Javascript is required for the Webster University web site.
Please activate JavaScript in your web browser's preferences.

About Webster University Academics Admissions Worldwide Campuses Contact the University
Webster University Home Page Student Life & ServicesNews & EventsLibraryLog Into Connections
 You Are Here:   Home > Design Issues >

    The IRB Process

    Design Issues

    Privacy, Confidentiality, and Design Considerations

    The possibility that research may invade the privacy of individuals or result in a breach of confidentiality sometimes arises in biomedical and behavioral research. Under certain circumstances, an invasion of privacy or breach of confidentiality may even present a risk of serious harm to subjects (e.g., as when the researcher obtains information about subjects that would, if disclosed by the researcher, jeopardize their jobs or lead to their prosecution for criminal behavior). Under less dramatic circumstances, an invasion of privacy or breach of confidentiality can be a moral wrong, or, at least in theory, provide cause for legal action against a researcher or institution. Privacy can be defined in terms of having control over the extent, timing, and circumstances of sharing oneself (physically, behaviorally, or intellectually) with others. Confidentiality pertains to the treatment of information that an individual has disclosed in a relationship of trust and with the expectation that it will not be divulged to others in ways that are inconsistent with the understanding of the original disclosure without permission.

    Privacy and Research

    In the context of research, concerns about privacy pertain primarily to the methods used to obtain information about subjects. Objections to the nature of information being sought in research are sometimes couched in the language of privacy (i.e., that it would be an invasion of a subject's privacy even to inquire about certain matters of a personal nature). IRBs are often reluctant to accept these arguments, which tend to preclude research on such topics. In any event, the issue of whether there may be harm in asking certain questions is less a matter of privacy than one of risks versus benefits, and is, therefore, not discussed in this Section.

    Researchers ordinarily use information that subjects have disclosed or provided voluntarily for research purposes (i.e., with their informed consent). Under these circumstances, there is little reason for concern about privacy, other than to assure that appropriate confidentiality of research data is maintained. Where privacy issues do arise is in regard to information obtained for research purposes without the consent of subjects. Concerns about the privacy interests of research subjects may arise in several different contexts.

    Privacy Issues in the Use of Personally Identifiable Records. Identifying suitable subjects often presents no ethical problems. Physicians studying a particular disease may be able to identify subjects from among their own patients, and the sociologist interested in studying people who have recently been married can identify their subjects through public records. Privacy concerns may arise when potential subjects cannot be identified from public records or from sources to which the researcher's work provides access.

    To identify suitable subjects, researchers must sometimes approach institutions (e.g., hospitals or schools) seeking information generally regarded as confidential (e.g., the identity of patients treated for a particular condition or students meeting a particular criterion). In some circumstances, the researcher needs information that would make it possible to contact suitable subjects to obtain further data. In other circumstances, no contact with subjects is contemplated because the information to be obtained from the records is sufficient (or will be combined with data from other sources). In these cases, personal identifiers may not need to be recorded by the researchers, or, if recorded, can be destroyed at some stage of the research. All of these factors are relevant to IRB assessments of privacy and confidentiality issues in research.

    When patients give information about themselves to a doctor or hospital for the purpose of facilitating diagnosis or treatment of disease, they do so in a relationship of trust. They generally expect that the information will be shared only as necessary for their health care or reimbursement by their insurance company or other third party payer; patients would not expect information that identifies them to be passed on in casual conversations at cocktail parties or made available to journalists or to university students writing papers. Nor do they necessarily intend that the information will be shared with even their closest family members. Health care providers should respect the patient's trust. They should not betray the confidence placed in them. (The same may be said of educators with regard to students, and of employers with regard to employees.) Yet such confidences are not absolute; patient records are commonly used for a variety of purposes other than the care of a particular patient for the management of the organization through quality assurance programs and for utilization review. To say that an organization has an obligation to keep certain patient information confidential does not resolve the question of what uses are appropriate for those records.

    Clearly, some important research cannot be conducted unless an investigator gains access to many records (sometimes thousands). It is not possible to specify precisely when an institution should honor a researcher's request to examine records or when an IRB should approve this potential invasion of privacy.

