Understanding Privacy and Confidentiality in Human Subject Research, Lecture notes of History

An overview of the differences between privacy and confidentiality in the context of human subject research. It outlines strategies for protecting privacy and maintaining confidentiality, as required by federal regulations. The document also includes regulatory and guidance references for both privacy and confidentiality.

Typology: Lecture notes

2021/2022

Uploaded on 09/12/2022

mcboon
mcboon 🇺🇸

4.5

(39)

276 documents

1 / 2

Toggle sidebar

This page cannot be seen from the preview

Don't miss anything!

bg1
D32.0000
1
Privacy vs. Confidentiality
What’s the Difference?
The IRB is responsible for systematically evaluating proposed research for adequate provisions which
protect the privacy interests of participants and to maintain the confidentiality of identifiable data.
The federal regulations differentiate between privacy and confidentiality, and it is important to
understand the difference to determine whether these regulatory criteria for approval of human
subject research are appropriately met.
Privacy
Privacy refers to a person’s desire to control the access of others to themselves. For example, persons
may not want to be seen entering a place that might stigmatize them, such as a pregnancy counseling
center that is clearly identified as such by signs on the front of the building. Privacy concerns people,
whereas confidentiality concerns data. The research proposal should outline strategies to protect
privacy including how the investigator will access information from or about participants.
In developing strategies for the protection of subjects’ privacy, consideration should be given to:
The methods used to identify and contact potential participants.
The settings in which an individual will be interacting with an investigator.
The appropriateness of all personnel present for research activities.
The methods used to obtain information about participants.
The nature of the requested information.
Information that is obtained about individuals other than the “target participants,” and whether
such individuals meet the regulatory definition of “human participant” (e.g., a subject provides
information about a family member for a survey).
Privacy guidelines developed by relevant professional associations and scholarly disciplines (e.g.,
oral history, anthropology, psychology).
How to access the minimum amount of information necessary to complete the study.
Regulatory and Guidance References
45 CFR 46.111(a)(7)
21 CFR 56.111(a)(7)
Confidentiality
Confidentiality refers to the researcher’s agreement with the participant about how the participant’s
identifiable private information will be handled, managed, and disseminated. The research proposal
should outline strategies to maintain confidentiality of identifiable data, including controls on storage,
handling, and sharing of data. When appropriate, certificates of confidentiality could be used to
maintain the confidentiality of identifiable data (for more information on Certificates of Confidentiality,
see ORI’s “Certificate of Confidentiality Summary Sheetin the online IRB Survival Handbook under
topic Confidentiality/Certificate of Confidentiality:).
pf2

Partial preview of the text

Download Understanding Privacy and Confidentiality in Human Subject Research and more Lecture notes History in PDF only on Docsity!

D32.

Privacy vs. Confidentiality

What’s the Difference?

The IRB is responsible for systematically evaluating proposed research for adequate provisions which protect the privacy interests of participants and to maintain the confidentiality of identifiable data. The federal regulations differentiate between privacy and confidentiality, and it is important to understand the difference to determine whether these regulatory criteria for approval of human subject research are appropriately met.

Privacy

Privacy refers to a person’s desire to control the access of others to themselves. For example, persons may not want to be seen entering a place that might stigmatize them, such as a pregnancy counseling center that is clearly identified as such by signs on the front of the building. Privacy concerns people, whereas confidentiality concerns data. The research proposal should outline strategies to protect privacy including how the investigator will access information from or about participants.

In developing strategies for the protection of subjects’ privacy, consideration should be given to:

  • The methods used to identify and contact potential participants.
  • The settings in which an individual will be interacting with an investigator.
  • The appropriateness of all personnel present for research activities.
  • The methods used to obtain information about participants.
  • The nature of the requested information.
  • Information that is obtained about individuals other than the “target participants,” and whether such individuals meet the regulatory definition of “human participant” (e.g., a subject provides information about a family member for a survey).
  • Privacy guidelines developed by relevant professional associations and scholarly disciplines (e.g., oral history, anthropology, psychology).
  • How to access the minimum amount of information necessary to complete the study.

Regulatory and Guidance References

  • 45 CFR 46.111(a)(7)
  • 21 CFR 56.111(a)(7)

Confidentiality

Confidentiality refers to the researcher’s agreement with the participant about how the participant’s identifiable private information will be handled, managed, and disseminated. The research proposal should outline strategies to maintain confidentiality of identifiable data, including controls on storage, handling, and sharing of data. When appropriate, certificates of confidentiality could be used to maintain the confidentiality of identifiable data (for more information on Certificates of Confidentiality, see ORI’s “Certificate of Confidentiality Summary Sheet” in the online IRB Survival Handbook under topic Confidentiality/Certificate of Confidentiality :).

D32.

When the IRB evaluates research proposals for strategies for maintaining confidentiality, where appropriate, consideration will be given as to whether:

  • Methods to shield participants' identity adequately protect participant privacy.
  • There is a long-range plan for protecting the confidentiality of research data, including a schedule for destruction of identifiers associated with the data.
  • The consent form and other information presented to potential research participants adequately and clearly describe confidentiality risks.
  • The informed consent process and the informed consent document (and, if applicable, the HIPAA Authorization section), clearly delineate who will have access to the subject’s information and under what circumstances data may be shared (i.e., with government agencies, sponsors).

Regulatory and Guidance References

  • 45 CFR 46.111(a)(7)
  • 21 CFR 56.111(a)(7)

*Organizations subject to the HIPAA Privacy Rule should comply with the provisions applicable to research.

Sections of this handout adapted from the Association for the Accreditation of Human Research Protections (AAHRPP) Evaluation Instrument Update based on OHRP Recent Compliance Oversight Determinations [2/4/09]

University of Kentucky TG-4/11/ CW–8/28/ J:\Master Outreach Documents\Survival Handbook\D - Guidance-Policy-Educational\32-Privacy-vs-Confidentiality.doc