ACN - 101321555 Australasian Human Research Ethics Consultancy Services Pty Ltd (AHRECS)
Search
Generic filters
Exact text matches only
Search into
Filter by Categories
Research integrity
Filter by Categories
Human Research Ethics

Resource Library

Research Ethics MonthlyAbout Us

Data

Australasian Human Research Ethics Consultancy Services Pty Ltd (AHRECS)

The Ethics and Politics of Qualitative Data Sharing0

 

Mark Israel (AHRECS and Murdoch University) and Farida Fozdar (The University of Western Australia).

There is considerable momentum behind the argument that public data is a national asset and should be made more easily available for research purposes. In introducing the Data Sharing and Release Legislative Reforms Discussion Paper in September 2019, the Australian Commonwealth Minister for Government Services argued that proposed changes to data use in the public sector would mean that

Australia’s research sector will be able to use public data to improve the development of solutions to public problems and to test which programs are delivering as intended—and which ones are not.

Data reuse is seen as a cost-efficient use of public funds, reducing the burden on participants and communities. And, the argument is not restricted to government.  Journals, universities and funding agencies are increasingly requiring social scientists to make their data available to other researchers, and even to the public, in the interests of scientific inquiry, accountability, innovation and progress. For example, the Research Councils United Kingdom (RCUK) takes the benefits associated with data sharing for granted

Publicly-funded research data are a public good, produced in the public interest; Publicly-funded research data should be openly available to the maximum extent possible.

In Australia, both the National Health and Medical Research Council (NHMRC) and the Australian Research Council (ARC) have adopted open access policies that apply to research funded by those councils. While the ARC policy only refers to research outputs and excludes research data and research data outputs, the NHMRC strongly encourages open access to research data.

And yet, several social researchers have argued that data sharing requirements, developed in the context of medical research using quantitative data, may be inappropriate for qualitative research. Their arguments rest on a mix of ethical, practical and legal grounds.

In an article entitled ‘Whose Data Are They Anyway?’, Parry and Mauthner (2004) recognised unique issues associated with archiving qualitative data. The main considerations are around confidentiality (is it possible to anonymise the data by changing the details without losing validity) and informed consent (can participants know and consent to all potential future uses of their data at a single point in time?, and alternatively what extra burden do repeated requests for consent place on participants?).

There is also the more philosophical issue of the reconfiguration of the relationship between researchers and participants including moral responsibilities and commitments, potential violations of trust, and the risk of data misrepresentation. There are deeper epistemological issues, including the joint construction of qualitative data, and the reflexivity involved in preparing data for secondary analysis. As a result, Mauthner (2016) critiqued ‘regulation creep’ whereby regulators in the United Kingdom have made data sharing a moral responsibility associated with ethical research, when in fact it may be more ethical not to share data.

In addition, there is a growing movement to recognise the rights of some communities to control their own data. Based on the fundamental principle of self-determination, some Indigenous peoples have claimed sovereignty over their own data: ‘The concept of data sovereignty, … is linked with indigenous peoples’ right to maintain, control, protect and develop their cultural heritage, traditional knowledge and traditional cultural expressions, as well as their right to maintain, control, protect and develop their intellectual property over these.’ (Tauli-Corpuz, in Kukutai and Taylor, 2016:xxii). The goal is that its use should enhance self-determination and development.

To be fair to both the Commonwealth Minister and the RCUK, each recognises that data sharing should only occur prudently and safely and acknowledges that the benefits of sharing need to be balanced against rights to privacy (the balance proposed for earlier Australian legislative proposals have already been subjected to academic critique). The challenge is to ensure that our understanding of how these competing claims should be assessed is informed by an understanding of the nature of qualitative as well as quantitative data, of how data might be co-constructed or owned, of the cultural sensitivity that might be required to interpret and present it, and the damage that might be done as a result of misuse or  misrepresentation.

Acknowledgements
This article draws on material drafted for Fozdar and Israel (under review).
.

References:

Fozdar, F. and Israel, M. (under review) Sociological ethics. In Mackay, D. and Iltis, A. (eds) The Oxford Handbook of Research Ethics. Oxford: Oxford University Press.

Kukutai, T. and Taylor, J. (Eds.) (2016) Indigenous data sovereignty: Toward an agenda (Vol. 38). Canberra: ANU Press.