    In studies of documents, records, or pathological specimens where the subjects are identified, informed consent may be waived if the IRB determines that the subject's interests are adequately protected and the importance of the research justifies the invasion of privacy. This may include all research involving the collection or study of existing data, documents, records, pathological specimens, or diagnostic specimens if the sources are publicly available or if the information is recorded by the investigator in a manner that does not allow subjects to be identified, either directly or through identifiers that are linked to them.

    In cases where researchers gain access to identified records without the individual's explicit permission, methods for reducing the associated privacy problems should be considered. For instance, an institution possessing records on suitable subjects may be willing to contact them and ask their permission to release their names to the researcher. Another approach is for institutions to make known the uses to which its records may be put in advance, so that individuals will be aware that their records may be used in research. Some institutions provide an opportunity for people to consent (or withhold consent) to use at the time of the initial creation of the record. Various other creative solutions may be negotiated among researchers, institutions, and IRBs.

    Observational Studies. Of all the methods used to locate suitable subjects and obtain data, covert observation and participant observation are especially likely to raise concerns about privacy. Covert observation includes the use of concealed devices to record information for later analysis (e.g., tape recording conversations or videotaping personal interactions) and concealment of the researcher (e.g., behind a one-way mirror) as the behavior of subjects is observed and recorded. In participant observation, the researcher assumes a role in the setting or group being studied. When the purpose of these methods is to gain access to information not ordinarily available to "outsiders," questions of privacy arise. (Similar issues about obtaining information not intended to be disclosed can be raised about many other forms of research that involve deception.)

    Several factors may be relevant to an IRB's evaluation of such privacy questions. One is the extent to which the behavior in question is public. Covert observation of public behavior (e.g., observing pedestrians on the street) raises little if any concern about privacy; concealed observation of people in their homes would be quite another matter. Some behavior that occurs in public places may not really be public behavior if the individuals involved have a reasonable expectation of privacy. Research involving covert recording of conversations in public parks or filming of activities in public rest rooms clearly raises invasion of privacy questions. Observational studies in quasi-public places (e.g., hospital emergency rooms or state mental hospital wards) may also raise such concerns.

    A question sometimes raised about the use of covert observation in research is whether an ethical issue exists if the subjects never become aware of the invasion of privacy. That is, if subjects are never aware that their behavior has been observed or recorded for research purposes, they can hardly feel embarrassed, guilty, or that their rights have been violated. On the other hand, it can be argued that an invasion of privacy is wrong, whether or not the subjects are ever aware of it. In some cases, subjects may inadvertently learn of their involvement in the research, perhaps when the study is published, and feel that they have been harmed.

    Confidentiality of Research Data

    A major set of concerns about confidentiality pertains to the methods used to ensure that information obtained by researchers about their subjects is not improperly divulged. Perhaps because the creation and handling of confidential records is routine in medical institutions, discussions of confidentiality as a special ethical responsibility of researchers have been more prominent in the social sciences than in the biomedical sciences. Nevertheless, the need for confidentiality exists in virtually all studies in which data are collected about identified subjects. It is in the interest of researchers and essential to the conduct of research on sensitive topics that researchers be able to offer subjects some assurance of confidentiality. These assurances should be given honestly, which sometimes requires the researcher and the IRB to make explicit provisions for preventing breaches of confidentiality.

    In most research, assuring confidentiality is only a matter of following some routine practices: substituting codes for identifiers, removing face sheets (containing such items as names and addresses) from survey instruments containing data, properly disposing of computer sheets and other papers, limiting access to identified data, impressing on the research staff the importance of confidentiality, and storing research records in locked cabinets. Most researchers are familiar with the routine precautions that should be taken to maintain the confidentiality of data. More elaborate procedures may be needed in some studies, either to give subjects the confidence they need to participate and answer questions honestly, or to enable researchers to offer strong, truthful assurances of confidentiality. Such elaborate procedures may be particularly necessary for studies in which data are collected on sensitive matters such as sexual behavior or criminal activities.

