Should you give the data out?
No. Sharing identifiable data without consent will violate confidentiality and could cause misuse or harm to patients.
How do you not violate any of the General Principles of Informatics Ethics
Principle of Information Privacy and Disposition: Individuals have the right to control their own health information and cannot be shared without patient consent.
Principle of Legitimate Infringement: Data can be shared only if there is clear justification (e.g., public health emergencies) and if approved by ethics board.
Principle of the Least Intrusive Alternative: Provided data must be anonymized without exposing individuals instead of raw personal data.
Principle of Accountability: Data use agreement and ethics approval must define roles, responsibilities and consequences of misuse.
If you want to provide the data to them, what and how will you do it?
If we want to provide the data to them, we have to do the following steps.
1. Seeking approval from ethical board or relevant authority.
2. Anonymization of data by removing identifiable information such as names, address, contact details and limiting the necessary data elements only.
3. Signing a formal data use agreement for how the data will be used and findings must be shared with national health authorities.
4. Sharing data transfer via secure and encrypted channels to make sure that only the relevant parties can access those data.
