##Health Research //Research Subject.//\\ * The research participant shall be made to understand that he or she can opt-out of the study or have their personal information deleted from the project's database if they so request in writing. \\ * //Acceptable recruitment methods.// Acceptable methods for recruiting research subjects may include: advertisements, notices, media (social or tri-media), websites, letter or email to colleagues or healthcare staff to distribute to potentially eligible individuals.\\ * //Unacceptable recruitment methods.// Unacceptable methods for recruiting research subjects include (but not limited to): searching through medical records or databases (e.g. patient registry) for qualified subjects and having a researcher with no prior contact with potential subject recruit; recruiting subjects immediately prior to sensitive or invasive procedure (e.g. in pre-op room); retaining sensitive information obtained at screening without the consent of those who either failed to qualify or refused to participate for possible future study participation.\\ //Research Protocol//\\ * Study protocols shall incorporate data protection measures. Protocols shall describe how the participant's privacy will be protected in the entire research process and shall include provisions on how to protect data and samples during use and subsequent storage. \\ A letter of request addressed to the Local Chief Executive or the Head of the Facility shall be made and is subject for approval. The letter of request shall contain the objective of the study, the type of data to be collected, and the method of data gathering.\\ Individuals, organizations or third-parties who may access identifiable health information shall be identified in the research protocol and in registration with review bodies.\\ //Research Projects //\\ * A research project involving 1,000 or more data subjects shall register with the National Privacy Commission or its duly deputized body (for health research, possibly the Health Privacy Board).\\ * Data breach reporting protocol shall be followed and researchers must ensure that there is privacy protection of data during the entire research process: recruitment, study proper, close-out, and even after study conduct. \\ *All personnel involved in the study will be required to sign agreements to protect the privacy, security and confidentiality of identifiable health information prior to accessing any personal information of data or research subject.\\ * A copy of the completed research study/project shall be provided to the health facility.\\ //Research Data//\\ * Data or specimen collected from research shall be de-identified or destructed as deemed appropriate. Identifiers will be removed from study-related information, whenever feasible. \\ * //Paper-based records.// Paper-based records are to be kept in a secure location and made accessible to personnel involved in the study purposes only. \\ * //Electronic records.// Computer-based files will be encrypted and made available to personnel involved in the study through the use of secure access privileges and passwords.\\ * Audio or video recording of subjects will be transcribed and then destroyed to eliminate audible or visual identification of data. Collection of visual images shall be subject to patient's consent and identifiable information shall be removed or obscured.\\ * //Data Sharing.// Aside from the ones indicated in the study protocol and the original consent document, the research subject shall give his or her permission prior to data sharing arrangements. Data sets publicly made available shall have undergone thorough technical anonymization procedures and shall have been cleared for public access by a duly-constituted ethics committee. The risk of re-identification of study participants or data subjects should be low to none.\\ ##See Also * [[Privacy Interests in Research]] - earlier discussion on the subject * [[consolidated_workshop_outputs|Health Privacy Code]]