    In studies where subjects are selected because of a sensitive, stigmatizing, or illegal characteristic (e.g., persons who have sexually abused children, sought treatment in a drug abuse program, or who have tested positive for HIV), keeping the identity of participants confidential may be as or more important than keeping the data obtained about the participants confidential. In such instances, any written record linking subjects to the study can create a threat to confidentiality. Having the subjects of these studies sign consent forms may increase the risk of a breach of confidentiality, because the consent form itself constitutes a record, complete with signature, that identifies particular individuals of the group studied. The Federal Policy allows IRBs to waive the requirement for the investigator to obtain a signed consent form where it will be the only record linking subjects to the research, and where a breach of confidentiality presents the principal risk of harm that might result from the research.

    Where data are being collected about sensitive issues (such as illegal behavior, alcohol or drug use, or sexual practices or preferences) protection of confidentiality consists of more than preventing accidental disclosures. There have been instances where the identities of subjects or research data about particular subjects have been sought by law enforcement agencies, sometimes under subpoena, and with the threat of incarceration of the uncooperative researcher.

    Sensitive research can be defined as involving the collection of information falling into any of the following categories:

    • Information relating to sexual attitudes, preferences, or practices;
    • Information relating to the use of alcohol, drugs, or other addictive products;
    • Information pertaining to illegal conduct;
    • Information that if released could reasonably be damaging to an individual's financial standing, employability, or reputation within the community;
    • Information that would normally be recorded in a patient's medical record, and the disclosure of which could reasonably lead to social stigmatization or discrimination;
    • Information pertaining to an individual's psychological well-being or mental health.

    Information in other categories, not listed here, might also be considered sensitive because of specific cultural or other factors, and protection can be granted in such cases upon appropriate justification and explanation.

    Design Considerations:

    • Does the research involve observation or intrusion in situations where the subjects have a reasonable expectation of privacy? Would reasonable people be offended by such an intrusion? Can the research be redesigned to avoid the intrusion?
    • If privacy is to be invaded, does the importance of the research objective justify the intrusion? What if anything, will the subject be told later?
    • If the investigators want to review existing records to select subjects for further study, whose permission should be sought for access to those records (the physician, the institution maintaining the records, the subjects)? How should the subjects be approached (through their physician, the medical records department, the institution)?
    • Will the investigator(s) be collecting sensitive information about individuals? If so, have they made adequate provisions for protecting the confidentiality of the data through coding, destruction of identifying information, limiting access to the data, or whatever methods that may be appropriate to the study? If the information obtained about subjects might interest law enforcement or other government agencies to the extent that they might demand personally identifiable information, can a grant of confidentiality be sought from a federal or state agency to protect the research data and the identity of the subjects from subpoena or other legal process?
    • Are the investigator's disclosures to subjects about confidentiality adequate? Should documentation of consent be waived in order to protect confidentiality?
    • Questionnaires, inventories, interview protocols, and other data-gathering instruments and procedures should be carefully designed to limit the personal information acquired to that absolutely essential to the activity.
    • As early as feasible, the data should be handled in coded form (i.e., the subject's name and information that would reveal his or her identity should be removed; consent forms separated from data). Plans for the ultimate disposition of the data should be made.
    • The identity of subjects must not be released except with their expressed permission.
    • The risks to subjects must be examined and the anonymity and/or confidentiality of subjects must be preserved in studies using stored data or information originally obtained for different purposes. Similarly, these precautions must be followed when data collection for nonpublic record purposes (e.g., admission to a school) are used in activities covered by this policy.
    Design Issues Menu
    Contact

    All applications are to be sent to the IRB Expeditor:

    Lisa Muex-Sisson
    Coordinator
    Academic Affairs
    Loretto Hall 151
    470 E. Lockwood Ave.
    St. Louis, MO 63119

    PH: 314-246-7949
    FAX: 314-968-7076

    irb@webster.edu
    or
    oacadaff@webster.edu

    Questions can be directed to the IRB Chair:

    Barbara Wehling
    Professor, Nursing Department
    College of Arts & Sciences
    Phone: (314) 968-7179
    wehlinba@webster.edu

    Worldwide Locations
    Worldwide Locations Subtitle
           
    		 Departments Site Mapspacer
    Copyright ©2003-2011 Webster University     470 East Lockwood Avenue     St. Louis, MO 63119-3141 U.S.A.
    Please direct questions about this web site to marketing@webster.edu.