Response

Jyoti A. Kotecha; Donna Manca

We appreciate William Sullivan’s well-thought-out response to our article and fully support the need for more expertise and support for research ethics boards (REBs), which in turn would facilitate the process. The key message we attempted to articulate was that REBs are made up of dedicated individuals who are often participating on these boards in addition to their regular academic duties, and that they need to be better supported to be able to interpret complex institutional, local, provincial, and national privacy and ethics standards and policy. We also understand that REBs might deal with many incomplete applications that have not thought out or addressed ethical and privacy issues.

Mr Sullivan indicates that researchers will have problems with many REBs if they fail to fairly address issues before submitting applications. Our concerns were that despite carefully preparing and addressing issues before submitting our applications, we encountered considerable variation and delay in our pan-Canadian REB submissions, and that this was not because REBs were either slow or lacked expertise, but that the policies themselves were so complex that interpretation was an issue.

Owing to word limitations for publication and the need to focus our paper, we were not able to provide many details, which might have contributed to either misunderstanding or wrongful conclusions by Mr Sullivan. Therefore, we welcome this opportunity to fill in some of the gaps illustrated in Mr Sullivan’s letter.

De-identification is not enough

We agree wholeheartedly with Mr Sullivan’s statement that “REBs should not simply accept the ‘de-identified’ information as enough.” In our REB submissions we provided research or hardware agreements with the custodians, confidentiality agreements, standard operating procedures, privacy codes of conduct, and processes to mitigate the risks of collecting de-identified data including the first 3 digits of the postal code. Policy and procedures were developed to mitigate the risks of re-identification, such as masking fields that contained fewer than 5 items.

Patients’ identifying information is not available to CPCSSN

The information extracted from the electronic medical record is stripped of identifiers. The CPCSSN key, which does contain patient identifiers, is kept within the secure practice environment; that is, it is kept by the custodian of the data (the physician).

Acceptable risks

When we state, “There is always a trade-off between utility and security, therefore, and a small risk of identification,” we are describing the acceptable risks needed for surveillance. That is, explicit consent is not useful for surveillance projects; instead, we used “social contract consent” where people are informed generally about the research.¹ Social contract consent is acceptable in low-risk situations, such as when extracting de-identified health data.¹ The benefits of this type of consent outweigh the risks with surveillance studies using de-identified data. Obtaining informed consent creates research bias in observational studies.² For the purposes of this project, social contract consent was required to obtain a representative sample. The CPCSSN project provides information to all patients at participating practices through posters and information brochures, and provides contact details of the research team and REB contacts in each location who patients may contact if they have issues or wish to “opt out” and request that their information be withdrawn from the project.

Respect for privacy

In response to the concern that not obtaining informed consent does not show enough “respect” for a patient’s privacy: the Tri-Council Policy Statement requires REBs as well as those doing research with human data to be in compliance with applicable legislation as it interprets the Tri-Council Policy Statement recommendations. In that regard, CPCSSN’s demonstration of “respect” for data subjects is apparent in a number of ways, commencing with the implementation of organizational, physical, and technological safeguards for the CPCSSN data that are de-identified within the practice environment. These safeguards are described in our paper. In addition, CPCSSN is providing custodians (who hold the legal responsibility for ensuring that their handling of patients’ personal health information is in compliance with applicable privacy legislation) with substantial information and support (including contact information for CPCSSN’s Research and Privacy Ethics Officer). The process described in the article was consistent with the applicable legislation as it applies in each participating province.

Footnotes

Competing interests

None declared

References

↵
1. Singleton P,
2. Wadsworth M
. Consent for the use of personal medical data in research. BMJ 2006;333:255-8.
OpenUrl FREE Full Text
↵
1. Kho ME,
2. Duffett M,
3. Willison DJ,
4. Cook DJ,
5. Brouwers MC
. Written informed consent and selection bias in observational studies using medical records: systematic review. BMJ 2009;338:b866.
OpenUrl Abstract/FREE Full Text