Presentation is loading. Please wait.

Presentation is loading. Please wait.

Privacy & Confidentiality in Internet Research Jeffrey M. Cohen, Ph.D. Associate Dean, Responsible Conduct of Research Weill Medical College of Cornell.

Published byConrad Willis Modified over 8 years ago

Similar presentations

Presentation on theme: "Privacy & Confidentiality in Internet Research Jeffrey M. Cohen, Ph.D. Associate Dean, Responsible Conduct of Research Weill Medical College of Cornell."— Presentation transcript:

1 Privacy & Confidentiality in Internet Research Jeffrey M. Cohen, Ph.D. Associate Dean, Responsible Conduct of Research Weill Medical College of Cornell University

2 IRB Issues Research on the Internet presents new concerns to the traditional IRB issues of privacy & confidentiality Research on the Internet presents new concerns to the traditional IRB issues of privacy & confidentiality Privacy concerns relate to whether Internet activity Privacy concerns relate to whether Internet activity –Is identifiable –Constitutes public or private behavior Confidentiality concerns relate to inappropriate disclosure of information obtained over the Internet Confidentiality concerns relate to inappropriate disclosure of information obtained over the Internet

3 Privacy Identifiable vs. Anonymous Identifiable vs. Anonymous –Online participants usually use pseudonyms (screen names, handles, etc.) –Although not publicly linked to actual names, identities can often be “readily ascertained” (e.g., using search engine) –People’s online identity may be as important to them as their actual identity

4 Privacy Public vs. Private Behavior Public vs. Private Behavior –Most online activity is open to the public –Federal regulations base the definition of “private information” on the subjects’ “reasonable expectation” of privacy –In many situations (e.g., chat rooms), participants expect privacy and don’t expect their activity to be studied –Determination of privacy more complicated than it seems

5 Confidentiality Two potential sources of breach of confidentiality Two potential sources of breach of confidentiality –inadvertent disclosure  Investigator who sent out research database to entire Listserv  Investigator who’s computer was stolen –deliberate attempts to gain access  No recorded incidents of hacking research data Technology can provide reasonable security but cannot guarantee absolute security Technology can provide reasonable security but cannot guarantee absolute security

6 Confidentiality Data transmitted via e-mail cannot be anonymous without the use of additional steps. Almost all forms of e-mail contain the sender's e-mail address. Data transmitted via e-mail cannot be anonymous without the use of additional steps. Almost all forms of e-mail contain the sender's e-mail address. –use an "anonymizer" - a third party site that strips off the sender's e-mail address Web servers automatically store a great deal of personal information about visitors to a web site and that information can be accessed by others. Web servers automatically store a great deal of personal information about visitors to a web site and that information can be accessed by others.

7 Confidentiality Web sites can leave “Cookies”, a small file left on the user’s hard drive that is sent back to the web site each time the browser requests a page from that site. Cookies can record which computer the user is coming from, what software and hardware is being used, details of the links clicked on, and possibly even email addresses, if provided by the user. Web sites can leave “Cookies”, a small file left on the user’s hard drive that is sent back to the web site each time the browser requests a page from that site. Cookies can record which computer the user is coming from, what software and hardware is being used, details of the links clicked on, and possibly even email addresses, if provided by the user.

8 Confidentiality Degree of concern over confidentiality depends on sensitivity of the information Degree of concern over confidentiality depends on sensitivity of the information Since it is impossible to guarantee absolute data security over the Internet, some extremely sensitive research may not be appropriate for the Internet Since it is impossible to guarantee absolute data security over the Internet, some extremely sensitive research may not be appropriate for the Internet

9 IRB Requirements Investigators are going to have to provide technical information on how they will deal these issues. Investigators are going to have to provide technical information on how they will deal these issues. IRBs need to have sufficient expertise on the technical aspects of the Internet in order to ask the right questions and evaluate the information provided. IRBs need to have sufficient expertise on the technical aspects of the Internet in order to ask the right questions and evaluate the information provided. IRBs that review Internet research without sufficient expertise are not in compliance with the regulations! IRBs that review Internet research without sufficient expertise are not in compliance with the regulations!

10 Resources American Psychological Association – Report of the Advisory Group on the Conduct of Research on the Internet http://www.apa.org/journals/amp/ featured_article/february_2004/amp592105.pdf American Psychological Association – Report of the Advisory Group on the Conduct of Research on the Internet http://www.apa.org/journals/amp/ featured_article/february_2004/amp592105.pdf AAAS Report on Internet Research http://www.aaas.org/spp/dspp/sfrl/projects/ intres/main.htm AAAS Report on Internet Research http://www.aaas.org/spp/dspp/sfrl/projects/ intres/main.htm

11 Contact Info Jeffrey M. Cohen Associate Dean, Research Compliance Weill Medical College of Cornell University 425 E. 61st. St. DV-301 New York, NY 10021 Phone: (212) 821-0612 Fax: (212) 821-0580 jmc2011@med.cornell.edu

Download ppt "Privacy & Confidentiality in Internet Research Jeffrey M. Cohen, Ph.D. Associate Dean, Responsible Conduct of Research Weill Medical College of Cornell."