Mauthner, N.S. (2016) Should data sharing be regulated? In van den Hoonard, W. and Hamilton, A. (eds) The Ethics Rupture: Exploring alternatives to formal research-ethics review. University of Toronto Press. pp.206-229.

Parry, O. and Mauthner, N.S. (2004) Whose data are they anyway? Practical, legal and ethical issues in archiving qualitative research data. Sociology, 38(1), 139-152.

This post may be cited as:
Israel, M. & Fozdar, F. (5 February 2020) The Ethics and Politics of Qualitative Data Sharing. Research Ethics Monthly. Retrieved from: https://ahrecs.com/human-research-ethics/the-ethics-and-politics-of-qualitative-data-sharing

Ethics, Security and Privacy – the Bermuda Triangle of data management?0

 

Malcolm Wolski and Andrew Bowness
Griffith University

 

To manage sensitive research data appropriately, ethics, security and privacy requirements need to be considered. Researchers are traditionally familiar with ethics, but often have not considered the privacy and security pieces of the puzzle. Our reasons for making this statement are:

  • IT products used in research change rapidly
  • Legislation changes rapidly and there are jurisdictional issues
  • Most researchers are not legal or IT experts
  • No one teaches them enough basics to know what is risky behaviour

The recent revision to the Australian Code for the Responsible Conduct of Research (2018) on Management of Data and Information in Research highlights that it is not just the responsibility of a university to use best practice, but it is also the responsibility of the researcher. The responsible conduct of research includes within its scope the appropriate generation, collection, access, use, analysis, disclosure, storage, retention, disposal, sharing and re-use of data and information. Researchers have a responsibility to make themselves aware of the requirements of any relevant codes, legislation, regulatory, contractual or consent agreements, and to ensure they comply with them.

It’s a complex world

However, this is becoming an increasingly more complex environment for researchers. First, privacy legislation is dependent on jurisdiction of participants. For one example, a research project involving participants in Queensland is impacted by not only the Australian Privacy Act but also the Queensland version (Information Privacy Act 2009 Qld), and, if a participant or collaborator is an EU citizen, the General Data Protection Regulation (EU GDPR).

Secondly, cybersecurity and information security activities in universities have increased dramatically in recent times because of publicised data breaches and the impact of data breach legislation. If your research involves foreign citizens, you may also find foreign legislation impacting the type of response required.

Thirdly, funding agencies, such as government departments are increasingly specifying security and privacy requirements in tender responses and contracts.

These are having an impact on research project governance and practices, particularly for projects where the researcher has identified they are working with sensitive data. While the conversation typically focuses on data identified under the privacy acts as sensitive (e.g. Personally Identifiable Information (Labelled) under the Australian Privacy Act), researchers handle a range of data they may wish to treat as sensitive, whether for contractual reasons (e.g. participant consent, data sharing agreements) or for other reasons (e.g. ethical or cultural).

We have noticed an increasing trend within institutions where researchers are being required to provide more information on how they manage data as specified in a proposal or in a data sharing agreement. This typically revolves around data privacy and security, which is different from the ethics requirements.

What does “security” and “privacy” mean to the practitioner

IT security is more about minimising attack points though process or by using IT solutions to prevent or minimise the impacts of hostile acts or alternatively minimise impacts though misadventure (e.g. leaving a laptop on a bus). Data security is more in the sphere of IT and not researchers. This is reflected in which software products, systems and storage are “certified” to be safely used for handling and managing data classified as sensitive. IT usually also provides the identity management systems used to share data.

We have also noticed that researchers are relying on software vendors’ website claims about security and privacy which is problematic because most cloud software is running from offshore facilities which do not comply with Australian privacy legislation. Unless you are an expert in both Australian legislation and cybersecurity you need to rely on the expertise of your institutional IT and cybersecurity teams to verify vendors’ claims.

In the current environment, data privacy is more about mandated steps and activities designed to force a minimal set of user behaviours to prevent harm caused through successful attacks or accidental data breaches. It usually involves punishment to force good behaviour (e.g. see Data Breach Legislation for late reporting). Typically, data privacy is more the responsibility of the researcher. It usually involves governance processes (e.g. who has been given access to what data) or practices (e.g. what software products the team actually uses to share and store data).

