Legal And Ethical Issues In Sharing Data - UK Data Service

5m ago
4 Views
1 Downloads
700.72 KB
39 Pages
Last View : 19d ago
Last Download : 2m ago
Upload by : Troy Oden
Transcription

Legal and Ethical Issues inSharing DataScott Summers and Veerle Van den EyndenUK Data ServiceUniversity of EssexCancer Research UK Data Sharing andManagement24th May 2017

Ethical and legal issues in data sharing Legal and ethical aspects Informed consent for data sharing Anonymising data Controlling access to data Working with Research Ethics Committees (RECs)and Institutional Review Boards (IRBs)

Ethical arguments for archiving data Not burden over-researched, vulnerable groups Make best use of hard-to-obtain data, e.g. elites, sociallyexcluded, over-researched Extend voices of participants Provide greater research transparencyIn each, ethical duties to participants,peers and public may be present

Ethical obligations and data sharing Research with human participants usually requiresethical review (Research Ethics Committee) Ethical conduct in research and protection of safety,rights and well-being of research participants – ‘do noharm’ Data archives such as UK Data Archive facilitate ethicalre-use of research data, protection of participants andsafeguarding of personal data data anonymisation regulate data access data sharing is NOT violation of data privacy or research ethics

Legal Compliance

Duty of confidentiality and data sharing Duty of confidentiality exists in UK common law and mayapply to research data If participant consents to share data, then sharing doesnot breach confidentiality Public interest can override duty of confidentiality May need to give up data for court subpoena or to police Best practice is to avoid vague or general promises inconsent forms

Data Protection Act 1998 Personal data: relate to a living individual individual can be identified fromthose data or from those dataand other information include any expression ofopinion about the individual Only disclose personal data ifconsent given to do so, and iflegally required to do soHandling personal data: processed fairly and lawfully obtained and processed forspecified purpose adequate, relevant and notexcessive for purpose accurate not kept longer than necessary processed in accordance with therights of data subjectse.g. right to be informed how data willbe used, stored, processed,transferred, destroyede.g. right to access info and data held kept secure not transferred abroad withoutadequate protection

Data Protection Act and research Exceptions for personal data collected as part ofresearch: can be retained indefinitely, if neededcan be used for other purposes in some circumstancespeople should still be informedfor anonymised data (personal identifiers removed) DPlaws will not apply as these no longer constitute‘personal data’ EU Data Protection Directive will be replaced by theGeneral Data Protection Regulation on May 25th 2018 directly binding on all member states (not via nationallegislation) – includes the UK key changes possible in: consent; rights of data subjects;international data transfer; sanctions; reuse for research

‘Sensitive data’Data regarding an individual's race or ethnic origin, politicalopinion, religious beliefs, trade union membership, physical ormental health, sex life, criminal proceedings or convictions (DPA,1998) Can only be processed for research purposes if: explicit consent (ideally in writing) has been obtained; or medical research by a health professional or equivalent with dutyof confidentiality; or analysis of racial / ethnic origins for purpose of equalopportunities monitoring; or in substantial public interest and not causing substantial damageand distress

Best practice for legal compliance Investigate early which laws apply to your data Do not collect personal or sensitive data if not essential toyour research Seek advice from you research office Plan early in research If you must deal with personal or sensitive data inform participants about how their data will be used remember: not all research data are personal (e.g.anonymised data are not personal)

Our advice to researchers Do not collect personal or sensitive data if not essential toyour research Plan early in research If you collect personal or sensitive data, inform participantshow their data will be used Not all research data are personal, e.g. anonymised dataare not personal

Options for sharing confidential data1. Obtain informed consent, also for data sharing andpreservation or curation2. Protect identities e.g. anonymisation, not collectingpersonal data3. Regulate access where needed (all or part of data) e.g.by group, use or time period Securely store personal or sensitive data

Informed Consent

Consent needed across the data life cycle Engagement in the research process decide who approves final versions of transcripts Dissemination in presentations, publications, the web decide who approves research outputs Data sharing and archiving consider future uses of dataAlways dependent on the research context – specialcases for covert research, verbal consent, etc.

