Privacy vs. Confidentiality

Federal regulations for the protection of human participants in research require IRBs to consider the adequacy of provisions to both protect the privacy of participants and to maintain confidentiality of the research data (when appropriate) (45 CFR 46.111(a)(7)).

Privacy and confidentiality are also supported by two principles of the Belmont Report:

Respect for persons – Individuals should be treated as autonomous agents able to exercise their autonomy to the fullest extent possible, including the right to privacy and the right to have private information remain confidential.

Beneficence – Maintaining privacy and confidentiality helps to protect participants from potential harms including psychological harm such as embarrassment or distress; social harms such as loss of employment or damage to one’s financial standing; and criminal or civil liability.

Although often used interchangeably, for the purposes of human research protection, the terms "privacy" and "confidentiality" represent two different concepts: one related to the person, and the other related to information. It is important to understand the difference to determine whether these regulatory criteria for approval of human research are appropriately met.

What is Privacy?

‘Privacy’ refers to an individual's right to control the extent, timing, and circumstances of sharing oneself (physically, behaviorally, or intellectually) with others, including personal information used in what may be presumed by the user to be a private setting (e.g., social media). Privacy concerns relate to the methods by which prospective participants are identified and approached, and sometimes include data collection methods (e.g., use of existing records for research; observational research). Always remember: Privacy is in the eye of the participant, not the researcher or the IRB.

In developing strategies for the protection of subjects’ privacy, consideration should be given to:

• The methods used to identify and contact potential participants.
• The settings in which an individual will be interacting with an investigator.
• The appropriateness of all personnel present for research activities.
• The methods used to obtain information about participants.
• The nature of the requested information.
• Information that is obtained about individuals other than the “target participants,” and whether such individuals meet the regulatory definition of “human participant” (e.g., a subject provides information about a family member for a survey).
• How to access the minimum amount of information necessary to complete the study.

What is Confidentiality?

‘Confidentiality’ refers to how private information provided by individuals will be protected by the researcher from release. In human subjects research, it refers to the expectation that information an individual has disclosed in a pre-arranged agreement between parties (e.g., between researcher and participants) will not be divulged to others in ways that are inconsistent with the understanding of the original disclosure or that permission will be obtained for disclosures not previously authorized by the individual. The understanding of how the information will be used should be outlined in a consent agreement. The agreement may be presented through an information script or sheet with oral or implied consent, or through use of a signed consent document.

All studies including those using internet and social media technologies must maintain the confidentiality of information obtained from or about participants and adequately address possible risks to participants. Confidentiality concerns include data handling methods during data coding, storage, transport (when applicable), de-identification processes, and destruction.

Strategies to protect one’s confidentiality may include the following:  

• The consent form and other information presented to potential research participants adequately and clearly describe confidentiality risks.
• Paper-based records will be kept in a secure location and only be accessible to personnel involved in the study
• Computer-based files will be encrypted and only made available to personnel involved in the study through the use of secure access privileges and passwords
• Prior to accessing any study-related information, personnel will be required to sign statements agreeing to protect the security and confidentiality of identifiable information
• Whenever feasible, identifiers will be removed from study-related information
• Audio and/or video recordings of subjects will be transcribed and then destroyed to eliminate audible or visual identification of subjects

What is the HSC’s role?

The Human Subjects Committee (HSC) must decide on a protocol-by-protocol basis whether there are adequate provisions to protect the privacy of participants and to maintain the confidentiality of the identifiable data at each segment of the research from recruitment to maintenance of the data. Especially in social/behavioral research, the primary risk to subjects is often an invasion of privacy or a breach of confidentiality.

In regards to privacy, the following issues should be considered and addressed in the protocol narrative as needed:

• The proposed subject population?
  • What are the cultural norms of the proposed subject population? Some cultures are more private than others.
  • What are the ages of the proposed subject population? There may be age differences in privacy preferences (e.g., teenagers less forthcoming than older adults)
• The proposed recruitment methods?
  • How potential participants are identified and contacted should not invade privacy
• Sensitivity of the information being collected:
  • The greater the sensitivity, the greater the need for privacy
• Method of data collection (focus group, individual interview, covert observation)
  • Will subjects feel comfortable providing the information in this manner?
  • If passively observing the subject; could the individual have an expectation of privacy (e.g., chat room for breast cancer patients)?
  • Will the researcher collect information about a third-party individual that is consider private (e.g., mental illness, substance abuse in family)? If yes, informed consent should be obtained from third party?

For confidentiality, the following issues should be considered and addressed in the protocol as needed:

• Are there legal/ethical requirements?
  • California state laws;
  • HIPAA: for research involving medical records;
  • Department of Education (DoEd) and Family Educational Rights and Privacy Act (FERPA): for research involving education records
• Will release of data cause risk of harm?
  • Data security must be appropriate to the degree of risk from disclosure
• Do the Informed Consent documents clearly and entirely disclose what will happen to the data?
  • Who will have access to the participant’s information?
  • Under what circumstances data may be shared
• Protocols should be designed to minimize the need to collect and maintain identifiable information about research subjects
  • If possible, data should be collected anonymously
  • Identifiers should be removed and destroyed as soon as possible
  • Access to research data should be based on a “need to know” and "minimum necessary" standard
• Is the information collected potentially re-identifiable even without direct identifiers?
  • Small subject populations make individuals much easier to identify, such as a specific job title in a small town during a specific time-frame.
• Provisions to protect data or samples at every stage
  • Collection (e.g. survey platform security)
  • Transmission (e.g. moving data between involved parties)
  • Storage (e.g. Secure servers, locked file cabinets, etc.)
• Is there a long-range plan for protecting the confidentiality of research data, including a schedule for destruction of identifiers associated with the data?

Researchers and HSC members must consider the complete spectrum of research activities, risks of participation, and environmental and cultural factors to fully assess the adequacy of processes and mechanisms in place. Together, it is our responsibility to protect participant privacy and maintain data confidentiality.