What we should be worrying about

The Notifiable Data Breaches Statistics Report: 1 April to 30 June 2019 highlighted that only 4% of breaches, out of 254 notifications, were due to system faults, but 34% were due to human error and 62% due to malicious or criminal acts. Based on these statistics, the biggest risk associated with data breaches is where the data is in the hands of the end-user (i.e. the researcher) not with the IT systems themselves.

We argue the risks are also greater in research than the general population because of a number of factors such as the diversity of data held (e.g. data files, images, audio etc), the fluidity of the team membership, teams often being made up of staff across department and institutional boundaries, mobility of staff, data collection activities offsite, and the range of IT products needed in the research process.

For this discussion, the focus is on the governance and practice factor within the research project team and how this relates back to the ethics requirements when it has been highlighted that the project will involve working with sensitive data.

Help!!

We have worked closely with researcher groups for many years and have noticed a common problem. Researchers are confronted with numerous legislative, regulatory, policy and contractual requirements all written in terminology and language that bears little resemblance with what happens in practice. For example, to comply with legislation:

  • what does sending a data file “securely” over the internet actually look like in practice and which IT products are “safe”?
  • Is your university-provided laptop with the standard institutional image certified as “safe” for data classified as private? How do you know?
  • Is your mobile phone a “safe” technology to record interviews or images classified as private data? What is a “safe” technology for field work?

Within the university sector a range of institutional business units provide support services. For example, IT may provide advice assessing the security and privacy compliance of software, networked equipment or hardware infrastructure and the library may provide data management advice covering sensitive data. At our institution, Griffith University, the eResearch Services and the Library Research Services teams have been working closely with research groups to navigate their way through this minefield to develop standard practices fit for their purpose.

What we think is the best way forward

Our approach is to follow the Five Safes framework which has also been adopted by the Office of the National Data Commissioner. For example:

  • Safe People Is the research team member appropriately authorised to access and use specified data i.e. do you have a documented data access plan against team roles and a governance/induction process to gain access to restricted data?
  • Safe Projects Is the data to be used for an appropriate purpose i.e. do you have copies of the underlying data sharing/consent agreements, contracts, documents outlining ownership and licensing rights?
  • Safe Settings Does the access environment prevent unauthorised use i.e. do IT systems and processes support this and are access levels checked regularly?
  • Safe Data Has appropriate and sufficient protection been applied to the data i.e. what is it and does it commensurate with the level of risk involved?
  • Safe Outputs Are the statistical results non-disclosive or have you checked rights/licensing issues?

Expect to see a lot more of the Five Safes approach in the coming years.

References

Hardy, M. C., Carter, A., & Bowden, N. (2016). What do postdocs need to succeed? A survey of current standing and future directions for Australian researchers.2, 16093. https://doi.org/10.1057/palcomms.2016.93

Meacham, S. (2016). The 2016 ASMR Health and Medical Research Workforce Survey. Australian Society of Medical Research.

Contributors

Malcolm Wolski, Director eResearch Services, Griffith University

Andrew Bowness, Manager, Support Services, eResearch Services, Griffith University

This post may be cited as:
Wolski, M. and Bowness, A. (29 September 2019) Ethics, Security and Privacy – the Bermuda Triangle of data management?. Research Ethics Monthly. Retrieved from: https://ahrecs.com/research-integrity/ethics-security-and-privacy-the-bermuda-triangle-of-data-management

Griffith University’s implementation of the Australian Code (2018)0

 

Dr Amanda Fernie, Manager Research Ethics & Integrity, Griffith University Dr Gary Allen, Senior Policy Officer, Griffith University

AUSTRALIAN CODE (2007)

At Griffith University, the implementation, operation, investigations and related professional development of/for the 2007 edition of the Australian Code for the Responsible Conduct of Research is the responsibility of the Research Ethics & Integrity team in the Office for Research.

The Griffith University Code for the Responsible Conduct of Research was the University’s policy implementation of the Australian Code (2007) and it was supplemented by the Research Integrity Resource Sheet (RIRS) series. The Griffith University Code was largely a direct repeat of the Australian Code into Griffith University policy. The RIRS is a series of short (most are four pages) guidance documents that provide practical tips related to the University’s implementation of Part A and Part B of Australian Code (2007).

