Confidentiality in Research – What You Need to Know
Maintaining participant confidentiality is a vital part of research. It guarantees disclosed trust between the researcher(s) and participant(s) and ensures that sensitive information is not divulged to others without the participant’s consent.
In this article, we will discuss the basics you must know about confidentiality in research.
What is Confidentiality in Research?
Confidentiality in research refers to the researcher’s agreement with the participants. It elaborates how (through informed consent) a participant’s identifiable private information would be managed, handled, and disseminated.
During a study, researchers must inform the participants of critical precautions they will undertake to protect their confidentiality. Participants should know who will or may have access to their information. For instance, a research team may initially require data for their study, but later share their findings with the FDA.
Doing so allows research participants to decide whether they consent to the release of private information to interested parties and whether the researcher has followed adequate measures for data protection.
Privacy vs. Confidentiality in Research
Privacy is the control over circumstances, timing, and extent of sharing one’s information with others. It’s every person’s right to protect information about their actions and circumstances. For instance, people may refrain from sharing that they are receiving treatment for mental illnesses.
In academic research, the Institutional Review Board (IRB), a committee responsible for applying research ethics, reviews proposed research methods and puts forth strategies to protect privacy interests. However, the definition of privacy may change based on how the researcher acquired information about or from potential participants.
| Confidentiality vs. Privacy in Research | |
| Confidentiality | Privacy |
| Is about identifiable data | About people |
| Is an extension of privacy | The right to be in control of information others have about ourselves |
| Is an agreement about who has access to identifiable data and who maintains it | A right to be protected |
| When applied to HIPAA, confidentiality protects a patient’s “Protected Health Information” (PHI)from inappropriate disclosures | Related to the participant, not the IRB or researcher |
Maintaining Confidentiality in Research
An institution’s IRB is responsible for ensuring protocols and adequate provisions for protecting a research subject’s privacy. They are also responsible for maintaining confidentiality of identifiable information at every step of the research, from recruitment to maintenance of research data.
Protected Personally Identifiable Information (PPII) is information obtained during preliminary research, data collection, analysis, and dispensation, and after study closure.
Researchers are responsible for protecting participants from any harm resulting from confidentiality breaches. This harm includes loss of employment, loss of insurance, psychological stress, or damage to reputation.
At the same time, researchers must abide by any IRB-approved participant-researcher agreement to ensure the collection of research data is secure.
Routine Precautions to Protect Confidentiality
IRBs must design protocols to minimize the need for data collection and maintenance of identifiable information. Ideally, the data needs to be collected anonymously.
Where anonymity is not possible, researchers must perform steps to ensure the confidentiality of research participants and their data. There are several methods to keep data confidential through routine precautions, data encryption, and advanced statistical methods.
As a researcher, you can simply protect data by storing it in locked cabinets or by substituting codes for participant identifiers. Likewise, researchers can leverage various encryption protocols to hide highly sensitive data. At the same, statistical methods such as error inoculation can also help you hide sensitive data.
Researchers must pay considerable attention to data security and retention requirements both throughout the study and after its completion. Restricted data stored on portable devices and personal computers must be encrypted, especially if you are using it outside of the institution (i.e., research facility, university, etc.).
The same rules apply if the data is transferred electronically.
How to Identify Whether Your Research Data Requires Confidentiality
Ask yourself the following questions to determine whether data confidentiality applies to your research data:
- Does the dataset contain any identifiable data which you must protect?
- Are there ethical/legal requirements (e.g., HIPAA)?
- Will releasing data cause risk of harm?
If your answer to the above questions was yes, it’s essential for you to maintain data confidentiality. To learn more if your dataset falls within HIPAA compliance, consider what constitutes Protected Health Information under HIPAA.
Confidentiality in research helps researchers and academics safeguard participant information and prevent unauthorized modification, access, disclosure, use, loss, and theft. To learn more about research writing tips, visit our website.
