed on the Health Data Nexus. To confirm that you have read and agreed to the Code of Conduct, you must watch this instructional video.

Data Use Agreement

In addition to completing the required trainings, accessing a dataset requires the completion of a dataset-specific Data Use Agreement (DUA). Credentialed users can find a link to the the DUA on the dataset page.

Cloud Identity

Finally, as an Authorized Dataset User, you require the previsioning of a Google Cloud Identity in order to access the cloud-based analytics workspace. You can find instructions for creating your Cloud Identity on the "Research Environments" page.

Data Governance

Data governance on the Health Data Nexus is managed under a collection of governing documents, as well as the oversight of a Data Governance Committee. In addition to the Code of Conduct and Data Use Agreement mentioned above, the terms of the platform are also covered in the Data Governance Proposal, the Data Transfer Agreement (which covers the terms of data sharing between the Data Holder and T-CAIREM), the Data Governance Committee Terms of Reference, and the De-Identification Policy.

The governance and use of data on the Health Data Nexus have also been independently evaluated in a Privacy Impact Assessment (PIA) by INQ Law. For a copy of the PIA or any of the governing documents of the Health Data Nexus, please get in contact with the Data Steward at

Privacy Policy

When you use the Health Data Nexus, we will require information about you that is necessary to provide you with computational resources, functions, and other services (heretofore “Services”) to enable your activities. Information necessary for your use of the Health Data Nexus will also be generated and maintained as you use the Health Data Nexus. Together, the information that you provide and the information about your use of the Health Data Nexus are your User Information.

Your User Information is employed to:

  1. confirm your identity on login;
  2. confirm your privileges and provide the Services to you; and
  3. optimize system resources, security, and your experience with the Services.

Your User Information will be shared on a need-to-know basis with officials at T-CAIREM, at the University, partners, and service providers as necessary to provide you with the Services, and to support and maintain security.

For example, we collect information about your use including the Internet Protocol (IP) address from which you are connecting, and we track your use and actions in the Health Data Nexus to understand and optimize system resources, to improve the quality of your experience with the Services, and for security as noted above.

We do not trade or sell your User Information, nor do we share it without your consent, except as provided above or as required by law or University policy.

Your User Information is protected consistent with all privacy requirements that may apply to it, such as the Freedom of Information and Protection of Privacy Act.

We welcome your questions about your User Information or the Services, and invite you to contact:

Health Data Nexus Data Steward