IMPLEMENTING THE AUSTRALIAN CODE (2018)

This is the first post in the series about institutions implementing the Australian Code (2018). We’d love to hear about your instution’s progress and story. Email us at IntegrityStory@ahrecs.com to discuss logistics.

At the outset, Griffith University decided to give its Research Integrity Adviser (RIA) network a more collegiate advisory role, and while RIAs were made available to advise complainants and respondents, or parties in a dispute, their primary role was providing advice and suggestions.
.
Professional development workshops on research integrity for new HDR candidates were conducted a few times a year (as part of the orientation) and were co-facilitated by the Office for Research and the Griffith Graduate Research School. Workshops on research integrity were also conducted for new HDR Supervisors as part of their accreditation. Since 2007, professional development workshops in Schools, Departments, Research Centres, Administrative units and Groups have been co-facilitated by the relevant RIA and a member of the Research Ethics & Integrity team.
.

APPROACH TO THE AUSTRALIAN CODE (2018)

.
Griffith University aims to have fully implemented the Australian Code (2018) by the end of March 2019. Griffith’s Research Committee has recommended to the Academic Committee that the redundant detail of the Griffith University Code be replaced by the Griffith University Responsible Conduct of Research policy. This policy articulates the University’s implementation of the principles and responsibilities of the Australian Code (2018), the role of the University’s collegiate RIAs, and the existence and role of the resource material that will be produced by the Office for Research.
Our Office for Research is currently liaising with the relevant parts of the University to determine who has control of:

.

Level 1 – Documents that refer to or link to the Australian Code, where a simple change to the reference/URL is required. Example: HDR candidate supervision policy.
.
Level 2 – Documents that derive authority from the Australian Code, where it will need to be determined if the Australian Code (2018) still directly provides that authority or if any changes are required. Example: Publication ethics standards.
.
Level 3 – Documents that copy, refer to or use a component of the Australian Code (2007), where it will need to be determined if the Australian Code (2018) still provides that component or if it needs to be replaced by institutional guidance.
.

The above work is underway and progressing well.
.
In the event new institutional guidance is required, it will be included in the updated RIRS series.
.

UPDATED RESEARCH INTEGRITY RESOURCE SHEETS

.
The following resource sheets are being produced:
.

  1. Introduction to research integrity at Griffith University
  2. Moving to the 2018 version of the Australian Code
  3. Planning and conducting a project responsibly
  4. Responsible research outputs
  5. Responsible data management
  6. Collaborative research: Hints and tips
  7. The responsible supervisor
  8. The responsible candidate
  9. Conflicts of interest
  10. Tips for peer review
  11. Disputes between researchers
  12. Investigations of alleged breaches of the Australian Code for the Responsible Conduct of Research
  13. Alleged breaches: Tips for complainants
  14. Alleged breaches: Tips for respondents
  15. Research Misconduct

.
Initially any ‘new’ guidance material will use text from Part A of the Australian Code for the Responsible Conduct of Research (2007), but the intention is to refine the material based on (sub)discipline and methodological feedback from the University’s research community, drawing from useful ideas from the Committee on Publication Ethics (COPE), International Committee of Medical Journal Editors (ICMJE), US Office of Research Integrity (ORI) and the UK Research Integrity Office.
.
As new good practice guides are released the relevant RIRS will be reviewed and updated as required.
Griffith University is taking a ‘learning institution’ approach to this material, where it is refined and improved over time based on user feedback and suggestions, institutional and (inter)national experience/events and changes in needs.
.
COMMUNICATION PLAN

.
The Office for Research is currently finalising a communication plan, in addition to regular updates to Research Committee, the RIA network and the areas of the University identified for the consultation above. This will include briefings for the Group Research Committees.
.

AWARENESS AND PROFESSIONAL DEVELOPMENT PLAN
.
Early in 2019, the Office for Research and RIAs will commence professional development activities to raise awareness and understanding of the national and international changes.
.

Amanda is happy to be contacted with any questions or suggestions about this work.
..

