Get in touch

Thank you! Your submission has been received!
Something went wrong while submitting the form.

Surveys, Consent, and Personal Data: Who’s Responsible?

Define your local middle market, plan for expansion, and so much more

Previously, we’ve written about the pros and cons of anonymous surveys. We are finding a definite trend towards organizations wanting to perform non-confidential surveys. This desire is being driven by a want for real-time feedback and the ability to act on the data received. There are certainly major benefits to being able to respond in this way, as well as some associated challenges. For instance, a major survey provider recently suffered a data breach that could put their research partners at risk by exposing the personal information that was gathered from respondents. Non-confidential surveys come with an added responsibility – that of respondent informed consent.

In the academic research world, it is best practice to give potential research participants certain information about the research study and how the data collected will be used. It is expected that people will only participate in a study once they understand more about the research and, usually, research participants are asked to indicate their “informed consent” to participate either verbally or in writing.

In the public space, verbal or written informed consent from a study respondent is rarely used. Just imagine if you had to sign an informed consent form every time you took a customer satisfaction survey from your local fast-food restaurant or grocery store chain! Those types of surveys often include a minimal informed consent statement, because the information collected and the data used is generally meaningless outside of the consumer experience. That sentiment changes when the experience being assessed relates to a person’s health and well-being, especially if the survey being conducted does not protect the respondent’s anonymity and is non-confidential.

When conducting a non-confidential satisfaction and engagement survey in a health care setting, such as a senior living community, three parties ultimately assume the responsibility (and commensurate risk) of protecting the information and data collected.

  1. The aging services provider conducting the survey assumes the first level of responsibility. After all, they are the entity seeking feedback. The management team must have a full and complete understanding of the survey being administered, what the outcome of the study will be, and how the data collected will be used in the future. In an anonymous survey, the findings are usually aggregated, protecting personal identity while giving actionable data across the organization.For example, one finding might be, “Residents believe our menus are too limited, so we need to expand menu options.” This is good, actionable feedback, and the provider doesn’t necessarily need to know who provided it to take action. This is helpful, actionable information that drives improvement while taking on little risk.
  2. On the other hand, a non-confidential survey might result in a statement like, “Due to my Celiac Disease, I can’t eat many of the dining options. We need more variety. Thanks for asking our thoughts! ~ Mrs. Jones.” Now, the organization has identifiable health information contained within the survey, which may be covered by HIPAA regulations. The way in which this data is shared and stored must be carefully managed, all under the watchful eye of the conditions laid out in the informed consent statement provided to the respondent at the beginning of the study.
  3. The survey company assumes the next level of responsibility. These organizations should consult with their clients to construct an informed consent policy that meets the needs of the research partner, as well as protect the rights of the survey respondent. The result of that conversation should be an ethically sound and well-constructed consent statement. Then, the surveyors must ensure that the rules of the informed consent statement are followed, including the requirements of data integrity and protection following the survey (such as HIPAA). In the case of anonymous surveys, this may include aggregation thresholds, such as not showing a report for a subsection of the population that could be identified due to a small sample size.
  4. The final responsibility lies with the survey respondent. If they don’t feel that their feedback and information will be used in an appropriate manner, they shouldn’t respond to the survey. This is generally the reason that providers will choose an anonymous survey over a non-confidential survey, as it grants more protection for the respondent and allows the organization administering the survey to assume less risk.

Ultimately, all of the parties involved in a survey must understand and agree on the informed consent statement. If it is written properly, every party will be protected and solid, actionable data will be collected. If, however, ethical standards aren’t applied and informed consent standards aren’t followed, there could be negative consequences (lack of anonymity, data breaches, etc.)

If you’re in the market for surveys, make sure to ask your survey provider about how they handle informed consent and their recommendations surrounding survey confidentiality. A good research partner will assist you in building an informed consent statement that not only protects you and your respondents, but also gathers the actionable feedback that you desire.

Contact Holleran

Looking to get in touch with someone at Holleran? Complete this form and we’ll be sure to respond!

Thank you! Your submission has been received!
Something went wrong while submitting the form.