1 / 16

Data Protection Act and Anonymisation of Research Data

This presentation explores the Finnish practices of data protection and anonymisation of research data. It discusses the Data Protection Act and its application in the archiving process, as well as the anonymisation techniques for both quantitative and qualitative data.

jburgos
Download Presentation

Data Protection Act and Anonymisation of Research Data

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Data Protection Act and Anonymisation of Research Data Arja Kuula, Research Officer Finnish Social Science Data Archive

  2. Presentation • Based on Finnish practices, does not cover register data • Open access applies only to the scientific community • Data Protection Act in the archiving process • Anonymisation of both quantitative and qualitative data • Do we always need to anonymise research data? NO

  3. Data Protection Act and Archiving • Checking whether the prerequisites for processing personal data are fulfilled • Primary prerequisite is that the data subject has unambiguously consented to the processing • Usually researchers give information about purpose and content of the research • Data: “confidentiality will be safeguarded and personal identifiers will not be published”. Nothing about the preservation or future uses of data.

  4. Nothing mentioned of archiving • FSD has two options: 1) the researcher gives us a mandate to ask each participant separately whether he/she agrees to archiving, or • 2) we have to apply Section 14 of the Data Protection Act

  5. Section 14 of Data Protection Act Personal data may be processed for historical or scientific research also without consent if • the research cannot be carried out without data identifying the person • if the consent of data subjects cannot be obtained because of the age or quantity of the data • use of personal data files are based on an appropriate research plan • a person or a group of persons are nominated as responsible for the research project • the data pertaining to a given individual are not disclosed to any outsiders • after the research project has ended, personal data files will be destroyed or transferred to an archive, or the data are altered so that data subjects can no longer be identified

  6. Anonymising of quantitative data • Starting point: reviewing the dataset as a whole • Information given to participants • Background variables • Variables based on open-ended responses • Subject matter of the data

  7. Anonymisation of quantitative data • Removal – eliminating the variable from dataset entirely • Bracketing – combining the categories of a variable • Removing identifiers from open-ended questions • Top-coding – grouping the upper range of a variable to eliminate outliers • Using samples instead of total original study • Swapping • Disturbing

  8. Anonymisation of qualitative data • Starting point: reviewing the material as a whole • Information given to participants • How detailed the background information of participants is • Subject matter of the data

  9. Anonymisation of qualitative data • Removing direct identifiers • Altering names and other proper names • Removing or editing sensitive information • Editing background information into categories

  10. Detailed background information can be edited into categories • Arja Kuula: 42-year-old research officer working in a separate unit of the University of Tampere, married, with children aged 7 and 12, and living in Tampere: • Gender: Female • Age: 41-45 • Occupation: Professional in the field of research • Place of occupation: University (or public sector employer) • Household composition: Husband and two school-age children • Place of residence: Town in the province of Western Finland

  11. Is anonymisation always necessary? • NO. There is an essential difference between a research publication and research data when it comes to what kind of consequences possible identification might have • It should be possible for a researcher to study research subjects more profoundly and in more detail, even when he cannot publish the results in such a detail for confidentiality reasons

  12. Confidentiality • Does NOT mean secrecy and heavy anonymisation processes • BUT consist of agreements between the researcher and the participants on the future use and preservation of the data • DOES mean that identifiable personal information gathered for research purposes cannot be delivered or presented as such to the media or, for example, to administrative officials making decisions affecting research participants

  13. Basic philosophy behind the Data Protection Act • To protect individuals and social groups from harmful use of their personal information • 1) from the power of markets so that their integrity would not be hurt by very focused and intrusive advertising and 2) from the power of public officials

  14. EU directive on the protection of personal data and the ensuing Finnish Personal Data Act • Allow archiving of data containing personal information • Level of anonymisation depends on what kind of information on the use and processing of data has been given to participants

  15. Ideal • Planning what kind of information to give to research participants takes into account both • Data protection legislation • Possibility to share the data once the original project has ended

  16. Research participants draw the boundaries of their privacy in two stages • When they decide whether they want to participate or not • During data collection, when they decide what they want to reveal about themselves and their thoughts to research: they decide what to answer and what not

More Related