Contributors
Amanda Fernie, Griffith University | a.fernie@griffith.edu.au & Gary Allen, Griffith University

This post may be cited as:
Fernie, A. & Allen, G. (26  November 2018) Griffith University’s implementation of the Australian Code (2018). Research Ethics Monthly. Retrieved from: https://ahrecs.com/research-integrity/griffith-universitys-implementation-of-the-australian-code-2018
.
We invite debate on issues raised by items we publish. However, we will only publish debate about the issues that the items raise and expect that all contributors model ethical and respectful practice.

 

Release of the National Statement on Ethical Conduct in Human Research 2007 (updated 2018) – With interview0

 

The revised National Statement on Ethical Conduct in Human Research 2007 (updated 2018) was released on 9 July 2018.

.
Content of the updated National Statement

The National Statement consists of a series of guidelines made in accordance with the National Health and Medical Research Council Act 1992 and is subject to rolling review. This means that parts of the National Statement are updated as needed, in accordance with strategic planning, or in response to user feedback or national or international developments in research or ethics.

Since 2007, Section 3 of the National Statement has addressed ethical considerations specific to research methods or fields. The 2018 revision provides a new structure for Section 3, based on the elements of a research project (from conception to post-completion). The revised Section 3 begins with a chapter that addresses ethical issues in all research, followed by specialised guidance for research involving human biospecimens, genomics and xenotransplantation.

This approach emphasises that researchers, Human Research Ethics Committees (HRECs) and other users of the National Statement must take account of the principles and major themes in research ethics addressed in Sections 1 and 2 of the document as the foundation of the guidance in Section 3 and then, in turn, consider the guidance provided in Chapter 3.1 as a base for the guidance provided in the other chapters included in this section.

While significant changes have been made to all aspects of the guidance provided in Section 3, we note, in particular, the additional guidance that has been provided in relation to collection, use and management of data and information and to management of the findings or results arising from genomic research.

As part of this update, changes have also been made to Chapters 5.1, 5.2 and 5.5 in Section 5, the Glossary and the Index as a consequence of the revisions to Section 3.

Revisions to the National Statement were informed by working committees and through public consultation in accordance with requirements of the National Health and Medical Research Council Act 1992.

Currency and effective date

All users of the National Statement, including HRECs, research offices and researchers are expected to ensure that the current version of the National Statement is being used in developing research proposals, making submissions for ethics review and undertaking ethics review. However, as a consequence of the scope of the revisions to Section 3, we expect that users of the National Statement will gradually integrate these revisions into their proposals, submissions and review over the period from July to December 2018, with full implementation expected by 1 January 2019.

This timeline is intended to give researchers and HRECs an opportunity to familiarise themselves with the new guidance prior to the revocation of the version of the National Statement updated, most recently, in 2015. To facilitate this transition, both the current version of the National Statement and the updated version are available on the NHMRC website at http://nhmrc.gov.au/guidelines/publications/e72.

Use of the National Statement is also linked to the Human Research Ethics Application (HREA), released in December 2016 to replace the National Ethics Application Form.

To coincide with the release of the revised National Statement, questions in the HREA will require revision and users of the HREA will be advised when the revised HREA is online.

Institutions and HRECs are encouraged to allow a transition period for researchers while the revisions to the HREA take effect. The provision of a transition period, how it will be managed and its timeframe are at the discretion of individual Institutions/HRECs.

.

Context

Australia’s research integrity framework is underpinned by three national standards developed by NHMRC and its co-authors, the Australian Research Council (ARC) and Universities Australia (UA). Together these three standards provide guidance on responsible and ethical research conduct for both humans and animals.

The overarching document is the Australian Code for the Responsible Conduct of Research, 2018. The Code is the leading reference for researchers and institutions across all disciplines about the expectations for responsible research conduct and the handling of investigations into research misconduct. After 10 years in operation, the Code has been reviewed and the 2018 edition was released in June 2018. The other two documents are the National Statement and the Australian code for the care and use of animals for scientific purposes (also endorsed by CSIRO).


INTERVIEW

AHRECS (While we know it predated the recent work on s3) What drove the decision to conduct a rolling review, rather than a review of the entire document?

