Chapter 33: Confidentiality and privacy

Tess Tsindos

Learning outcomes

Upon completion of this chapter, you should be able to:

  • Describe confidentiality and privacy.
  • Understand how to ensure confidentiality and privacy in research.
  • Identify the strengths and limitations of confidentiality and privacy.


What is confidentiality?

Confidentiality is an agreement to keep something private or secret. In research, it follows on from consent in that seeks to protect participants’ identifiable data. When participants provide informed consent to the researcher, an agreement is formed that the participant’s identifying information will not be available to anyone outside the research team unless specifically agreed to.1

Identifying information includes names, personal information and responses to the research. Any private information about a participant that they do not want shared with others is considered confidential.2 Researchers should provide the highest level of confidentiality, which includes defaulting data status to anonymous, ensuring participants provide informed consent and enabling participants to review and correct their data.2

There are many laws, regulations and conventions that must be adhered to when conducting research, and confidentiality is covered under these legal requirements. In Australia, these include federal legislation such as The Privacy Act 1988 (Cth), and state and territory regulations that apply where the research is conducted, such as The Health Records Act 2001 (Vic.). The National Statement on Ethical Conduct in Human Research (2007) (National Statement)3 sets out guidelines for research with humans, in accordance with the National Health and Medical Research Council Act 1992 (Cth).

Universities, hospitals and other healthcare organisations have ethical guidelines for research, protocols for research governance and human research ethics committees, all of which include confidentiality and privacy as an important consideration. For example, Monash University has published A Guide to Good Research Practice4, which provides staff and students with the latest national and international guidance for ethical and responsible conduct in research. The Australian departments of Defence and Veterans Affairs have a joint human research ethics committee to approve any research undertaken with or about current and past defence personnel and their families. Private organisations such as Bellberry Ltd5 act as human research ethics committees for researchers who are conducting their research outside the academic and hospital sectors. When research studies are approved by a research ethics committee, the confidentiality considerations are fully scrutinised.

The importance of ensuring confidentiality cannot be overstated for researchers and healthcare practitioners, and there are many ethical challenges associated with confidentiality. An example is a paper by Duncan and colleagues6, in which a researcher interviewed a 15-year-old participant. The researcher assured the young man that his answers were confidential, and the participant told the researcher that he did not want his mother to know about the interview. During the interview, however, the participant disclosed issues with adhering to medication that caused the researcher to question whether these issues should be disclosed to the participant’s mother and treating physician.

After lengthy discussion with the research team and examining all possible options, the researcher telephoned the young man and suggested that he tell his mother about the medication adherence issue. The ethics committee that approved the research was also notified of this ethical grey area and how it was resolved. Ultimately, the research team remained unsure that they had made the correct decision about maintaining confidentiality. They were not sure whose interests were being served by maintaining confidentiality. It is important that researchers are acutely aware of issues regarding confidentiality and autonomy when undertaking research with young people and hard-to-reach groups (see Chapter 31).

In a study by Veness and colleagues, more than 8000 public complaints to regulators, citing concerns about healthcare providers and confidentiality, were examined. The study found that mental health practitioners had significantly higher rates of complaints than other health practitioners about confidentiality.7 The authors suggested that this may be due to the frequency with which mental health practitioners discuss patient care with others. They also suggest, however, that the findings may be indicative of practitioners’ failure to explain the limits of confidentiality. Confidentiality with focus groups is discussed later in the chapter.

Families can also influence confidentiality arrangements, such as when participants have not given permission to share their confidential genetic information with family members. An example is a study by Dheensa and colleagues8, in which researchers encounter a participant with prostate cancer and a family history of breast cancer. The researchers needed to consider if and how information about the BRCA2 mutation could be confidentially communicated to the participant’s sister. In the same example, a research participant could breach confidentiality if they shared health information about another person with a heathcare professional without that person’s consent.

The number of people recruited to a study can also play a role in undermining confidentiality. In a study with younger people9, Taylor and colleagues found the number of participants recruited to the study was considered too small by some specific departments that were involved in recruitment. The concern was that participants could be identified on the basis of their responses, and the departments refused to participate in the study.

While confidentiality can appear to be straightforward, as with any ethical issue, there are many ambiguities and nuances that researchers need to be able to work through successfully.

