Confidentiality in Research
Student's Guide: Confidentiality in Research
The most important principle in confidentiality: provide accurate information to potential participants and abide by the agreement made with the participant (and the IRB) about how you will access, use, transfer, store, and present their information.
A. Planning Your Study
Sometimes studies only involve access to information, and don’t directly involve people or their surroundings. If this describes your study, think about things on this list:
- Will you need to access identifiers at all? If not, complete a Form 129. Once this form is submitted and reviewed, you will receive a determination letter to let you know whether you need IRB Approval. This will save a lot of effort if your project is not determined to be Human Subjects Research.
- If you will access identifiers, will you need to collect any of those identifiers? If yes, what identifiers will you need to collect? Remember, you should design your study to see and collect as few identifiers as possible.
- Is your study subject to additional rules like HIPAA or FERPA? If so, you must be familiar with those rules and plan your study in ways that follow the rules. If your study has to follow HIPAA or FERPA rules, you might want to ask the IRB, the Registrar (FERPA), or the ETSU HIPAA Compliance Officer for some extra information.
Other studies involve interaction and/or interventions with people. If this describes your study, think about things on this list:
- Will you need to access information in order to let people know about your study (for example, get emails or addresses to send an invitation)?
- When you do your study, will you need to collect identifiers? If yes, what identifiers
will you need to collect? As a general rule, you should design your study with as
few identifiers as necessary. Remember:
- Audio and video recordings are considered identifiable.
- A list with names/ IDs and associated codes is considered identifiable
- Is your study subject to additional rules like HIPAA or FERPA? If so, you must be familiar with those rules and conduct your study in ways that follow the rules. That includes both the information you use to let people know about your study, and the information you get during your study. Be sure to discuss these areas with your advisor. If your study has to follow HIPAA or FERPA rules, you might want to ask the IRB, the Registrar (FERPA), or the ETSU HIPAA Compliance Officer for some extra information.
Sensitive Data: If your study will collect names of people or other identifiers, and the topic is a sensitive one1, then consider whether you need a Certificate of Confidentiality. Certificates of Confidentiality protect researchers and institutions from being compelled by legal demands to disclose information that would identify research participants. Certificates of Confidentiality add another level of protection, and are a tool to help minimize the risks to subjects by further protecting the confidentiality of private information.
B. Writing Your ConSent
Your consent process must tell the person what information you will be accessing or collecting, and how you will use, transfer, store and present that information.
- Most social behavioral studies do have a risk of possible loss of confidentiality. This is especially true if you are using online methods, or email, etc. Your consent and your xForm should talk about this risk along with how you are making it as small as possible.
- Make sure your answers to the risk questions in your xForm and your consent match. They do not have to be the same words, but they must have the same meaning.
- If your study has to follow HIPAA rules, you must make sure that the information in your HIPAA Authorization language matches your consent. Otherwise, you may not have a valid authorization and will not be able to use the data.
Here are some examples. Your study is unique. Please do not just copy an example and use it without making sure it is accurate for your study.
- Online survey that:
- does not collect any identifiers and
- does not collect information that would allow someone to figure out the identity of
a participant in your study
Sample language (see IRB template on the website for more information):
Your confidentiality will be protected as best we can. Since we are using technology no guarantees can be made about the interception of data sent over the Internet by any third parties, just like with emails. We will make every effort to make sure that your name is not linked with your answers. First, we will not ask for your name or other identifying information on the survey. Second, (Insert the name of the online platform that you will use) has security features that will be used: [insert what the security features that you will you use are (e.g., IP addresses will not be collected and SSL encryption software will be used).
2. Study that involves interviews that are recorded
Your consent process must tell the person:
- That you will be making recordings of them, including saying the type of recording (Audio, Video, Digital)
- How you will use their data
- Who will have access to their data
- How you will protect their identity
- Where you will store their recording
- How you will keep their recording secure
- When you will destroy their recording
3. Study involves interviews of people and questions that are not sensitive
First, ask yourself:
- Will I want to use quotes from the interviews?
- Will I want to use their names?
- Will I want to include other information that might identify a participant?
- Will I be recording the interview (either audio or video)?
- Will I want to present the audio/video in meetings, for educational purposes, etc.?
- For study that will not use quotes or names or other potentially identifiable information:
“The results of this study may be published and/or presented at meetings
without naming you as a participant.”
- For study that will use names or other potential identifiers (for example, oral history
projects or interviews of experts in their field):
You will need to tell the potential participant about any options they have. For example:
- Can they choose whether they want their name used?
- Will they have an opportunity to review the transcript?
- You will also need to tell them what your plan is for the information; for example, will the results be put in an archive, or posted online?
C. Submitting Your Study to the IRB
In the New Protocol Submission xForm, you will be asked many questions about confidentiality. Why? Because it is so important that the IRB is not allowed to approve a study, or even issue an exempt determination, unless they can say that your study protects people’s confidentiality in the right ways.
Here are some general principles to keep in mind as you design and tell the IRB about your study:
- If appropriate, plan to use codes on your data instead of identifiers. For example, a participant number (like A1 and A2) or some other type of code could be used instead of using identifiers like names.
- Plan where and how you will keep your paper data. It should be secure, in locked files.
- Make sure that your plan to store or transfer any electronic data will be secure. If your study has to follow HIPAA or FERPA rules, or has sensitive data, there are very specific rules about where you can keep that data and how it can be transferred.