Similar presentations

Protect Our Students Protect Ourselves

Protect Our Students Protect Ourselves
Is it Research?. Is It Research? 2 Elements –The project involves a systematic investigation –The design (meaning goal, purpose, or intent) of the investigation.

Is it Research?. Is It Research? 2 Elements –The project involves a systematic investigation –The design (meaning goal, purpose, or intent) of the investigation.
200 300 400 500 100 200 300 400 500 100 200 300 400 500 100 200 300 400 500 100 200 300 400 500 100 BlueRedGreenPurpleOrange.

BlueRedGreenPurpleOrange.
Privacy and Information Security Training (2006-07) VUMC Privacy Website www.mc.vanderbilt.edu/privacy.

Privacy and Information Security Training ( ) VUMC Privacy Website
NAU HIPAA Awareness Training

NAU HIPAA Awareness Training
Protecting the Privacy of Family Members in Survey and Pedigree Research Jeffrey R. Botkin, MD, MPH University of Utah.

Protecting the Privacy of Family Members in Survey and Pedigree Research Jeffrey R. Botkin, MD, MPH University of Utah.
Personal Data Protection and Security Measures Justin Law IT Services - Information Security Team 25 & 27 November 2013.

Personal Data Protection and Security Measures Justin Law IT Services - Information Security Team 25 & 27 November 2013.
Human Specimen Repositories: Requirements of 45 CFR part 46 PRIM&R May 5, 2004 Julie Kaneshiro DHHS Office for Human Research Protections Phone:301-402-7565.

Human Specimen Repositories: Requirements of 45 CFR part 46 PRIM&R May 5, 2004 Julie Kaneshiro DHHS Office for Human Research Protections Phone:
1 Electronic Information Security – What Researchers Need to Know University of California Office of the President Office of Research May 2005.

1 Electronic Information Security – What Researchers Need to Know University of California Office of the President Office of Research May 2005.
Part 2 of Evil Lurking in Websites Data Security at the University of Wisconsin Oshkosh.

Part 2 of Evil Lurking in Websites Data Security at the University of Wisconsin Oshkosh.
DHS SECURITY INCIDENT REPORTING AND RESPONSE SECURITY INCIDENT REPORTING AND RESPONSE DHS managers, employees, and other authorized information users.

DHS SECURITY INCIDENT REPORTING AND RESPONSE SECURITY INCIDENT REPORTING AND RESPONSE DHS managers, employees, and other authorized information users.
Click your mouse anywhere on the screen to advance the text in each slide. After the starburst appears, click a blue triangle to move to the next slide.

Click your mouse anywhere on the screen to advance the text in each slide. After the starburst appears, click a blue triangle to move to the next slide.
Technological Implications for Privacy David Kotz Department of Computer Science Dartmouth College

Technological Implications for Privacy David Kotz Department of Computer Science Dartmouth College
Cooperative Research IRB Brownbag, 3/4/08. ISU Policy Cooperative research projects are those projects which involve more than one institution. The official.

Cooperative Research IRB Brownbag, 3/4/08. ISU Policy Cooperative research projects are those projects which involve more than one institution. The official.
CUMC IRB Investigator Meeting November 9, 2004 Research Use of Stored Data and Tissues.

CUMC IRB Investigator Meeting November 9, 2004 Research Use of Stored Data and Tissues.
ASP.NET 2.0 Chapter 6 Securing the ASP.NET Application.

ASP.NET 2.0 Chapter 6 Securing the ASP.NET Application.
Internet Security PA Turnpike Commission. Internet Security Practices, rule #1: Be distrustful when using the Internet!

Internet Security PA Turnpike Commission. Internet Security Practices, rule #1: Be distrustful when using the Internet!
Human Investigation Committee 2013.  Is it research?  If yes, does it involve human subjects?  If yes, can it be exempt?  If no, will a Request for.

Human Investigation Committee  Is it research?  If yes, does it involve human subjects?  If yes, can it be exempt?  If no, will a Request for.
 Proxy Servers are software that act as intermediaries between client and servers on the Internet.  They help users on private networks get information.

 Proxy Servers are software that act as intermediaries between client and servers on the Internet.  They help users on private networks get information.
Privacy vs. Confidentiality Presentation for IRB Members.

Privacy vs. Confidentiality Presentation for IRB Members.

Similar presentations

Ads by Google