Not a member? Become one today

Menu

Code of Conduct

Explanation of Key Principles

D. Market Research Tenets

Informed Consent

3.32

Members MUST ensure that MR subjects give their informed consent before information is collected from them.

"Cooperation is voluntary and MUST be based on adequate, and not misleading, information about the general purpose and nature of the project when their agreement to participate is being obtained and all such statements shall be honoured."
 

ESOMAR state that consent must be:
  • Free (voluntary and able to be withdrawn at any time); 
  • Specific (relating to one or more identified purposes); and 
  • Informed (in full awareness of all relevant consequences of giving consent).
http://www.esomar.org/uploads/public/knowledge-and-standards/codes-and-guidelines/ESOMAR-draft-Data-Protection-Checklist-September-2014.pdf
Only personal data that is necessary to the research process MUST be collected.

In Germany informed consent should be refreshed at regular intervals (e.g. 6 monthly intervals) if long term or longitudinal research is being undertaken. 

 


3.33

Information detailing an individual’s physical or mental health is classified as ‘sensitive personal data’ under the Data Protection Directive and requires explicit consent for its use.


3.34

Specific consent is not required for the use of anonymised and non-attributable responses.


3.35

Informed consent guarantees MR subjects the right not to participate and the right to withdraw from the interview at any time. This right MUST be made very clear to children.


Confidentiality and Anonymity

3.37

It MUST be clear to MR subjects that all personal data collected during a market research project will be treated confidentially and are purely for the purposes of market research unless averse event reporting is required and separate consent for transfer of personal data for this purpose has been given.


3.38

MR subjects' anonymity MUST be strictly preserved. It is important to note that withholding a MR subject’s name is not necessarily sufficient to protect their anonymity especially when MR subjects belong to small high profile universes.  For further information see the ICO’s ‘Anonymisation: managing data protection risk code of practice’ http://www.ico.org.uk/for_organisations/data_protection/topic_guides/anonymisation


3.39

Researchers MUST ensure that information identifying the MR subject (e.g. recruitment questionnaires, attendance lists) is not passed to the client without the MR subject’s explicit consent. Requesting consent to pass on MR subject's personal data to the client (and consequently passing on personal data) is always forbidden in Germany.  


3.40 Agencies must not identify the client or any confidential client data without the client's consent except if there is a legal obligation to do so.

Waiving Right to Confidentiality

3.41

The MR subject's right to confidentiality can be waived by the MR subject if specific consent has been sought and granted providing MR subjects have been made aware of:

  • To whom they will be identified
  • What will happen to the information they give
  • What, if anything, will happen to them as a result of this waiver
In Germany MR industry guidelines prohibit asking MR subjects to waive their anonymity/confidentiality.

Separating Personal and Research Data

3.41

In Germany MR industry guidelines state that personal data MUST be separated from interview data immediately by the research agency, after this the only link allowed between the two is a common code number. The address data – name, postal address, telephone number, email address – MUST be destroyed at the earliest possible time i.e. once quality control checks have been completed. Personal data cannot under any circumstances be passed to a client, there are no exceptions or waivers allowed.

ADM Key Problems in the Data Protection Laws and Professional Laws for Scientific Survey Research Aug 2009 http://www.adm-ev.de/fileadmin/user_upload/PDFS/Kernprobleme_E.pdf


Patient Confidentiality

3.42

Physicians have a duty of confidentiality towards their patients.  Information about a patient may be obtained for market research from patient records without patient authorisation only if these data are fully anonymised and in the USA meet the de-identified criteria within HIPAA (see 19.3 or www.hhs.gov/ocr/privacy/index.html Aug 2009) or as permitted by the HIPAA Privacy Rule provisions related to research or a "limited data set” or if the patient has given explicit authorisation.


« Previous Next »

Advertise with EphMRA

Web site (home page) banner, eNews adverts and Conference sponsorship/advertising packages are available - all tailored to suit your needs.

Find Out More