Data management for students: Research with human participants

When dealing with human participants you may need to consult an ethics committee who will assess the ethical aspects of your research project before you start. This will especially be the case if you are dealing with more vulnerable participants (e.g., minors). Students rarely collect special categories of personal data (e.g., religious beliefs, sexual orientation), however if this is the case, consult your ethics committee. If you are in doubt, talk to your supervisor. A list of the ethics committees at Radboud University can be found here.

Personal data needs to be protected, safely stored and must not be shared publicly. [1]

Personal data are any information relating to an identified or identifiable living person. Personal data can be divided into two types:

• Direct identifiers: Any information directly identifying a person. Examples include names, birthdates, addresses, IP addresses, photos, and audio and video recordings. 
• Indirect identifiers: Any information that can be traced back to a person in combination with other data. For example, knowing that someone is female, is not enough to identify a person. However, knowing that someone is female with the additional information that this person was the chancellor of Germany, will lead you to Angela Merkel.

Importantly, if a person’s identity is known or can be inferred, then any information you have about this person is considered personal data. Thus, if a person is identifiable, then this person’s gender is considered personal data as much as information you have about their favourite type of pizza.

Be particularly careful when collecting special categories of personal data, such as health data, political opinions, religious beliefs, someone’s sexual orientation etc. [2] These data can be used to discriminate against individuals and thus may only be collected when absolutely necessary and only when you have received approval from your local ethics committee and when you have obtained explicit consent from you participants.

[1]It is only possible to share personal data if the participants explicitly provided informed consent for this. This should only be done when absolutely necessary and should be approved by your local ethics committee.

[2] See here for more information.

If you have human participants you will most likely need to get informed consent.

• The participant is informed about what (personal) data will be collected, what is done with this data, and for what purpose. This information is usually provided in an information brochure which the participant has received and understood. It is important that this information is understood. Therefore the information brochure may be supplemented by other means such as an oral explanation or an explanatory video.   
• The participant gives explicit consent by freely opting in to participate in the research and agrees to their data being processed. The participant should be aware of their right to withdraw their consent as well as the point in time after which this is no longer possible.

More information on informed consent can be found here.

DO’S

• Delete personal data that was only collected for administrative purposes and not needed to answer your research question (e.g., email addresses used to contact participants) as soon as possible.
• De-identify data whenever possible. This may not be possible in some cases when the personal data is needed to answer the research question. See Anonymisation and pseudonymisation below.
• Safely store personal data. See the section Safe storage.

DON’TS

• Do not collect more personal data than absolutely necessary. For example, if knowing the age of your participants is enough to answer your research question, do not ask for your participants’ birthday.
• Do not share personal data with anyone unless absolutely necessary (e.g., with your supervisor) and then only when you have the participants’ Informed consent. 

For more information about privacy and security click here.