- This topic has 15 replies, 15 voices, and was last updated 2 years, 6 months ago by Weerada Trongtranonth.
-
AuthorPosts
-
-
2021-10-01 at 12:08 pm #31783SaranathKeymaster
-
2021-10-10 at 7:44 am #32037Sri Budi FajariyanParticipant
Based on Indonesian regulations, health-related data is sensitive personal data. Based on the health law, every person has the right to keep his health condition confidential, but this does not apply in the case of statutory orders, court orders, relevant permits, the interests of the community, and the interests of the person.
The utilization of data for research is beneficial for the wider community. as a data manager, I will discuss with my supervisor first and I will explain the rules to my supervisor after the supervisor agrees to provide the data I will ask the researcher to make an official data request letter and make an NDA (Non-Disclosure Agreement) which states that the researcher will maintain the confidentiality of the data and if the data will publish the results of his research then with the permission and knowledge of the malaria program. after that, we will provide data by hiding the identity of the name and residence code
Regarding researchers from abroad, we will first ask for permission to research in Indonesia. Based on Indonesian regulations, foreign researchers who will research in Indonesia must involve researchers from Indonesia and the relevant ministry permission. and the malaria program will consult the bureau of foreign cooperation affairs in MoH
-
2021-10-13 at 10:02 pm #32099Napisa Freya SawamiphakParticipant
Thank you for sharing the Indonesian regulation. It is very new and interesting for me. I also agree that we need to align with the local regulation as well.
-
-
2021-10-10 at 10:31 am #32039Auswin RojanasumapongParticipant
– I would not immediately give the data out to the research team outside the organization.
– First, I would check for the condition of the data collected from the individual if there was consent to let us use it for other purposes or to let us disclose the data for research purposes.
– If it has not been consent for research purposes, I would contact the individual for permission and documented consent to use the information for a specific purpose (that the team from the western country intended to do)
– If I want to provide the data to the team, I would de-identify the data to avoid breaching the confidentiality of an identifiable individual. In this case, some of the data might not be given, such as contact number, home address, etc.
-
2021-10-10 at 10:32 pm #32049TARO KITAParticipant
In principle, it is a breach of the principle of Information Privacy and Disposition to provide all data to the foreign research team without the patient’s consent.
However, in case of prospective study, unless otherwise stipulated in local laws or regulations, you could request the research team to abide by and sign a relevant local code of ethics including privacy clause, and also gain the informed consent from all patients following the same procedure as for the national database.
If you want to provide the previous data to them, since it is unrealistic to gain consensus from all patients, you should negotiate with the team, and provide only de-identified information, rather than providing the entire data requested, although you have to take part in the process where individual identifiers are involved.
-
2021-10-11 at 1:38 pm #32058Arwin Jerome Manalo OndaParticipant
As any patient-level data is strictly confidential, this type of study must be reviewed by the respective Ethics Review Board of the institution to determine the ethical considerations in conducting such study. By default, however, this requirement of the depth of patient information would considerably result to rejection, specifically if such details will have no use in the research. However, a formal proposal by the lead investigator would help in the review process. This may include the following:
– Purpose of the study
– Objectives of the study
– Scope of the study
– Data management strategies (handling, storage, analysis, transfer etc)
– Background of the researchersIn this way, the level of information to be collected may be expressively justified.
-
2021-10-12 at 9:40 am #32066chanapongParticipant
The collected data should not be given out to the research team due to the information privacy principle. Reviewing the informed consent of the collected data, which have permission only to this study or further study, is important. If the informed consent provides further use of the data, giving the data to another research team is acceptable. In contrast, the other research teams have to gain permission for their study purpose if the former inform consent does not provide further data usage.
If you want to provide data to them, you have to provide only unidentifiable data to protect the data privacy of individuals recruited in the project and have an official agreement on the purpose to use the collected data.
