ACN - 101321555 Australasian Human Research Ethics Consultancy Services Pty Ltd (AHRECS)

Resource Library

Research Ethics MonthlyAbout Us

Data

Australasian Human Research Ethics Consultancy Services Pty Ltd (AHRECS)

Ethics, Security and Privacy – the Bermuda Triangle of data management?0

 

Malcolm Wolski and Andrew Bowness
Griffith University

 

To manage sensitive research data appropriately, ethics, security and privacy requirements need to be considered. Researchers are traditionally familiar with ethics, but often have not considered the privacy and security pieces of the puzzle. Our reasons for making this statement are:

  • IT products used in research change rapidly
  • Legislation changes rapidly and there are jurisdictional issues
  • Most researchers are not legal or IT experts
  • No one teaches them enough basics to know what is risky behaviour

The recent revision to the Australian Code for the Responsible Conduct of Research (2018) on Management of Data and Information in Research highlights that it is not just the responsibility of a university to use best practice, but it is also the responsibility of the researcher. The responsible conduct of research includes within its scope the appropriate generation, collection, access, use, analysis, disclosure, storage, retention, disposal, sharing and re-use of data and information. Researchers have a responsibility to make themselves aware of the requirements of any relevant codes, legislation, regulatory, contractual or consent agreements, and to ensure they comply with them.

It’s a complex world

However, this is becoming an increasingly more complex environment for researchers. First, privacy legislation is dependent on jurisdiction of participants. For one example, a research project involving participants in Queensland is impacted by not only the Australian Privacy Act but also the Queensland version (Information Privacy Act 2009 Qld), and, if a participant or collaborator is an EU citizen, the General Data Protection Regulation (EU GDPR).

Secondly, cybersecurity and information security activities in universities have increased dramatically in recent times because of publicised data breaches and the impact of data breach legislation. If your research involves foreign citizens, you may also find foreign legislation impacting the type of response required.

Thirdly, funding agencies, such as government departments are increasingly specifying security and privacy requirements in tender responses and contracts.

These are having an impact on research project governance and practices, particularly for projects where the researcher has identified they are working with sensitive data. While the conversation typically focuses on data identified under the privacy acts as sensitive (e.g. Personally Identifiable Information (Labelled) under the Australian Privacy Act), researchers handle a range of data they may wish to treat as sensitive, whether for contractual reasons (e.g. participant consent, data sharing agreements) or for other reasons (e.g. ethical or cultural).

We have noticed an increasing trend within institutions where researchers are being required to provide more information on how they manage data as specified in a proposal or in a data sharing agreement. This typically revolves around data privacy and security, which is different from the ethics requirements.

What does “security” and “privacy” mean to the practitioner

IT security is more about minimising attack points though process or by using IT solutions to prevent or minimise the impacts of hostile acts or alternatively minimise impacts though misadventure (e.g. leaving a laptop on a bus). Data security is more in the sphere of IT and not researchers. This is reflected in which software products, systems and storage are “certified” to be safely used for handling and managing data classified as sensitive. IT usually also provides the identity management systems used to share data.

We have also noticed that researchers are relying on software vendors’ website claims about security and privacy which is problematic because most cloud software is running from offshore facilities which do not comply with Australian privacy legislation. Unless you are an expert in both Australian legislation and cybersecurity you need to rely on the expertise of your institutional IT and cybersecurity teams to verify vendors’ claims.

In the current environment, data privacy is more about mandated steps and activities designed to force a minimal set of user behaviours to prevent harm caused through successful attacks or accidental data breaches. It usually involves punishment to force good behaviour (e.g. see Data Breach Legislation for late reporting). Typically, data privacy is more the responsibility of the researcher. It usually involves governance processes (e.g. who has been given access to what data) or practices (e.g. what software products the team actually uses to share and store data).

What we should be worrying about

The Notifiable Data Breaches Statistics Report: 1 April to 30 June 2019 highlighted that only 4% of breaches, out of 254 notifications, were due to system faults, but 34% were due to human error and 62% due to malicious or criminal acts. Based on these statistics, the biggest risk associated with data breaches is where the data is in the hands of the end-user (i.e. the researcher) not with the IT systems themselves.