- Consider whether you can collect your data, keep it, and/or analyze it without getting or keeping identifiers.
- Sometimes you make someone identifiable by the questions that you ask or information that you get, even if you do not use their name. You need to be careful that it is not possible to identify someone by the information you ask. For example, if you are studying a small group, and you ask their race, gender, age, and job position, some people could be identified even without names. You can prevent this possibility (called deductive identification) by using a different way of getting or presenting the data. For example, you can use broader categories, like asking age ranges instead of birthdates. You could also ask fewer questions or ask them in a more general way.
When you answer the questions on your xForm, be sure you think through all the issues and clearly explain how you plan to do your study. Be prepared to explain:
- Why collecting identifiers is necessary
- How you will protect identifiable data
- How you will safely move your data from one location to another (Unless all data is being collected and analyzed in the exact location of where it will be stored, then you are electronically or physically sending the data to another location. This includes downloading data from a server to another drive.)
- Where and how you will store the data safely
- How you will keep the records in line with the rules
- If you are using codes, how you will keep the key code in a secure, separate location from your data
- How you will present or use the data
- Risks that might result if unauthorized access to the data were to happen
- If you will be recording, who will have access to the recordings, who will have access
to information about the recordings, such as the names of the participants or the
locations where the recording will occur, where and how the recordings will be stored,
and how long the recordings will be retained. Research records are generally required
to be maintained for 6 years from the end of the calendar year in which the study
is closed. However, for recordings, researchers may seek permission from the
IRB to destroy the recordings once the information you need for your research has been obtained.
D. Conducting Your Study
Once you have IRB approval and start your study, you will need to:
- Be sure that you and all your study staff know how to keep the research data secure
- Make sure that everyone working on your study knows the importance of confidentiality.
- Follow the plan the IRB approved and what your participants agreed to
- Follow all the rules that apply to your study as well
- If, during the study, you want to make any changes at all, you have to get the IRB’s permission first. (See Policy 10 for emergency exception).
E. Writing Your Research Results
- The most important principle: abide by the terms of your agreement with the
participant in the informed consent process. You must also make sure that you abide by
the terms of your IRB approval.
- Ask yourself:
• What did the informed consent tell participants about how their data would be used?
• What did I tell the IRB about how I would keep the data safe? What did they approve?
• What rules do I have to follow?
You may only publish or present your research within the limits of these three answers.
- Dedication and Acknowledgements:
Sometimes students may want to thank the people who helped them with their research. Please remember, you may not name or identify an individual, or identify them as members of a certain organization. * Any reference should only be a general one.
- Describing the Setting:
There are two issues here that sometimes seem to be at odds with one another. You want to provide enough information to place the appropriate framework for your study results. However, you also should not include such detailed information that you make your study participants identifiable by making the site identifiable.*
For example, if your research includes an interview of a principal and a guidance counselor at a single small school, and you name the school, you have, in essence, identified the participants.
Instead, to protect the confidentiality of your participants, you would need to use a general description of the school. An example is saying “a small elementary school in the southeast” instead of naming the school or school district.
- Describing the Participants:
The same two issues are relevant here: protecting confidentiality and providing accurate information. While acknowledging the significant importance of appropriate details about participants for proper interpretation of case studies, the APA Manual notes “Subject privacy, however, should never be sacrificed for clinical or scientific accuracy.” (APA Publication Manual [PM]; 6th ed., § 1.11, p. 16)
The APA Publication Manual lists two pathways to achieve appropriate confidentiality:
- Write the description/information that you want to use, provide it to the participant, and get their written consent to publish and/or present that description/information. (note: requires IRB approval)
- Use strategies to disguise the identity of the participants so that “neither the subject nor third parties (e.g., family members, employers) are identifiable.” Strategies include revising characteristics of the participant(s), limiting your description of some of the specific demographics or other information, blurring the details by adding extra information, or combining information about participants into one composite. These strategies requires a delicate balance to make sure that the integrity of the information is preserved. (APA Publication Manual [PM]; 6th ed., § 1.11, p. 16)
o When describing the locale: say “Appalachian region” instead of “Harlan, Kentucky”
o When describing a participant: say “middle-aged retired teacher” instead of “56 year old Caucasian who retired after twenty-three years as a kindergarten teacher at a Johnson City elementary school”
6. Quoting the Participants:
If you want to include quotations from the participants in your thesis or dissertation,
- Including their quotations is within the scope of what your informed consent told participants about how their data would be used
- They agreed to have their quotations included
- This is consistent with what the IRB approved
The ETSU Graduate School does not require that you include IRB approval letters or site permission letters as appendices. You do have to provide the Graduate School with your IRB approval letter(s) for their records.
8: Other Rules:
You must also consider any other rules, such as HIPAA or FERPA, that apply to your study; and ensure that your thesis/dissertation is compliant with any restrictions imposed by applicable rules. Be sure you do not include any HIPAA identifiers without checking with the ETSU HIPAA Compliance Officer.
*unless you have IRB approval and permission from the participant to do so
1 Sensitive information includes (but is not limited to) information relating to sexual attitudes, preferences, or practices; information relating to the use of alcohol, drugs, or other addictive products; information pertaining to illegal conduct; information that, if released, might be damaging to an individual's financial standing, employability, or reputation within the community or might lead to social stigmatization or discrimination; information pertaining to an individual's psychological well-being or mental health; and genetic information or tissue samples. (Source: https://humansubjects.nih.gov/coc/faqs#definition-panel1, accessed 5/19/17)