Privacy and Confidentiality

The criteria for IRB approval require that there are adequate provisions to protect the privacy of subjects and maintain the confidentiality of data. In addition, for certain research, the National Institutes of Health will issue a Certificate of Confidentiality (CoC) to provide additional privacy protections to human research participants.

Certificate of Confidentiality (CoC) Guidance – What is a CoC and how do I obtain one?

What is Privacy?

Privacy is the control over the extent, timing, and circumstances of sharing oneself (physically, behaviorally, or intellectually) with others. For example, persons may not want to be seen entering a place that might stigmatize them, such as a pregnancy counseling center clearly identified by signs on the front of the building. The evaluation of privacy also involves consideration of how the researcher accesses information from or about potential participants (e.g., recruitment process). IRB members consider strategies to protect privacy interests relating to contact with potential participants, and access to private information.

Privacy is...

  • About people
  • A sense of being in control of access that others have to ourselves
  • A right to be protected
  • Is in the eye of the participant, not the researcher or the IRB

What is Confidentiality?

Confidentiality pertains to the treatment of information that an individual has disclosed in a relationship of trust and with the expectation that it will not be divulged to others without permission in ways that are inconsistent with the understanding of the original disclosure.

During the informed consent process, if applicable, subjects must be informed of the precautions that will be taken to protect the confidentiality of the data and be informed of the parties who will or may have access (e.g., research team, FDA, OHRP). This will allow subjects to decide about the adequacy of the protections and the acceptability of the possible release of private information to the interested parties.


  • Is about identifiable data
  • Is an extension of privacy
  • Is an agreement about maintenance and who has access to identifiable data
  • In regard to HIPAA, protects patients from inappropriate disclosures of "Protected Health Information" (PHI)

Privacy is about people. Confidentiality is about data.

What Should Researchers Know?

The IRB must decide on a protocol-by-protocol basis whether there are adequate provisions to protect the privacy of subjects and to maintain the confidentiality of the identifiable data at each segment of the research from recruitment to maintenance of the data.

Issues Related to Privacy

In regard to privacy, the following issues should be considered and addressed in the protocol narrative as needed:

  • The proposed subject population?
    • What are the cultural norms of the proposed subject population? Some cultures are more private than others.
    • What are the ages of the proposed subject population? There may be age differences in privacy preferences (e.g., teenagers less forthcoming than older adults)
  • The proposed recruitment methods: How are potential participants identified and contacted?
    Acceptable methods:

    • advertisements, notices, and/or media
    • Send introduction letter to colleagues to distribute to eligible individuals – interested individuals contact researcher
    • Primary care staff contact those patients that qualify to determine interest

    Unacceptable methods:

    • search through medical records for qualified subjects or existing database (e.g., registry); then have a researcher with no previous contact with potential subject recruit; this method violates the individuals' privacy
    • recruit subjects immediately prior to sensitive or invasive procedure (e.g., in pre-op room)
    • retain sensitive information obtained at screening without the consent of those who either failed to qualify or refused to participate for possible future studies participation
  • Sensitivity of the information being collected – the greater the sensitivity, the greater the need for privacy
  • Method of data collection (focus group, individual interview, covert observation)
    • Will subjects feel comfortable providing the information in this manner?
    • If passively observing the subject; could the individual have an expectation of privacy (e.g., chat room for breast cancer patients)?
    • Will the researcher collect information about a third-party individual that is considered private (e.g., mental illness, substance abuse in family)? If yes, informed consent should be obtained from a third party?


Privacy is in the eye of the participant,
not the researcher or the IRB

Maintaining Confidentiality

Protocols should be designed to minimize the need to collect and maintain identifiable information about research subjects. If possible, data should be collected anonymously or the identifiers should be removed and destroyed as soon as possible and access to research data should be based on a “need to know” and "minimum necessary" standard.

When it is necessary to collect and maintain identifiable data, the IRB will ensure that the protocol includes the necessary safeguards to maintain confidentiality of identifiable data and data security appropriate to the degree of risk from disclosure.

In regards to when it is appropriate to require provisions to maintain confidentiality of data, the following issues should be considered:

  • Will confidentiality of identifiable data be offered?
  • Are there legal/ethical requirements (e.g., HIPAA)?
  • Will release of data cause risk of harm?

If yes to the above, measures to maintain confidentiality should be incorporated into the protocol. For more information on whether your activity may involve HIPAA, please see Protected Health Information (HIPAA). Please see Data Security for examples of different ways to help maintain confidentiality.