Online Course

NRSG 795: BIOSTATISTICS FOR EVIDENCE-BASED PRACTICE

Module 10: Other Common Uses of Statistics and the Need for Good Data

Ethical Issues in Statistical Practice

Breaches in research ethics typically occur in one of three main areas: protocol development, study implementation, and data analysis and reporting. The following is a list of things you can do to minimize risks:

Protocol development

  • Ensure that the data you plan to collect will very specifically address your research question.
  • Use valid tools and instruments to collect data.
  • Make sure your sample size and statistical analysis are justified and reasonable.
  • Choose a study team with appropriate expertise and experience or seek a mentor.
  • Eliminate or manage any conflicts of interest.
  • Carefully consider the inclusion and exclusion criteria for enrolling subjects.
  • Participant’s selection should be based on research requirements and not convenience or compromised position of certain types of people.
  • Conduct a risk-benefit analysis, examining physical, psychological, social, legal and economic risks.
  • Confirm that there is either a direct benefit to participants or a societal benefit of the research.

Study implementation

  • Collect study data in a private setting and manner.
  • Secure all data in accordance with HIPAA.
  • Restrict study records and data to authorized personnel.
  • Anonymity of participants and confidentiality of information must be maintained.
  • All confidential data should be stored in a locked cabinet, with authorized access.
  • Obtain identifying information (e.g., name, address, date of birth, medical record number, social security number) only when essential and if you do destroy identifying information as quickly as practical
  • Follow the protocols approved by the IRB: Do not deviate or change them without IRB approval.
  • Do not use any information collected for purposes other than research purposes

Data analysis and reporting

  • Usually, it is wise for the confidentiality and anonymity of research participants to be preserved by coding data or assigning individual participants with pseudonyms.
  • Do not fabricate or falsify data or results
  • Do not practice plagiarism.
  • Do not conduct endless analyses until one statistically significant result is found (fishing).
  • Do not trim or remove subjects indiscriminately.
  • Insure the identity of research participants is not recognizable in reports detailing study findings or in any presentation of findings.

HIPAA Protection

HIPAA rules regulate paper and electronic data equally. The HIPAA security Rule requires covered entities to protect against reasonably anticipated threats to the security of protect health information (PHI).

  • Technologies such as encryption software and firewalls are needed on computers and laptops.
  • Physical safeguards include keeping physical records and electronic devices containing PHI under lock and key.
  • Administrative safeguards included access control to limit who can view the information and security awareness training.

Protected Health Information, PHI (under HIPAA)

Protected health information is also referred to as personal health information- generally refers to demographic information, medical histories, test and laboratory results, mental health conditions, insurance information, and other data that a healthcare professional collects to identify an individual and determine appropriate care. If these identifiers are removed the information is considered de-identified protected health information, which is not subject to the restrictions of the HIPAA Privacy Rule.

  1. Names (Full or last name and initial)
  2. All geographical identifiers smaller than a state, except for the initial three digits of a zip code if, according to the current publicly available data from the U.S. Bureau of the Census: the geographic unit formed by combining all zip codes with the same three initial digits contains more than 20,000 people; and the initial three digits of a zip code for all such geographic units containing 20,000 or fewer people is changed to 000
  3. Dates (other than year) directly related to an individual
  4. Phone Numbers
  5. Fax numbers
  6. Email addresses
  7. Social Security numbers
  8. Medical record numbers
  9. Health insurance beneficiary numbers
  10. Account numbers
  11. Certificate/license numbers
  12. Vehicle identifiers (including serial numbers and license plate numbers)
  13. Device identifiers and serial numbers;
  14. Web Uniform Resource Locators (URLs)
  15. Internet Protocol (IP) address numbers
  16. Biometric identifiers, including finger, retinal and voice prints
  17. Full face photographic images and any comparable images
  18. Any other unique identifying number, characteristic, or code except the unique code assigned by the investigator to code the data

Learning Activity:

  • Complete the Module 10 Self-test.


Copyright © 2011; School of Nursing, University of Maryland, Baltimore

This website is maintained by the University of Maryland School of Nursing (UMSON) Office of Learning Technologies. The UMSON logo and all other contents of this website are the sole property of UMSON and may not be used for any purpose without prior written consent. Links to other websites do not constitute or imply an endorsement of those sites, their content, or their products and services. Please send comments, corrections, and link improvements to nrsonline@umaryland.edu.