If your research project involves human participants, personal data, and/or regulated material and procedures, it must be reviewed and approved by an ethics committee before the research begins.
Any research data relating to human participants will need to be carefully managed. This may include using suitably secure storage (transferring data securely when moved) and placing appropriate restrictions on who can access the data. It is also important to ensure participants have full information about how their data will be used - and, of course, that any assurances made are acted upon.
The UK Data Service offers a Research Data Management guide that covers (among other things) ethical issues, data protection, and anonymization. Please also see CUREC’s Best Practice Guidance, especially BPG 06 (Internet-mediated research), BPG 09 (Data collection, protection and management), and BPG 10 (Conducting research interviews).
Much research data – even sensitive data – can be shared legally if researchers employ strategies of informed consent, anonymization, and controlling access to data.
Anonymising data |
|||
Preserving the privacy of participants Anonymization is a valuable tool that allows data to be shared while preserving privacy. Anonymizing data requires that identifiers are changed in some way, such as being removed, substituted, distorted, generalized, or aggregated. A person’s identity can be disclosed by:
Balancing anonymization with keeping data usefulYou decide which information to keep for data to be useful and which to change. Removing key variables, applying pseudonyms, generalizing and removing contextual information from textual files, and blurring image or video data could result in missing important details or incorrect inferences being made. Anonymizing research data is best planned early in the research process to help reduce anonymization costs. It should also be considered alongside obtaining informed consent for data sharing or imposing access restrictions. Personal data should never be disclosed from research information unless a participant has consented to do so, ideally in writing. Below are links to web pages containing best practice guidance on anonymizing data:
|
Researchers obtaining data from people are expected to comply with the relevant legislation, such as data protection legislation (e.g., GDPR and the KVKK). Assessing disclosure risk can help to apply best practices of gaining consent, anonymizing data, and regulating access to enable data to be shared.
Some ethical issues, such as the duty of confidentiality, are legally binding.
Below are links to web pages which give further information on legal obligations and practical guidance on how to address this:
=> Personal Data Protection Authority (KVKK) |
Source: UK Data Service