Table of Contents
Data protection issues in research remain at the top of researchers’ and institutional awareness, especially in this day and age where confidential information can be hacked and disseminated. When you are conducting research on human beings, whether its clinical trials or psychological inquiries, the importance of privacy and confidentiality cannot be understated. In the past, it was as easy as a lockable file cabinet. But now, it’s more and more challenging to maintain confidentiality and data protection in research.
In this article, we’ll talk about the implications of confidentiality in research, and how to protect privacy and confidentiality in research. We’ll also touch on ways to secure electronically stored data, as well as third-party data protection services.
Data Protection and Confidentiality in Research
How can you protect privacy and confidentiality in research? The answer, in some ways, is quite simple. However, the means of protecting sensitive data can often, by design, be complex.
In the research time, the Principal Investigator is ultimately responsible for the integrity of the stored data. The data protections and confidentiality protocols should be in place before the project starts, and includes aspects like theft, loss or tampering of the data. The easy way to do this is to limit access to the research data. The Principal Investigator should limit access to this information to the fewest individuals possible, including which research team members are authorized to manage and access any data.
For example, any hard-copies of notebooks, questionnaires, surveys and other paper documentation should be kept in a secure location, where there is no public access. A locked file cabinet, away from general access areas of the institution, for instance. Names and other personal information can be coded, with the encoding key kept in a separate and secure location.
It is the Principal Investigator’s responsibility to make sure that every member of the research team is fully trained and educated on the importance of data protection and confidentiality, as well as the procedures and protocols related to private information.
Check more about the Team Structure and Responsibilities.
Implications of Confidentiality in Research
Even if paper copies of questionnaires, notes, etc., are stored in a safe, locked location, typically all of that information is also stored in some type of electronic database. This fulfills the need to have data available for statistical analysis, as well as information accessible for developing conclusions and implications of the research project.
You’ve certainly heard about the multitude of data breaches and hacks that occur, even in highly sophisticated data protection systems. Since research projects can often involve data around human subjects, they can also be a target to hackers. Restoring, reproducing and/or replacing data that’s been stolen, including the time and resources needed to do so, can be prohibitively expensive. That doesn’t even take into consideration the cost to the human subjects themselves.
Therefore, it’s up to the entire research team to ensure that data, especially around the private information of human beings, is strongly protected.
How Can Electronic Data Be Protected?
Frankly, it’s easier said than done to ensure confidentiality and the protection of research data. There are several well-established protocols, however, that can guide you and your team:
- Just like for any hard-copy records, limit who has access to any electronic records to the bare minimum
- Continually evaluate and limit access rights as the project proceeds
- Protect access to data with strong passwords that can’t be easily hacked, and have those passwords change often
- Access to data files should be done through a centralized, protected process
- Most importantly, make sure that wireless devices can’t access your data and your network system
- Protect your data system by updating antivirus software for every computer that has access to the data and confidential information
- If your data system is connected via the cloud, use a very strong firewall, and test it regularly
- Use intrusion detection software to find any unauthorized access to your system
- Utilize encryption software, electronic signatures and/or watermarking to keep track of any changes made to data files and authorship
- Back up any and all electronic databases (on and offsite), and have hard and soft copies of every aspect of your data, analysis, etc.
- When applicable, make sure any data is properly and completely destroyed
Check more about: Why Manage Research Data?
Using Third-Party Data Protection Services
If your institution does not have built-in systems to assure confidentiality and data protection in research, you may want to consider a third party. An outside information technology organization, or a team member specifically tasked to ensure data protection, might be a good idea. Also look into different protections that are often featured within database programs themselves.
Elsevier Author Services
Helping you publish your research is our job. If you need assistance with translating services, proofreading, editing, graphics and illustrations services, look no further than Elsevier Author Services.