A good information sheet & consent form Meets requirements of Data Protection laws purpose of the researchwhat is involved in participationbenefits and risksmechanism of withdrawalusage of data – for primary research and sharingstrategies to ensure confidentiality of data (anonymisation,access etc.) where this is relevant Need to balance as simple as possible complete for all purposes: use, publishing and sharing avoid excessive warnings UK Data Archive model consent amodelconsent.doc

Timing and form of consent -One-offSimpleLeast hassle toparticipantsResearch outputs not known inadvanceParticipants will not know all info theywill contributeProcessEnsures ‘active’consentMay not get all consent neededbefore losing contactRepetitive, can annoy participantsWrittenMore solid legal ground, e.g. participant has agreed todisclose confidential infoOften required by Ethics CommitteesOffers more protection for researcherNot possible for some cases: infirm, illegal activitiesVerbalCan be difficult to make all issues clear verballyPossibly greater risks for researcherBest if recorded

Right to withdraw Right to withdraw – one of key features of consent What about already collected data? not usually allowed, at least in most surveys What if project is longitudinal? permit withdrawal

In practice: wording in consent form /information sheet – interviews, photosWe expect to use your contributed information in various outputs,including a report and content for a website. Extracts of interviewsand some photographs may both be used. We will get yourpermission before using a quote from you or a photograph of you.After the project has ended, we intend to archive the interviews at . Then the interview data can be disseminated for reuse by otherresearchers, for research and learning purposes.The interviews will be archived at . and disseminated soother researchers can reuse this information for research andlearning purposes: I agree for the audio recording of my interview to bearchived and disseminated for reuse I agree for the transcript of my interview to be archived anddisseminated for reuse I agree for any photographs of me taken during interview tobe archived and disseminated for reuse

In practice: wording in consent form /information sheet –focus groupAny personal informationthat could identify you willbe removed or changedbefore files are sharedwith other researchers orresults are made al/consent-data-sharing/consent-forms.aspx

In practice:wording in introductory letter– datamanage-ment/confientiality/conflanguage.html

Audio-visual dataDigital manipulation of audio and image files can removepersonal identifierse.g. voice alteration, image blurring (e.g. of faces)Labour intensive, expensive, may damage researchpotential of dataBetter: to obtain consent to use and share data unaltered forresearch purposes to avoid mentioning disclosing information during audiorecordings

Special cases of consentChildren Aged 16 and above can give their own consentIf minor is competent, need consent from child, and parent/guardianGillick principle – even children under 16 can consent to medical treatment, without parentalconsentEmployees Employee may owe duty of confidentiality to employerVulnerable participants, disabilities of any kind Need to balance protection from harm with right to participateCriminal activities Usually no obligation to disclose, unless investigation is activeInternet, blog, social media – “New social media, new social science?” orts/ethics2.pdfRetrospective consent; covert research, observational experiments

Anonymisation

Why anonymise research data?Ethical reasons protect people’s identity (sensitive, illegal, confidentialinfo) disguise research locationLegal reasons not to disclose personal data (DPA)Commercial reasonsDiscuss with your research participants

Identity disclosureA person’s identity can be disclosed through: direct identifierse.g. name, address, postcode, telephone number,voice, pictureoften NOT essential research information(administrative) indirect identifiers – possible disclosure incombination with other informatione.g. occupation, geography, unique or exceptionalvalues (outliers) or characteristics

Anonymising quantitative data remove direct identifierse.g. names, address, institution, photo reduce the precision / detail of a variable through aggregatione.g. birth year vs. date of birth, occupational categories, area ratherthan village generalise meaning of detailed text variablee.g. occupational expertise restrict upper lower ranges of a variable to hide outlierse.g. income, age combining variablese.g. creating non-disclosive rural / urban variable from place variables

Anonymising qualitative data plan or apply editing at time of transcriptionexcept: longitudinal studies - anonymise when data collection complete(linkages) avoid blanking out; use pseudonyms or replacements avoid over-anonymising – removing / aggregating information in text candistort data, make them unusable, unreliable or misleading consistency within research team and throughout project. identify replacements, e.g. with [brackets] keep anonymisation log of all replacements, aggregations or removalsmade – keep separate from anonymised data files

Anonymising qualitative dataExample: Anonymisation log interview transcriptsInterview / PageInt1p1p1p2p2Int2p1OriginalChanged toSpainE-print Ltd20th JuneAmyEuropeanPrintingJuneMoiraFrancismy friendP31. Joan MaryP97. Carol {Mother}P34. Colchester {Town in S.E.England}P65. Welshpool High School @@##High School##@@

In practice: example anonymisation

In practice: example anonymisation

What if anonymising is impossible? Obtain consent for sharing non-anonymiseddata and / or Regulate or restrict user access

Access Controls

Managing access to dataOpen available for download / online access under openlicence without any registrationSafeguarded available for download / online access to logged-inusers who have registered and agreed to an EndUser Licence (e.g. not identify any potentiallyidentifiable individuals) special agreements (depositor permission;approved researcher) embargo for fixed time periodControlled available for remote or safe room access toauthorised and authenticated users whose researchproposal has been and who have received training

