Access to data that is placed in dbGaP is controlled via the Data Access Request (DAR) process. Traditionally, after approval, a user downloads the data from dbGaP and there is no further direct control or monitoring of how the data is used or potentially redistributed. Within BDC, while access is managed in the same way as dbGaP, the data cannot be downloaded from BDC and all use of the data is logged and monitored. Therefore, the risk of unintended use of the data is reduced in BDC.