Personal data and privacy

An important value that researchers should protect is the privacy of participants in research projects. This is because research may reveal personal information about participants, such as their age, sexual orientation, income, psychosocial or health situation.

Personal information (or data) concerns any information, private of professional, which relates to an identified or identifiable natural person. Examples are name, address, identification number, e-mail, CV, bank account number, phone number and medical records. Individuals are not considered ‘identifiable’ if identifying them requires excessive effort. Completely anonymized data does not fall under the data privacy rules.

In informed consent procedures, researchers inform participants about the potential consequences for their privacy of participation in the research. Moreover, researchers may need to protect the privacy of participants, both in the publication of research results and in the management of data. More information on personal data and privacy can be found here.

When submitting a research proposal for review by the EACLM, researchers are asked to provide a data management plan in which they address issues on the collecting, sharing and archiving of personal data. In the data management plan, researchers should pay specific attention to:

• safety procedures which avoid unforeseen usage or disclosure (for instance, when storing and sharing data or when using web tools to collect data);
• safety procedures in case of sharing data with, or transferring data to, or from, other countries (particularly non-EU countries), for instance in the case of research in international consortia;
• informing participants about measures for data protection and anonymization or pseudonymization, as well as decisions on making data available for re-use (ideally, in the information brochure that is part of the informed consent procedure).