We argue the risks are also greater in research than the general population because of a number of factors such as the diversity of data held (e.g. data files, images, audio etc), the fluidity of the team membership, teams often being made up of staff across department and institutional boundaries, mobility of staff, data collection activities offsite, and the range of IT products needed in the research process.

For this discussion, the focus is on the governance and practice factor within the research project team and how this relates back to the ethics requirements when it has been highlighted that the project will involve working with sensitive data.

Help!!

We have worked closely with researcher groups for many years and have noticed a common problem. Researchers are confronted with numerous legislative, regulatory, policy and contractual requirements all written in terminology and language that bears little resemblance with what happens in practice. For example, to comply with legislation:

  • what does sending a data file “securely” over the internet actually look like in practice and which IT products are “safe”?
  • Is your university-provided laptop with the standard institutional image certified as “safe” for data classified as private? How do you know?
  • Is your mobile phone a “safe” technology to record interviews or images classified as private data? What is a “safe” technology for field work?

Within the university sector a range of institutional business units provide support services. For example, IT may provide advice assessing the security and privacy compliance of software, networked equipment or hardware infrastructure and the library may provide data management advice covering sensitive data. At our institution, Griffith University, the eResearch Services and the Library Research Services teams have been working closely with research groups to navigate their way through this minefield to develop standard practices fit for their purpose.

What we think is the best way forward

Our approach is to follow the Five Safes framework which has also been adopted by the Office of the National Data Commissioner. For example:

  • Safe People Is the research team member appropriately authorised to access and use specified data i.e. do you have a documented data access plan against team roles and a governance/induction process to gain access to restricted data?
  • Safe Projects Is the data to be used for an appropriate purpose i.e. do you have copies of the underlying data sharing/consent agreements, contracts, documents outlining ownership and licensing rights?
  • Safe Settings Does the access environment prevent unauthorised use i.e. do IT systems and processes support this and are access levels checked regularly?
  • Safe Data Has appropriate and sufficient protection been applied to the data i.e. what is it and does it commensurate with the level of risk involved?
  • Safe Outputs Are the statistical results non-disclosive or have you checked rights/licensing issues?

Expect to see a lot more of the Five Safes approach in the coming years.

References

Hardy, M. C., Carter, A., & Bowden, N. (2016). What do postdocs need to succeed? A survey of current standing and future directions for Australian researchers.2, 16093. https://doi.org/10.1057/palcomms.2016.93

Meacham, S. (2016). The 2016 ASMR Health and Medical Research Workforce Survey. Australian Society of Medical Research.

Contributors

Malcolm Wolski, Director eResearch Services, Griffith University

Andrew Bowness, Manager, Support Services, eResearch Services, Griffith University

This post may be cited as:
Wolski, M. and Bowness, A. (29 September 2019) Ethics, Security and Privacy – the Bermuda Triangle of data management?. Research Ethics Monthly. Retrieved from: https://ahrecs.com/research-integrity/ethics-security-and-privacy-the-bermuda-triangle-of-data-management

Griffith University’s implementation of the Australian Code (2018)0

 

Dr Amanda Fernie, Manager Research Ethics & Integrity, Griffith University Dr Gary Allen, Senior Policy Officer, Griffith University

AUSTRALIAN CODE (2007)

At Griffith University, the implementation, operation, investigations and related professional development of/for the 2007 edition of the Australian Code for the Responsible Conduct of Research is the responsibility of the Research Ethics & Integrity team in the Office for Research.

The Griffith University Code for the Responsible Conduct of Research was the University’s policy implementation of the Australian Code (2007) and it was supplemented by the Research Integrity Resource Sheet (RIRS) series. The Griffith University Code was largely a direct repeat of the Australian Code into Griffith University policy. The RIRS is a series of short (most are four pages) guidance documents that provide practical tips related to the University’s implementation of Part A and Part B of Australian Code (2007).

IMPLEMENTING THE AUSTRALIAN CODE (2018)

This is the first post in the series about institutions implementing the Australian Code (2018). We’d love to hear about your instution’s progress and story. Email us at IntegrityStory@ahrecs.com to discuss logistics.