What is privacy?

In research, information privacy is the right to control how one’s personal information is collected, used or disclosed. Privacy is acknowledged as a fundamental human right in Australia.10 According to The Privacy Act 1988 (Cth), personal information includes but is not limited to any personal information that a health service provider collects, including health records, wishes about future health services, genetic information and research data.

When conducting research, the primary concern is ensuring participants’ involvement in research is protected and the appropriate settings are considered for recruitment, enrolment and data collection.1 Researchers need to collect some personal information from participants, but human research ethics committees usually recommend that the only data collected should be that which is necessary for the research. Exemptions from specific requirements of the Privacy Act may be approved by a human research ethics committee; however, such exemptions are rarely sought for qualitative research studies because participants usually participate with the understanding that their information and status will remain private as written in the patient information and consent form provided to participants. Privacy can be ensured by only collecting personal information that is necessary for the study, and collecting that information in a considered manner. Up-to-date data systems, policies and document management protocols can ensure the quality of privacy in research.

In a systematic review of the perception of respect for and dignity of inpatients11, the authors found that violations of patients’ dignity and privacy were fairly routine. One example of a privacy violation included providing a patient list to third parties for religious visits, without consent.11 While this may be a regular practice, it is also a violation of privacy if the patient has not consented.

Perdue University in the United States has developed an excellent infographic1 that explains the differences between confidentiality, privacy and anonymity.

Strengths and limitations of confidentiality and privacy

Confidentiality and privacy are enshrined in research activities as being of the utmost importance to researchers and participants. When done properly, participants can be assured that their private information will not be shared without their consent, and they will not be identifiable in research results. A high level of concern for confidentiality and privacy can lead to greater trust between researchers and participants. Australian government organisations such as the Australian Bureau of Statistics and the Australian Institute of Health and Welfare (AIHW) use the Five Safes Framework12, an internationally recognised approach to considering strategic, privacy, security, ethical and operational risks. The Framework is produced in Table 33.1.  While not all research data needs this level of scrutiny for privacy and confidentiality, the Framework is a good starting point for considering whether research data is private and secure.

Table 33.1: The Five Safes Framework

Dimension Meaning Potential risks to be mitigated
Projects Is the use of the data appropriate?
AIHW Interpretation: Use of the data is legal, ethical and the project is expected to deliver public benefit.
• Breach of data supplier requirements
• Breach of AIHW Ethics Committee collection/project approval conditions
• Project is not expected to deliver public benefits commensurate with risk
• Project design unlikely to meet stated objectives
• Consent arrangements are unlawful
• Using AIHW data for this project is outside community expectations.
People Can the users be trusted to use it in an appropriate manner?
AIHW Interpretation: Researchers have the knowledge, skills and incentives to act in accordance with required standards of behaviour.
Users of the data:
• are subject to a conflict of interest
• are subject to incentives to breach terms and conditions
• are inexpert in the subject matter
• have insufficient statistical skills to analyse the data effectively
• and/or their organisation are unlikely to be able to manage data breach risks effectively
• and/or their organisation have a history of breaching terms and conditions.
Data Is there a disclosure risk in the data itself?
AIHW Interpretation: Data has been treated appropriately to minimise the potential for identification of individuals or organisations.
• Identifiers are not removed
• Data include variables not required for the project
• Data include records not required for the project
• Data treatments are insufficient to prevent disclosure of personal information (Privacy Act)
• Data treatments are insufficient to prevent attribute disclosure
• Data treatments are insufficient to prevent identification of an information subject (AIHW Act s.29).
Settings Does the access facility prevent unauthorised use?
AIHW Interpretation: There are practical controls on the way the data is accessed – both from a technology perspective and considering the physical environment.
Data are:
• lost, intercepted or disclosed during transmission to the setting (data/privacy breach)
• subject to unauthorised access at the setting (data/privacy breach)
• used for purposes beyond those approved (including linking to other data)
• removed from the approved setting
• not destroyed on completion of the project.
Output Are the statistical results non-disclosive?
AIHW Interpretation: A final check can be required to minimise risk when releasing the findings of the project.
• Outputs do not meet confidentiality requirements
• Outputs are released without required data supplier approval
• Output treatments are inconsistent with those of data already released.

