In 2000, the Canadian government passed the Personal Information Protection and Electronic Documents Act, which was designed in part to address important privacy and confidentiality issues in medical research. Since then, all provinces have either adopted this legislation or passed privacy acts of their own. When this legislation was initially passed, it was viewed with considerable concern by observational researchers who work with secondary personal health information such as data from disease registries, medical charts or administrative databases. They were concerned that an overly conservative interpretation of this legislation would limit the scope and quality of their research to the point that it would not be effective, accurate or worth the investment of scarce research dollars and that consequently society would suffer from the loss of an important source of medical progress. Now, almost 8 years later there is emerging evidence that this concern was warranted even though the ultimate impact of this and other privacy legislation in Canada remains to be determined.1
It is important to protect privacy, and privacy legislation in Canada and other developed countries has been very successful at raising awareness and enforcing respect for privacy among medical researchers. Many governments have passed laws designed to protect people's privacy within the past decade based on similar privacy principles (Table 1), and these laws appear to have been effective. Although it has not been studied formally, there have been very few violations of privacy in medical research brought to the public's attention.2 This is in contrast to privacy violations in other areas such as business and government.3 In addition, those violations revealed in medical research were clearly because of noncompliance with current privacy legislation.2
Unfortunately, privacy legislation appears to have had a detrimental effect on some types of observational research, such as research for which a waiver of informed consent has been pursued. This is research in which, for various reasons, obtaining consent from study participants is not practical (Box 1).4 Therefore, to maintain the balance of harms and benefits crucial to all research, a waiver is permitted. Of course, in these cases, any risk of harm to participants must be minimal and other means of preserving privacy must be used. Although accepted by many as necessary, the use of such waivers is controversial to privacy advocates because it denies study participants the choice to accept or refuse the risks that may result from a privacy breach, however unlikely, and yet the participants are still exposed to those risks.5 A privacy breach (the intentional or nonintentional accessing of participants' personal information by an unauthorized person) could lead to problems such as psychological stress, embarrassment and insurance discrimination. Therefore, to ensure that waivers are not used indiscriminately, most privacy legislation specifically addresses in what situations they can be used. Unfortunately, conservative interpretation of this legislation has been cited as a primary reason why many research ethics boards and data custodians have refused to grant waivers. This has inhibited researchers' access to medical records or databases. In an increasing number of examples, such refusal has resulted in decreased participation, selection bias (Table 2), incomplete research and dismantled disease registries.1,6–12 Fortunately, there are not many published examples from Canada; however, we are still in the relative early days following privacy legislation. Until this legislation is tested and precedents are set, the potential for further detrimental effects on observational research remains.
The current situation may be improved in a couple of ways. The first is by recognizing that there is a potential problem and instituting standards or guidelines to clarify privacy legislation.13 These could be developed by representatives of research ethics boards, researchers, research organizations, ethicists, privacy advocates and members of the public. In addition, education of research ethics boards and data custodians would help them to understand and apply legislative rules. A second approach would be to educate research ethics boards, data custodians and the public about methods that preserve privacy other than traditional “opt-in” informed consent so that they might be considered acceptable alternatives. Some organizations, like the Institute of Clinical Evaluative Sciences in Toronto, Ontario, have been using such methods to safeguard data for many years (Box 2).14 Researchers should also be taught these methods so that data security breaches do not occur.2 Security breaches are not only awful for the participants involved but also damage public trust in the research community and will invariably lead to tighter restrictions on data access. In addition, new ways of informing and gaining support from the public for observational research should be developed and evaluated. For example, some groups have adopted an informed “opt-out” policy in lieu of informed “opt-in” consent. This is where educational brochures, easily available in public spaces (e.g., hospital waiting rooms or nursing stations), describe observational research projects, and a contact name and telephone number are published so that patients can call for further information or to request exclusion; otherwise, their data are included by default.15
In summary, almost 8 years after its introduction, there is some evidence that conservative interpretation of privacy legislation has had detrimental effects on observational research in Canada. Luckily the published effects have been relatively small; however, problems in other countries suggest that the situation could become a lot worse. Observational research has led to numerous important advances in the field of medicine, and its methodology is considered the best approach to address many types of research questions. Preserving privacy is a very important societal objective but it can be done without sacrificing such research. We suggest that standards or guidelines that clarify privacy legislation and alternate methods of preserving privacy and confidentiality may improve the current situation and preserve this important source of medical progress.