At the outset, Griffith University decided to give its Research Integrity Adviser (RIA) network a more collegiate advisory role, and while RIAs were made available to advise complainants and respondents, or parties in a dispute, their primary role was providing advice and suggestions.
.
Professional development workshops on research integrity for new HDR candidates were conducted a few times a year (as part of the orientation) and were co-facilitated by the Office for Research and the Griffith Graduate Research School. Workshops on research integrity were also conducted for new HDR Supervisors as part of their accreditation. Since 2007, professional development workshops in Schools, Departments, Research Centres, Administrative units and Groups have been co-facilitated by the relevant RIA and a member of the Research Ethics & Integrity team.
.

APPROACH TO THE AUSTRALIAN CODE (2018)

.
Griffith University aims to have fully implemented the Australian Code (2018) by the end of March 2019. Griffith’s Research Committee has recommended to the Academic Committee that the redundant detail of the Griffith University Code be replaced by the Griffith University Responsible Conduct of Research policy. This policy articulates the University’s implementation of the principles and responsibilities of the Australian Code (2018), the role of the University’s collegiate RIAs, and the existence and role of the resource material that will be produced by the Office for Research.
Our Office for Research is currently liaising with the relevant parts of the University to determine who has control of:

.

Level 1 – Documents that refer to or link to the Australian Code, where a simple change to the reference/URL is required. Example: HDR candidate supervision policy.
.
Level 2 – Documents that derive authority from the Australian Code, where it will need to be determined if the Australian Code (2018) still directly provides that authority or if any changes are required. Example: Publication ethics standards.
.
Level 3 – Documents that copy, refer to or use a component of the Australian Code (2007), where it will need to be determined if the Australian Code (2018) still provides that component or if it needs to be replaced by institutional guidance.
.

The above work is underway and progressing well.
.
In the event new institutional guidance is required, it will be included in the updated RIRS series.
.

UPDATED RESEARCH INTEGRITY RESOURCE SHEETS

.
The following resource sheets are being produced:
.

  1. Introduction to research integrity at Griffith University
  2. Moving to the 2018 version of the Australian Code
  3. Planning and conducting a project responsibly
  4. Responsible research outputs
  5. Responsible data management
  6. Collaborative research: Hints and tips
  7. The responsible supervisor
  8. The responsible candidate
  9. Conflicts of interest
  10. Tips for peer review
  11. Disputes between researchers
  12. Investigations of alleged breaches of the Australian Code for the Responsible Conduct of Research
  13. Alleged breaches: Tips for complainants
  14. Alleged breaches: Tips for respondents
  15. Research Misconduct

.
Initially any ‘new’ guidance material will use text from Part A of the Australian Code for the Responsible Conduct of Research (2007), but the intention is to refine the material based on (sub)discipline and methodological feedback from the University’s research community, drawing from useful ideas from the Committee on Publication Ethics (COPE), International Committee of Medical Journal Editors (ICMJE), US Office of Research Integrity (ORI) and the UK Research Integrity Office.
.
As new good practice guides are released the relevant RIRS will be reviewed and updated as required.
Griffith University is taking a ‘learning institution’ approach to this material, where it is refined and improved over time based on user feedback and suggestions, institutional and (inter)national experience/events and changes in needs.
.
COMMUNICATION PLAN

.
The Office for Research is currently finalising a communication plan, in addition to regular updates to Research Committee, the RIA network and the areas of the University identified for the consultation above. This will include briefings for the Group Research Committees.
.

AWARENESS AND PROFESSIONAL DEVELOPMENT PLAN
.
Early in 2019, the Office for Research and RIAs will commence professional development activities to raise awareness and understanding of the national and international changes.
.

Amanda is happy to be contacted with any questions or suggestions about this work.
..

Contributors
Amanda Fernie, Griffith University | a.fernie@griffith.edu.au & Gary Allen, Griffith University

This post may be cited as:
Fernie, A. & Allen, G. (26  November 2018) Griffith University’s implementation of the Australian Code (2018). Research Ethics Monthly. Retrieved from: https://ahrecs.com/research-integrity/griffith-universitys-implementation-of-the-australian-code-2018
.
We invite debate on issues raised by items we publish. However, we will only publish debate about the issues that the items raise and expect that all contributors model ethical and respectful practice.