"The Five Safes framework" by Australian Institute of Health and Welfare (AIHW) is licensed under CC BY 4.0

Confidentiality has limitations. Researchers must respect the promise of confidentiality while disseminating results that participants may fear might identify them. It is not uncommon for researchers to discover that participant concerns around privacy and confidentiality are barriers to recruitment.13

Focus groups pose an increased risk to privacy and confidentiality because participants may identify themselves and provide private information in the group setting. Focus group guidelines (see Chapter 14) about privacy and confidentiality should be made clear before discussion commences.

Some of the limitations of privacy include the use of digital platforms. Data leaks and the ability to identify participants are potential risks.14 With more research being conducted online and recruitment taking place through social media, there is greater risk of privacy breaches. Recruitment through a social network on Facebook (Meta), for example, poses many issues for privacy because internet provider (IP) addresses could be used to identify participants, and the phrases people use in their posts and comments could be searched to identify participants.15


Confidentiality and privacy are core ethical principles for researchers and must be clearly discussed with participants. Regulations must be followed, and approval must be sought and provided by human research ethics committees. While there are limitations to confidentiality and privacy, when researchers follow regulations and guidelines, they can assure participants that their information will be safe.


  1. Holland, HM and Linvill, JS. Important considerations for protecting human research participants, Dimensions of Discovery July–August 2019. Purdue University. Accessed July 3, 2023.
  2. Bos J. Confidentiality. In: Jaap Bos (ed.), Research Ethics for Students in the Social Sciences. Springer; 2020. doi: 10.1007/978-3-030-48415-6_7
  3. The National Health and Medical Research Council, the Australian Research Council and Universities Australia. The National Statement on Ethical Conduct in Human Research (2007) (National Statement). Commonwealth of Australia, Canberra. Accessed July 3, 2023.
  4. Monash University. A Guide to Good Research Practice. Accessed July 3, 2023.
  5.  Bellberry Ltd. Supporting research and ethics. Accessed July 3, 2023.
  6.  Duncan RE, Drew SE, Hodgson J, Sawyer SM. Is my mum going to hear this? Methodological and ethical challenges in qualitative health research with young people. Soc Sci Med. 2009;69:11. doi:10.1016/j.socscimed.2009.09.001.
  7.  Veness BG, Tibble H, Grenyer BF et al Complaint risk among mental health practitioners compared with physical health practitioners: a retrospective cohort study of complaints to health regulators in Australia. BMJ Open. 2019;9:e030525. doi: 10.1136/bmjopen-2019-030525
  8.  Dheensa S, Fenwick A, Lucassen A. Approaching confidentiality at a familial level in genomic medicine: a focus group study with healthcare professionals. BMJ Open. 2017;7:e012443. doi: 10.1136/bmjopen-2016-012443
  9.  Taylor RM, Fern LA, Aslam N et al Direct access to potential research participants for a cohort study using a confidentiality waiver included in UK National Health Service legal statutes. BMJ Open. 2016;6:e011847. doi: 10.1136/bmjopen-2016-011847
  10. Australian Government Office of the Australian Information Commissioner. Your Privacy Rights. Accessed July 3, 2023
  11. Eduardo Pereira Dutra P, Quagliato LA, Nardi AE. Improving the perception of respect for and the dignity of inpatients: a systematic review. BMJ Open. 2022;12:e059129. doi: 10.1136/bmjopen-2021-059129
  12. Australian Institute of Health and Welfare. The Five Safes Framework; 2023 Accessed July 3, 2023.
  13. Croff R et al Including older rural adults in research: Practical guidance for addressing the NIH Inclusion Across the Lifespan policy. J Clinl Transl Sci. 2020;4(5):431-436. doi:10.1017/cts.2020.12
  14. Motti VG, Berkovsky S. Healthcare privacy. In: BP Knijnenburg, X Page, P Wisniewski, HR Lipford, N Proferes, J Romano (eds.). Modern Socio-Technical Perspectives on Privacy. Springer; 2022. doi: 10.1007/978-3-030-82786-1_10
  15. Bernhard D et al Facebook and online privacy: attitudes, behaviors, and unintended consequences. J Comput Mediat Commun. 2009;15(1):83-108. doi:10.1111/j.1083-6101.2009.01494.x