Horrific stories in history of how humans were treated on levels that defy today’s standards of basic human decency have taught us about the importance of ethics in human studies. Mistreatment of human participants in the past set up the framework and guidelines we use now to measure ethical performance. Researchers must be extremely cautious about how they set up and conduct their experiments, always keeping patient dignity and privacy at the forefront of their decisions.
Behavioral choices are an internal action on the part of the scientist themselves, but how the privacy and anonymity of the patient are handled is on the clinical end. Each person involved in dealing with the data, from the scholar to the data steward, has a role to play in ensuring everything is securely handled. At the basic level, when data is anonymized and de-identified, human study participants are more likely to have their sensitive information protected.
What Do “Anonymizing” and “De-Identifying” Mean?
The two terms “anonymization” and “de-identification” sound similar, but the meanings can be different depending on the context in which they are used. Each higher education institution will include some form of these terms in their policies and procedures. In general, the definitions are as follows:
● Anonymization - When all information that could be used to identify an individual is removed completely, the data is said to be anonymized. This happens in the event that a name or other personally identifiable info is turned into aggregated data instead. Once it becomes anonymized, there is no way for the information to be associated with any one individual because all of the personally identifying factors have been stripped completely.
● De-identification: This term refers to the removal of any personally identifying information to protect the participant’s privacy. It doesn’t have to be anonymized. In fact, once the info is de-identified, the source can always be traced back to the individual in question down the line if necessary. The de-identified info becomes a subset of a larger set of data, but the personal elements are stripped away from the subset. This is frequently used in the medical field in order to comply with the Health Insurance and Portability Accountability Act (HIPAA). De-identified data can be used to share information without limits for public knowledge and research.
While the two terms are very similar, the distinction between them is crucial. Anonymized data can never be traced to its source, while de-identified data can be reused if necessary from the original data set.
How to Ensure Your Participant’s Data is Secure
If you’re involved in a study in which humans participate at any level, you must know the regulations you have to follow. Start with your data steward in the institution to ensure you’re adhering to institutional policies, but always follow up with checking regulations for sharing data within cross- and international institutions. These may not align with your institution’s policies. The European Union (EU), for one, refuses to allow secondary usage of any person-specific data unless the individual has specifically consented to it, unless the data is no longer identifiable.
The Data Protection Directive and other frameworks give basic guidelines to follow to ensure your data is protected. At a minimum, you should be using the de-identification standards set forth by HIPAA and those offered by the Office for Civil Rights. These policies are used as frameworks for regulations all over the world, so if you’re following them, you can feel confident that you’re on the right track.
As a rule, always make sure your data labeling, storage, and use follow best practices. The information should never be able to identify an individual, especially if it is including health data.