 

Release of the National Statement on Ethical Conduct in Human Research 2007 (updated 2018) – With interview0

 

The revised National Statement on Ethical Conduct in Human Research 2007 (updated 2018) was released on 9 July 2018.

.
Content of the updated National Statement

The National Statement consists of a series of guidelines made in accordance with the National Health and Medical Research Council Act 1992 and is subject to rolling review. This means that parts of the National Statement are updated as needed, in accordance with strategic planning, or in response to user feedback or national or international developments in research or ethics.

Since 2007, Section 3 of the National Statement has addressed ethical considerations specific to research methods or fields. The 2018 revision provides a new structure for Section 3, based on the elements of a research project (from conception to post-completion). The revised Section 3 begins with a chapter that addresses ethical issues in all research, followed by specialised guidance for research involving human biospecimens, genomics and xenotransplantation.

This approach emphasises that researchers, Human Research Ethics Committees (HRECs) and other users of the National Statement must take account of the principles and major themes in research ethics addressed in Sections 1 and 2 of the document as the foundation of the guidance in Section 3 and then, in turn, consider the guidance provided in Chapter 3.1 as a base for the guidance provided in the other chapters included in this section.

While significant changes have been made to all aspects of the guidance provided in Section 3, we note, in particular, the additional guidance that has been provided in relation to collection, use and management of data and information and to management of the findings or results arising from genomic research.

As part of this update, changes have also been made to Chapters 5.1, 5.2 and 5.5 in Section 5, the Glossary and the Index as a consequence of the revisions to Section 3.

Revisions to the National Statement were informed by working committees and through public consultation in accordance with requirements of the National Health and Medical Research Council Act 1992.

Currency and effective date

All users of the National Statement, including HRECs, research offices and researchers are expected to ensure that the current version of the National Statement is being used in developing research proposals, making submissions for ethics review and undertaking ethics review. However, as a consequence of the scope of the revisions to Section 3, we expect that users of the National Statement will gradually integrate these revisions into their proposals, submissions and review over the period from July to December 2018, with full implementation expected by 1 January 2019.

This timeline is intended to give researchers and HRECs an opportunity to familiarise themselves with the new guidance prior to the revocation of the version of the National Statement updated, most recently, in 2015. To facilitate this transition, both the current version of the National Statement and the updated version are available on the NHMRC website at http://nhmrc.gov.au/guidelines/publications/e72.

Use of the National Statement is also linked to the Human Research Ethics Application (HREA), released in December 2016 to replace the National Ethics Application Form.

To coincide with the release of the revised National Statement, questions in the HREA will require revision and users of the HREA will be advised when the revised HREA is online.

Institutions and HRECs are encouraged to allow a transition period for researchers while the revisions to the HREA take effect. The provision of a transition period, how it will be managed and its timeframe are at the discretion of individual Institutions/HRECs.

.

Context

Australia’s research integrity framework is underpinned by three national standards developed by NHMRC and its co-authors, the Australian Research Council (ARC) and Universities Australia (UA). Together these three standards provide guidance on responsible and ethical research conduct for both humans and animals.

The overarching document is the Australian Code for the Responsible Conduct of Research, 2018. The Code is the leading reference for researchers and institutions across all disciplines about the expectations for responsible research conduct and the handling of investigations into research misconduct. After 10 years in operation, the Code has been reviewed and the 2018 edition was released in June 2018. The other two documents are the National Statement and the Australian code for the care and use of animals for scientific purposes (also endorsed by CSIRO).


INTERVIEW

AHRECS (While we know it predated the recent work on s3) What drove the decision to conduct a rolling review, rather than a review of the entire document?

NHMRC During the revision of the National Statement that was completed in 2007, it was determined that a more flexible, more efficient approach to revising the document would be a good innovation. We wanted to be able to both respond to the needs of users for more limited changes – from a word, to a paragraph, to a single chapter – without having to review the whole document and to be able to integrate or modify the content in response to changes nationally or internationally in research, research ethics or government regulation. Review of the 1999 National Statement took three years from start to finish and we thought we could improve on that timeline! We have found that this approach has, in practice, enabled us to make both minor changes and significant changes to single chapters of the document, as well as to review one of the five sections of the document, as we have just done.