Key points of the article
• Privacy legislation has been passed in many countries to protect the privacy and confidentiality of patient information in medical research.
• Conservative interpretation of such legislation may serve as a barrier to many types of observational research such as studies where it is not practical to get written informed consent from all people included.
• Privacy guidelines and education for researchers, research ethics boards and data custodians and exploration of alternative strategies to the traditional “opt-in” written informed consent model may help to preserve this important source of medical progress.
Acknowledgments
Dr. Gershon is supported by fellowships from the Canadian Institutes of Health Research, Institute of Population and Public Health and the Public Health Agency of Canada Research. Dr. Tu is supported by a Canada Research Chair in Health Services Research and a Career Investigator Award from the Heart and Stroke Foundation of Ontario.
Footnotes
This article has been peer reviewed.
Contributors: Both of the authors contributed to the conception and design of the article. Andrea Gershon drafted the manuscript and revised it critically with Jack Tu. Both of the authors approved the final version submitted for publication.
Competing interests: None declared.
Correspondence to: Dr. Andrea Gershon, G1 06, 2075 Bayview Ave., Toronto ON M4N 3M5; fax 416 480-6048; andrea.gershon@utoronto.ca
REFERENCES
- 1.Tu JV, Willison DJ, Silver FL, et al. Impracticability of informed consent in the Registry of the Canadian Stroke Network. N Engl J Med 2004;350:1414-21. [DOI] [PubMed]
- 2.Order HO-004. Information and Privacy Commissioner/Ontario. Toronto: The Commissioner; 2007. Available: www.ipc.on.ca/index.asp?navid=53&fid1=7616 (accessed 2008 Jan 22).
- 3.Office of the Privacy Comissioner of Canada. Commissioner's findings: CIBC's privacy practices failed in cases of misdirected faxes. Ottawa: The Office; 2005. Available: www.privcom.gc.ca/incidents/2005/050418_01_e.asp (accesed 2008 Jan 22).
- 4.Canadian Institutes of Health Research. Background legal research and analysis in support of CIHR's recommendations with respect to the Personal Information Protection and Electronic Documents Act (PIPEDA). The Insititutes: Ottawa; 2001. p. 38-9.
- 5.Manning D. Commentary: Don't waive consent lightly — involve the public. BMJ 2002;324:1213.
- 6.McKinney PA, Jones S, Parslow R, et al. A feasibility study of signed consent for the collection of patient identifiable information for a national paediatric clinical audit database. BMJ 2005;330:877-9. [DOI] [PMC free article] [PubMed]
- 7.Angus VC, Entwistle VA, Emslie MJ, et al. The requirement for prior consent to participate on survey response rates: a population-based survey in Grampian. BMC Health Serv Res 2003;3:21. [DOI] [PMC free article] [PubMed]
- 8.Woolf SH, Rothemich SF, Johnson RE, et al. Selection bias from requiring patients to give consent to examine data for health services research. Arch Fam Med 2000;9:1111-8. [DOI] [PubMed]
- 9.McCarthy DB, Shatin D, Drinkard CR, et al. Medical records and privacy: empirical effects of legislation. Health Serv Res 1999;34:417-25. [PMC free article] [PubMed]
- 10.Yawn BP, Yawn RA, Geier GR, et al. The impact of requiring patient authorization for use of data in medical records research. J Fam Pract 1998;47:361-5. [PubMed]
- 11.Verity C, Nicoll A. Consent, confidentiality, and the threat to public health surveillance. BMJ 2002;324:1210-3. [DOI] [PMC free article] [PubMed]
- 12.Peto J, Fletcher O, Gilham C. Data protection, informed consent, and research. BMJ 2004;328:1029-30. [DOI] [PMC free article] [PubMed]
- 13.Canadian Institutes of Health Research. Best practices for protecting privacy in health research (September 2005). The Institutes: Ottawa; 2005. Available: www.cihr-irsc.gc.ca/e/29072.html (accesed 2008 Jan 22).
- 14.Institute for Clinical Evaluative Sciences. Privacy code: protecting personal health information at ICES. Toronto: The Institute; 2005. Available: www.ices.on.ca/file/ACF20B.pdf (accesed 2008 Jan 22).
- 15.Clark AM, Jamieson R, Findlay IN. Registries and informed consent. N Engl J Med 2004;351:612-4. [DOI] [PubMed]