-
2021-10-13 at 3:01 pm #32080Navin PrasaiParticipant
We have to follow Ethical principles and regulations before assessing the data. In this case, the home address, geolocation, phone number, disease status are the sensitive information. Before collecting these data, individuals should be taken consent and properly informed about the purpose and use of the data. The data redaction technique is very important if in case the sensitive data have to be used for the prevention of disease. However, ethical principles and regulations have to be always considered to avoid privacy and security breaches.
-
2021-10-13 at 8:05 pm #32090Theekhathat HuapaiParticipant
This research group wants to access data we call Protected Health Information (PHI). This data can identify an individual patient.
According to HIPAA on research. A researcher group needs to contact Documented Institutional Review Board (IRB) or Privacy Board Approval or ethical committee to rewrite a privacy guideline for this research. The researcher will make a non-disclosure form before collecting data. The use of PHI needs to be minimal and must not identify patients easily. A board must be approved before access PHI. A researcher must change PHI data before sharing it with other researcher groups or declaring study results to the public.
If I am a health informatician in this research. This data must have less sensitive information about an individual patient with approval from the supervisor and research board.
-
2021-10-13 at 9:17 pm #32093Napisa Freya SawamiphakParticipant
In my opinion, I will not provide the data to them immediately but I will request a discussion with the research team to identify the required data in the research protocol and clarify the need to use individual-level data or some personal information. We should avoid using sensitive data or identifiable data which can link to the patient as much as possible. In case, the research protocol really requires individual-level and sensitive data, I would reach to the patients individually and request consent from them. Also, all other unnecessary data will be redacted/removed and not shared with anyone to maximize privacy and confidentiality, for example, provide only city location instead of full home addresses.
-
2021-10-13 at 11:09 pm #32102Tossapol PrapassaroParticipant
I would not provide the data to those research team because they actually require the individual data, which will violate personal privacy according to privacy rights. If the research team is willing to do the research, they must clarify the research proposal for the institutional review board committee (IRB). If I have to provide the data to the research team, I will give only the anonymous and relevant data need
-
2021-10-13 at 11:31 pm #32103Ashaya.iParticipant
At first, I should not give the data out immediately. I should consider about the propose of the study and benefits of them, according to principle of openness, the data must be disclosed in an appropriate and timely fashion to the subject of those data. To do not violate the General Principles of Informatics Ethics, I should keep all the data secure as much as possible. I should inform the individual about the data request including the objective of those data request and make an informed consent. People have the right to control the use and access of their data. Discussion about the disclose of data should be performed.
-
2021-10-13 at 11:56 pm #32105Anawat ratchatornParticipant
I would not the data to above research team. The collected data contain many personal data that can be an identifier and can lead to data breach. However, I will discuss with the research team to adjust or change the way the collected data. For instance, research team should consider about necessity of data to be more specific that can reduce in violation of data privacy, and research team should considered about consent patients to collect their data for specific purpose and will not collect sensitive data.
Other than Ethics, according to Thailand PDPA law, I was a data controller for this situation and research team is data processor. Both of us should utilize data follow the rules.
-
2021-10-15 at 11:33 pm #32197Karina Dian LestariParticipant
Before sharing the data, we first must check if the documents needed for permission and data requests are complete. Then I would discuss with relevant stakeholders about the request and asking for the agreement. If the request is granted, then the data will be de-identified the individual, by not including the names, full addresses, and contact numbers, to protect the privacy.
-
2021-10-19 at 12:01 am #32263Pimthong SinchaiParticipant
I agree with other. I should not give any data out even for research without the permission. They should provide the petition that follow the healthcare/ hospital regulation for research purpose. To avoid breaching of the data, they should have a law and regulation about the privacy of the data too.
-
2021-10-21 at 8:28 pm #32299Weerada TrongtranonthParticipant
Totally agreed, we need to request for permission from owner’s information which is patient. In case of they really need data, Data must be anonymization and do not lead to patient identification to prevent data breach.
-
-
AuthorPosts
You must be logged in to reply to this topic. Login here