AHRECS Are there downsides to that approach?

NHMRC Yes, there are. The major downside is that the document is ‘of a piece’ and changes to any one part of the document invariably require consideration of changes to the other parts, not just in terms of cross-referencing, but in terms of the content itself. This issue of ‘consequential effect’ manifests itself in the need to ensure consistency in our guidance and to consider the impact on the whole document of more philosophical or conceptual changes that have been introduced by the changes. An example in the most recent revision of Section 3 is that our approach to interventional research in Section 3 had a ‘flow on’ effect to Section 5 in terms of where certain guidance belonged, how that guidance should reflect changes in the clinical research sector since 2007 and how it should reflect other guidance documents (e.g. related to safety reporting) that NHMRC has published in the last 12 months.

AHRECS What were you hoping to accomplish with the changes to section 3 (and Section 5 + the Glossary)? Was it achieved?

NHMRC Principally, we were hoping to facilitate a re-thinking on the part of users (researchers and HRECs, primarily) regarding how they conceptualise and address ethical issues in the design, review and conduct of the research. We began with a decision to abandon the idea of ‘categories’ or ‘types’ of research as the main way to package this guidance and to focus on the reality that most ethics guidance applies to ALL research, thereby requiring ALL researchers to consider it, rather than just going to their specialised chapter of the document and, potentially, ignoring the broader issues. We then settled on the ‘life cycle’ of a research project as the best structure – that is, from conception to post-completion stages of a research project. This also enabled us to see more clearly what was not general guidance and encapsulate that extra guidance in separate, specialised chapters that each required consideration of the general guidance as a prerequisite to fully understanding and implementing the specialised guidance content.

The changes that we made to Section 5 and the Glossary were a direct consequence of the revision of Section 3 and we purposefully did not introduce changes to those parts of the document that were independent of the Section 3 revision, even though it was pretty tempting to do so sometimes.

We do think that we achieved our objectives and we are very satisfied with the results of the review process.

AHRECS If you could say just one thing about the work to date what it be?

NHMRC Review of the National Statement, while challenging, involves very stimulating and satisfying dialogue with lots of researchers, reviewers and other users of the document. We are so committed to it that we are almost immediately taking on the review of Section 4 and Section 5 – so, watch this space!

AHRECS When someone says they would have liked examples to better illustrate the new concepts in the update how do you respond?

NHMRC A weaselly response would be: it depends on which new concepts you are talking about; but, to use one example, a good look at Chapter 3.3: Genomic research and the Decision tree for the management of findings in genomic research and health care that we included (on page 52) to address this complex issue provides just such an attempt to illustrate by example. The main impediment to using examples or case studies to illustrate concepts is the difficulty of deciding which concepts to illustrate and with how many examples, as well as potentially expanding the size of the document exponentially in order to do the examples justice.

AHRECS When will a html version be available online?

At present, the 2007 version of the National Statement (updated May 2015) is available in both PDF and HTML format; whereas the version updated 2018 is only available in PDF. We are not 100% sure when the HTML version of the National Statement (updated 2018) will be available, but we anticipate within the next two to three months. Please also note that the current address (https://beta.nhmrc.gov.au/about-us/publications/national-statement-ethical-conduct-human-research-2007-updated-2018#block-views-block-file-attachments-content-block-1) is only temporary, which means that you’ll need to update your bookmarks/links again when the final version of the new NHMRC website is released in late August or early September.


 

This post may be cited as:
NHMRC (31 July 2018) Release of the National Statement on Ethical Conduct in Human Research 2007 (updated 2018). Research Ethics Monthly. Retrieved from: https://ahrecs.com/human-research-ethics/release-of-the-national-statement-on-ethical-conduct-in-human-research-2007-updated-2018-with-interview

We invite debate on issues raised by items we publish. However, we will only publish debate about the issues that the items raise and expect that all contributors model ethical and respectful practice.