Open about data with access restrictions Publish or advertise: which data existwhere data are kept, e.g. which repositorywho can access themfor which purposeunder which conditions

In practice: data with access conditionsHealth and Social Consequences of the Foot and Mouth DiseaseEpidemic in North Cumbria, 2001-2003 (study 5407 in UK Data Archivecollection) by M. Mort, Lancaster University, Institute for HealthResearch. Interviews (audio and transcript) and written diaries with 54 people 40 interview and diary transcripts are archived and available for reuse by registered users (Safeguarded) 3 interviews and 5 diaries were embargoed until 2015 (Safeguarded– Embargoed) Audio files archived and only available by permission fromresearchers (Safeguarded – Special sn 07userguide.pdf

Working with RECs / IRBs

Data sharing and research ethics committees REC / IRBs are responsible for safeguarding participants fromharm and ensuring ethical research and protecting homeinstitutions, but are not always informed about sharing There can be perceived tensions between data sharing andprotection We try to ensure that REC / IRBs understand that: anonymised data are not subject to data protection laws most funders require or encourage data to be shared most research data can be shared procedures (consent, anonymisation, regulating access) areavailable to enable ethical sharing data archives ensure ethical re-use of research data, protectionof participants and safeguarding of personal data

Conclusion Always consider anonymisation of research datatogether with consent agreements and accessrestrictions Regulating or restricting user access may offer bettersolution than anonymising Avoid collecting data that need anonymisatione.g. do not ask for full names if they later need to beremoved from data Maintain maximum information Retain unedited versions of data for preservation Plan anonymising at start of research, not at the end

QuestionsContact details:Collections Development and Producer Relations teamUK Data ServiceUniversity of Essexukdataservice.ac.uk/help/get-in-touch

Ethical obligations and data sharing Research with human participants usually requires ethical review (Research Ethics Committee) Ethical conduct in research and protection of safety, rights and well-being of research participants - 'do no harm' Data archives such as UK Data Archive facilitate ethical

Related Documents:

Chapter Chapter 5 5 Ethical and Social Issues in the Digital FirmEthical and Social Issues in the Digital Firm UNDERSTANDING ETHICAL AND SOCIAL ISSUES RELATED TO SYSTEMS Key Technology Trends Raise Ethical Issues (Continued) Rapidly declining data storage costs: Lowers the tf ti h ti ldtb Key Technology Trends Raise Ethical Issues (Continued)

A Model for Thinking About Ethical, Social, and Political Issues Five Moral Dimensions of the Information Age Key Technology Trends that Raise Ethical Issues 4.2 ETHICS IN AN INFORMATION SOCIETY Basic Concepts; Responsibility, Accountability, Liability Ethical Analysis Candidate Ethical Principles Professional Codes of Conduct

Ethical, Legal, and Social Issues Discussion Vignettes National DNA Day. April 25, 2008. Ethical, Legal, and Social Issues Genetics is a complex field both scientifically and socially How will society respond to the implications of genetic information?

Card 3: Legal / Ethical Concerns Write 1-2 sentences about : "Legal issues the case raises "Ethical issues the case raises (to you or others) _ Slide # 9 Card 4: Outcomes Write 1-2 sentences about what you would like to happen. _

Malaysian setting and ethical principles in counseling practices. The main objective of this paper is to apply the code of ethics and ethical principles in solving ethical issues. The impending conclusion and implication will also be discussed. Keyword: Code of ethics, Ethical Principles, Counselor, Board of Counselor, Counseling 1. Introduction

Key Technology Trends That Raise Ethical Issues Advances in data analysis techniques Companies can analyze vast quantities of data gathered on individuals for: Understanding Ethical and Social Issues Related to Systems Essentials of Business Information Systems Ethical and Social Issues in Information Systems 7.15 2007 by Prentice .

UK Data Service – Big data and data sharing: Ethical issues This a brief introduction to ethical issues arising in social research with big data. It is not comprehensive, instead, it emphasises ethical issues that are most germane to data curation and data sharing.

Illustration by: Steven Birch, Mary Peteranna Date of Fieldwork: 9-18 February 2015 Date of Report: 17th March 2015 Enquiries to: AOC Archaeology Group Shore Street Cromarty Ross-shire IV11 8XL Mob. 07972 259 255 E-mail inverness@aocarchaeology.com This document has been prepared in accordance with AOC standard operating procedures. Author: Mary Peteranna Date: 24/03/2015 Approved by: Martin .