Best Practices for Protecting Participant Data (DDN2-J08)

Description

This job aid presents step-by-step instructions on how to protect participant data collected through design research by preserving confidentiality, obtaining free and informed consent, and maintaining data security.

Published: April 23, 2024
Type: Job aid

Download as PDF (569 KB)

Best practices for protecting participant data in user research

This job aid contains step-by-step instructions for managing participant's data, preserving their confidentiality, documenting free and informed consent, and maintaining data security.

Purpose

Use this job aid for compliance with research ethics' requirements for your primary design research.

Desired outcome

developed data management plan for design research
data protection tasks and processes integrated into design research stages

When to use

Use this job aid at the research planning stage, when you conduct research and after your research is completed.

Pairs well with

Research Planning Checklist (DDN2-J10)

How to use

Refer to the design research stages to identify processes to follow at each stage.
Go through the checklist and identify existing resources as well as processes you need to develop. Checkmark the finished tasks and locations of the documents.
Regularly review and update your data protection practices ensuring that they remain effective and compliant with any relevant laws or regulations.

Learn more: https://www.nngroup.com/articles/privacy-and-security/

Design research stage

Plan

Create a data management plan.
User the checklist to verify if all needed components of the plan are developed.
Obtain free and informed consent from the participants.

Conduct + Complete

Maintain participants' anonymity all the time.
1. Do not include any identifiable information about participants in recordings and notes.
2. Use participants' codes or credentials created for the research.
3. Do not share identifiable data.
Follow plan for secure data storage and sharing.
1. Consult your organization policies and regulations on information security.
2. Use clear folder and label system to easily find the data you need.

Complete

Securely delete the data when they are no longer needed.

Checklist

Step 1: Go through the checklist and identify existing resources as well as processes you need to develop. Checkmark the finished tasks and locations of the documents.

Checklist
Processes / documents	Description	Pre-existing	Development required	Document location
1. Data Management Plan
a. Data collection process	What data you plan to collect Processes to collect the data safely and securely How you plan to use the data
b. Data storing	Where, how and for how long the data will be stored How the data will be organized
c. Data protection	How the data will be encrypted Access for what data will be restricted and to whom
d. Data sharing	Ways to securely share the data With whom the data is shared and for what purpose
e. Data removing	Which data and when is removed
2. Plan to follow in case of data breach	Consult your organisational resources
3. Consent form

Step 2: Regularly review and update your data protection practices ensuring that they remain effective and compliant with any relevant laws or regulations.

Source: Visit Maintaining the Privacy and Security of Research Participants' Data to learn more.