Australian Code 2018: What institutions should do next1

 

Gary Allen, Mark Israel and Colin Thomson

At first glance, there is much to be pleased about the new version of the Australian Code that was released on 14th June. A short, clear document that is based upon principles and an overt focus on research culture is a positive move away from the tight rules that threatened researchers and research offices alike for deviation from standards that might not be appropriate or even workable in all contexts.

The 2007 Code was rightly criticized on several grounds. First, weighing a system down with detailed rules burdened the vast majority with unneeded compliance for the recklessness and shady intentions of a very small minority. Second, there was reason to suspect the detailed rules did not stop the ‘bad apples’. Third, those detailed rules probably did not inspire early career researchers to engage with research integrity and embrace and embed better practice into their research activity. Finally, the Code did little to create an overall system able to undertake continuous improvement.

But, before we start to celebrate any improvements, we need to work through what has changed and what institutions and researchers need to do about it. And, then, maybe a quiet celebration might be in order.

Researchers have some fairly basic needs when it comes to research integrity. They need to know what they should do: first, as researchers and research supervisors in order to engage in good practice; second, if they encounter poor practice by another researcher; and, third, if other people complain about their practices.

The 2007 Australian Code offered some help with each of these. In some cases, this ‘help’ was structured as a requirement and over time was found wanting. The 2018 version appreciated that these questions might be basic but that the answers were often complex. The second and third questions are partly answered by the accompanying Guide to Managing and Investigating Potential Breaches of the Code (the Investigation Guide) and we’ll return to this. The answer to the first question is brief.

The Code begins to address responsibilities around research integrity through a set of eight principles that apply to researchers as well as their institutions: honesty; rigour; transparency; fairness; respect; recognition of the rights of Indigenous peoples to be engaged in research; accountability, and promotion of responsible research practices. Explicit recognition of the need to respect the rights of Aboriginal and Torres Strait Islander peoples did not appear in the 2007 version. There are 13 responsibilities specific to institutions. There are 16 responsibilities, specific to researchers, that relate to compliance with legal and ethical responsibilities, require researchers to ensure that they support a responsible culture of research, undertake appropriate training, provide mentoring, use appropriate methodology and reach conclusions that are justified by the results, retain records, disseminate findings, disclose and manage of conflicts of interest, acknowledge research contributions appropriately, participate in peer review and report breaches of research integrity.

In only a few cases might a researcher read these parts of the Code and conclude that the requirements are inappropriate. It would be a little like disagreeing with the Singapore Statement (the one on research integrity, not the recent Trump-Kim output). Mostly, the use of words like ‘appropriate’ within the Code (it appears three times in the Principles, twice in the responsibilities of institutions and five times in responsibilities of researchers) limit the potential for particular responsibilities to be over-generalised from one discipline and inappropriately transferred to others.

There are some exceptions, and some researchers may find it difficult to ‘disseminate research findings responsibly, accurately and broadly’, particularly if they are subject to commercial-in-confidence restrictions or public sector limitations, and we know that there are significant pressures on researchers to shape the list of authors in ways that may have little to do with ‘substantial contribution’.

For researchers, the Code becomes problematic if they go to it seeking advice on how they ought to behave in particular contexts. The answers, whether they were good or bad in the 2007 Code, are no longer there. So, a researcher seeking to discover how to identify and manage a conflict of interest or what criteria ought to determine authorship will need to look elsewhere. And, institutions will need to broker access to this information either by developing it themselves or by pointing to good sectoral advice from professional associations, international bodies such as the Committee for Publication Ethics, or the Guides that the NHMRC has indicated that it will publish.

We are told that the Australian Code Better Practice Guides Working Group will produce guides on authorship and data management towards the end of 2018 (so hopefully at least six months before the deadline of 1 July 2019 for institutions to implement the updated Australian Code). However, we do not know which other guides will be produced, who will contribute to their development nor, in the end, how useful they will be in informing researcher practice. We would hope that the Working Group is well progressed with the further suite if it is to be able to collect feedback and respond to that before that deadline.