NHMRC During the revision of the National Statement that was completed in 2007, it was determined that a more flexible, more efficient approach to revising the document would be a good innovation. We wanted to be able to both respond to the needs of users for more limited changes – from a word, to a paragraph, to a single chapter – without having to review the whole document and to be able to integrate or modify the content in response to changes nationally or internationally in research, research ethics or government regulation. Review of the 1999 National Statement took three years from start to finish and we thought we could improve on that timeline! We have found that this approach has, in practice, enabled us to make both minor changes and significant changes to single chapters of the document, as well as to review one of the five sections of the document, as we have just done.

AHRECS Are there downsides to that approach?

NHMRC Yes, there are. The major downside is that the document is ‘of a piece’ and changes to any one part of the document invariably require consideration of changes to the other parts, not just in terms of cross-referencing, but in terms of the content itself. This issue of ‘consequential effect’ manifests itself in the need to ensure consistency in our guidance and to consider the impact on the whole document of more philosophical or conceptual changes that have been introduced by the changes. An example in the most recent revision of Section 3 is that our approach to interventional research in Section 3 had a ‘flow on’ effect to Section 5 in terms of where certain guidance belonged, how that guidance should reflect changes in the clinical research sector since 2007 and how it should reflect other guidance documents (e.g. related to safety reporting) that NHMRC has published in the last 12 months.

AHRECS What were you hoping to accomplish with the changes to section 3 (and Section 5 + the Glossary)? Was it achieved?

NHMRC Principally, we were hoping to facilitate a re-thinking on the part of users (researchers and HRECs, primarily) regarding how they conceptualise and address ethical issues in the design, review and conduct of the research. We began with a decision to abandon the idea of ‘categories’ or ‘types’ of research as the main way to package this guidance and to focus on the reality that most ethics guidance applies to ALL research, thereby requiring ALL researchers to consider it, rather than just going to their specialised chapter of the document and, potentially, ignoring the broader issues. We then settled on the ‘life cycle’ of a research project as the best structure – that is, from conception to post-completion stages of a research project. This also enabled us to see more clearly what was not general guidance and encapsulate that extra guidance in separate, specialised chapters that each required consideration of the general guidance as a prerequisite to fully understanding and implementing the specialised guidance content.

The changes that we made to Section 5 and the Glossary were a direct consequence of the revision of Section 3 and we purposefully did not introduce changes to those parts of the document that were independent of the Section 3 revision, even though it was pretty tempting to do so sometimes.

We do think that we achieved our objectives and we are very satisfied with the results of the review process.

AHRECS If you could say just one thing about the work to date what it be?

NHMRC Review of the National Statement, while challenging, involves very stimulating and satisfying dialogue with lots of researchers, reviewers and other users of the document. We are so committed to it that we are almost immediately taking on the review of Section 4 and Section 5 – so, watch this space!

AHRECS When someone says they would have liked examples to better illustrate the new concepts in the update how do you respond?

NHMRC A weaselly response would be: it depends on which new concepts you are talking about; but, to use one example, a good look at Chapter 3.3: Genomic research and the Decision tree for the management of findings in genomic research and health care that we included (on page 52) to address this complex issue provides just such an attempt to illustrate by example. The main impediment to using examples or case studies to illustrate concepts is the difficulty of deciding which concepts to illustrate and with how many examples, as well as potentially expanding the size of the document exponentially in order to do the examples justice.

AHRECS When will a html version be available online?

At present, the 2007 version of the National Statement (updated May 2015) is available in both PDF and HTML format; whereas the version updated 2018 is only available in PDF. We are not 100% sure when the HTML version of the National Statement (updated 2018) will be available, but we anticipate within the next two to three months. Please also note that the current address (https://beta.nhmrc.gov.au/about-us/publications/national-statement-ethical-conduct-human-research-2007-updated-2018#block-views-block-file-attachments-content-block-1) is only temporary, which means that you’ll need to update your bookmarks/links again when the final version of the new NHMRC website is released in late August or early September.


 

This post may be cited as:
NHMRC (31 July 2018) Release of the National Statement on Ethical Conduct in Human Research 2007 (updated 2018). Research Ethics Monthly. Retrieved from: https://ahrecs.com/human-research-ethics/release-of-the-national-statement-on-ethical-conduct-in-human-research-2007-updated-2018-with-interview

We invite debate on issues raised by items we publish. However, we will only publish debate about the issues that the items raise and expect that all contributors model ethical and respectful practice.

0