Research Data Management: Ethical Considerations

• If you are conducting any study involving human participants, and wish to make the data available at the end of the study then you need to consider from the very beginning  when designing the study.
• In particular, informed consent must be given for a specific purpose, including future use of data and data sharing, if applicable to the research project.
• Anonymisation is a valuable tool that allows data to be shared, whilst preserving privacy. The process of anonymising data requires that identifiers are changed in some way such as being removed, substituted, distorted, generalised or aggregated.

The Office of Research Ethics provides support and advice, including one-to-one consultations, for researchers going through the ethics review process.

4c What ethical issues and codes of conduct are there, and how will they be taken into account?

Points to consider: 

• Consider whether ethical issues can affect how data are stored and transferred, who can see or use them, and how long they are kept. Demonstrate awareness of these aspects and respective planning. 
• Follow the national and international codes of conducts and institutional ethical guidelines
• Informed consent: If you are conducting any study involving human participants, and wish to make the data available at the end of the study, informed consent must be given for future use of data and data sharing, if applicable to the research project.

Consider if you need to apply for a Research Ethics Review

• Research Ethics and Data Management are integrated across many aspects of the data lifecycle including the need to plan from the beginning, active storage of data, secure transfer of data, controlling access to the data during the research project, data retention, archiving of research data by either anonymising the data before sharing or selecting an archive which applies access control and data management responsibilities.

• UCD’s Research Integrity Policy gives examples of unacceptable practices which may be in the aggregate potentially as damaging to the overall reputation and integrity of research and/or the researcher(s). Serious or repeated instances of such practices can constitute research misconduct. Data-related practices e.g. not preserving primary data, poor data management and/or storage would be included as examples of unacceptable practices, according to UCD’s Research Integrity Policy. 

• “Where possible, researchers are encouraged to archive their data in an anonymized state for future use. However, it is important to remember that an individual’s permission is required to anonymize their personal data, as this usually means they are kept far longer than the duration of the project they were collected for. If archiving data, researchers must ensure that the archive used is appropriate to the nature of the personal data and that consent to archive the data for such future use is sought from participants at the consenting stage of their study. Researchers must ensure that arrangements are in place within their school/ institute or other UCD Unit for the secure storage and management of the archived data and that future access follows the spirit of the original consent and is controlled by the researcher’s School or unit in UCD.” UCD Code of Good Practice in Research with Humans and Animals, 2019

The process of informed consent involves describing the research to potential participants. It is defined as “a process by which an individual voluntarily expresses his or her willingness to participate in a particular trial, after having being informed of all aspects of the study that are relevant to the decision to participate” (Harmonisation Guidelines for Good Clinical Practice (ICH GCP 1996)). 

The researcher must explain to the participants the level of confidentiality of the research data and the measures that will be taken to ensure that confidentiality is maintained. In other words, they should provide a description of the steps that will be taken to protect the privacy of the participant and indicate under what circumstances records will be made available and to whom, including future use of data and data sharing, if applicable to the research project. Researchers should anticipate how the data may be used in the future and address it in the consenting procedure.

Personal data cannot be shared with a third party, unless specific and explicit consent is secured. Even if data is de-identified/anonymised prior to sharing it with a third party, this must be covered by valid consent of the person to whom the data pertains. Failure to properly address issues of consent may restrict the opportunities for initial use of data, the publishing of your results and the sharing of the data.

In order to make sure that research data can be made available for future reuse, it is important that consent for future reuse of the data by other researchers is sought from participants. Participants should be informed how research data will be stored, preserved and used in the long-term, and how confidentiality can be protected when needed.

If you are conducting any study involving human participants, and wish to make the data available at the end of the study then you need to consider from the very beginning  when designing the study. Enabling others to re-use your data will mean planning for this from the start of your research project. You will need to think critically of how research data can be shared, what might limit or prohibit data sharing (e.g. consent forms, confidentiality concerns), and whether any steps can be taken to remove such limitations. In paticular you will need to ensure you are asking for informed consent to share the data.

Key messages from ANDS Publishing and sharing sensitive data guide:

• The advantages of publishing your sensitive data will probably far outweigh any potential disadvantages when simple and appropriate steps are taken
• Publishing your data, or just a description of your data (that is the metadata), means that others can discover and cite it
• You can publish a description of your data without making the data itself openly accessible
• You can place conditions around access to published data
• Sensitive data that has been de-identified can be shared

Anonymisation is a valuable tool that allows data to be shared, whilst preserving privacy. The process of anonymising data requires that identifiers are changed in some way such as being removed, substituted, distorted, generalised or aggregated. Procedures to anonymise data should always be considered alongside obtaining informed consent for data sharing and imposing access restrictions.

It is not enough to simply remove direct identifiers from research data, it's also important to consider how indirect identifiers, or a combination of indirect identifiers, could lead to an individual being identified within the data.

A person's identity can be disclosed from:

• direct identifiers such as names, addresses, postcode information, telephone numbers or pictures
• indirect identifiers which, when linked with other publicly available information sources, could identify someone, e.g. information on workplace, occupation or exceptional values of characteristics like salary or age

​​Qualitative data anonymisation techniques:

• Remove major identifying data
• Remove all identifying details
• Replace with descriptions that reflect the significance of the original text within the context of the transcript
• Keep a tracking table to record all changes and to link real names with pseudonyms
• Indicate when a replacement has been made, e.g. @@Sarah##

Quantitative data anonymisation techniques:

• Remove direct identifiers
  • names; addresses; telephone numbers; email addresses; photos; IP addresses
• Aggregate categories to reduce precision
  • Band ages, incomes, expenditure etc. to disguise outliers
• Use standard coding frames, e.g. NUTS2
• Generalise meaning of detailed text
• Document the changes you make