There are at least eight areas where attention will be required. We need:

  1. A national standard data retention period for research data and materials.
  2. Specified requirements about data storage, security, confidentiality and privacy.
  3. Specified requirements about the supervision and mentoring of research trainees.
  4. A national standard on publication ethics, including such matters as republication of a research output.
  5. National criteria to inform whether a contributor to a research project could or should not be listed as an author of a research output.
  6. Other national standards on authorship matters.
  7. Specified requirements about a conflicts of interest policy.
  8. Prompts for research collaborations between institutions.

For each of those policy areas the following matters should be considered:

1. Do our researchers need more than the principle that appears in the 2018 Australian Code?

2. If yes, is there existing material upon which an institution’s guidance material can be based?

3. Who will write, consider and endorse the guidance material at a national or institutional level?

Many institutions will conclude it is prudent to wait until late 2018 to see whether the next two good practice guides are released and discover how much they cover. Even if they do so, institutions will also need to transform these materials into resources that can be used in teaching and learning at the levels of the discipline and do so in a way that builds the commitment to responsible conduct and the ethical imaginations of researchers rather than testing them on their knowledge of compliance matters.

Managing and Investigating Potential Breaches

The Code is accompanied by a Guide to Managing and Investigating Potential Breaches of the Code (the Investigation Guide). The main function of this Guide is to provide a model process for managing and investigating complaints or concerns about research conduct. However, before examining how to adopt that model, institutions need to make several important preliminary decisions.

First, to be consistent with the Code, the Guide states that institutions should promote a culture that fosters and values responsible conduct of research generally and develop, disseminate, implement and review institutional practices that promote adherence to the Code. Both of these will necessitate the identification of existing structures and processes and a thorough assessment to determine any changes that are needed to ensure that they fulfil these responsibilities.

This means that institutions must assess how their processes conform to the principles of procedural fairness and the listed characteristics of such processes. The procedural fairness principles are described as:

  • the hearing rule – the opportunity to be heard
  • the rule against bias – decisionmakers have no personal bias in the outcome
  • ‘the evidence rule – that decisions are based on evidence.

The characteristics require that an institution’s processes are: proportional; fair; impartial; timely; transparent, and confidential. A thorough review and, where necessary, revision of current practices will be necessary to show conformity to the Guide.

Second, when planning how to adopt the model, institutions need to consider the legal context as the Guide notes that enterprise bargaining agreements and student disciplinary processes may prevail over the Guide.

Third, the model depends on the identification of six key personnel with distinct functions. Some care needs to be taken to match the designated roles with the appropriate personnel, even if their titles differ from those in the model, in an institution’s research management structure. The six personnel are:

  • a responsible executive officer, who has final responsibility for receiving report and deciding on actions;
  • a designated officer, appointed to receive complaints and oversee their management;
  • an assessment officer or officers, who conduct preliminary assessments of complaints;
  • research integrity advisers, who have knowledge of, and promote adherence to, the Code and offer advice to those with concerns or complaints;
  • research integrity office, staff who are responsible for managing research integrity;
  • review officer, who has responsibility to receive requests for procedural review of an investigation.

Last, institutions must decide whether to use the term ‘research misconduct’ at all and, if so, what meaning to give to it. Some guidance is offered in a recommended definition of the term but, as noted above, this will need to be considered in the legal contexts of EBAs and student disciplinary arrangements.

Conclusion

The update to the Code provides a welcome opportunity to reflect on a range of key matters to promote responsible research. The use of principles and responsibilities and the style of the document offers a great deal of flexibility that permits institutions to develop their own thoughtful arrangements. However, this freedom and flexibility comes with a reciprocal obligation on institutions to establish arrangements that are in the public interest rather than ‘just’ complying with a detailed rule. We have traded inflexibility for uncertainty; what comes next is up to all of us.

Click here to read about the AHRECS Australian Code 2018 services

The Contributors
Gary Allen, Mark Israel and Colin Thomson – senior consultants AHRECS

This post may be cited as:
Allen G., Israel M. and Thomson C. (21 June 2018) Australian Code 2018: What institutions should do next. Research Ethics Monthly. Retrieved from: https://ahrecs.com/research-integrity/australian-code-2018-what-institutions-should-do-next

We invite debate on issues raised by items we publish. However, we will only publish debate about the issues that the items raise and expect that all contributors model ethical and respectful practice.

0