At ACU, privacy ties closely to our mission and practise to support and protect an individual's right to dignity, self-determination, betterment, and a universal concept of privacy for all people.

Learn more about privacy on the ACU Privacy Hub


An individual’s right to privacy is a fundamental human right. As stated in the NHMRC Guidelines under section 95 of the Privacy ACT 1988, this is recognised in a number of international instruments, in particular, the International Covenant on Civil and Political Rights (Article 17) and the OECD Guidelines on the Protection of Privacy and Transborder Flows of Personal Data. Australia adopted the OECD Guidelines in 1984 and the principles in those guidelines were incorporated in the Commonwealth Privacy Act 1988 (Privacy Act), which deals with personal information privacy protection, a component of the broader concept of privacy. 

Medical research is important for providing information to help the community make decisions that have an impact on the health of individuals and the community. However, it should be carried out in such a way as to minimise the intrusion on people’s privacy. Optimally, this is done by obtaining the informed consent of participants prior to using their personal information. Where this is not practicable, de-identified information should be used. Where neither of these options are available, it may be that identified information needs to be used, even though consent of the individual or individuals has not been obtained, in order for the medical research to proceed.

If your research involves medical research, please read the below guidelines on how to protect privacy in the conduct of medical research.

China's Personal Information Protection Law (PIPL) is intended to protect personal information and to regulate how it is processed, including cross-border handling of personal information. This law may affect Australian providers, particularly when collecting and processing Chinese student data. Providers should review the PIPL requirements, and may need to seek legal advice.

Learn more


Confidentiality is the process of protecting an individual’s privacy. Researchers need to protect and respect participants rights and dignity by ensuring confidentiality and recognising the distinction between confidentiality and anonymity. The term anonymity is sometimes used incorrectly when referring to participants identities being suppressed in published material. This is confidentiality, not anonymity. If individuals are identified or potentially identifiable in the raw research data, then it is not accurate to refer to them as "anonymous", even if they are not identified in any publications. Anonymity refers to the participant’s identity and where responses cannot be identified, even by the researcher themselves. Thus, the participant has not given identifying information about themselves to the researcher, so the researcher does not know who has participated in their study and cannot identify who provided which responses. The National Statement on Ethical Conduct in Human Research (2023) states:

“Confidentiality is “the obligation of people not to use private information … for any purpose other than that for which it was given to them” Researchers can employ many methods to ensure participants identity is protected and kept confidential. Such as:

  • keeping records secure through the use of password protected computers or files,
  • Files containing electronic data are password-protected and encrypted (at least when data are transferred or transported).
  • locked doors/lockers and drawers.
  • Ensuring contact lists, recruitment records such as email addresses, phone numbers are destroyed when no longer required
  • Personal information, including consent forms, are stored separately from the data and personal information is destroyed as soon as reasonably possible
  • Ensuring all research personnel are trained in managing and storing research data/specimens
  • Access to master code lists is limited or restricted to key personnel
Considerations for protecting confidentiality

Many researchers are purchasing mobile apps or building their own app to interact with study participants. Even if the participant is asked to download a free app or provided monies for the download, the researcher is still responsible for disclosing potential risks. It is possible that the app the participant downloaded will capture other data stored or linked to the phone on which it is installed (e.g., contact list, GPS information, access to other applications such as Facebook). The researcher has the responsibility to understand known or potential risks and convey them to the study participant. Commercially available apps publish “terms of service” that detail how app data will be used by the vendor and/or shared with third parties. It is the researcher’s responsibility to understand these terms, relay that information to participants, and monitor said terms for updates. Additionally, it is important that the researcher collect from the app only the minimum data necessary to answer the research questions.

Many investigators wish to collect the IP addresses of survey participants to provide a method of determining whether the user has previously completed the survey. This is important to consider when conducting surveys, especially if the consent process indicates that a participant’s responses will be anonymous. When using Qualtrics, check the option to anonymise the data collection process and do not collect the IP address. If IP addresses are necessary to the research, include in the consent process that you will be recording this information.

Email notifications are generally not secure, except in very limited circumstances, and should not be used to share or transmit research data. Text messages are stored by the telecommunications provider and therefore are not secure. Data should be encrypted when “in-transit.”

The use of Zoom is not recommended. If the sessions are being recorded, the researcher needs to make sure the recordings are stored in a secure location. Our recommendation is to use Teams instead. In addition, researchers must ensure that anti-virus software is up-to-date, operating system are patched with newest versions, and access is limited. Sessions should be stored in a cloud service or a University managed server e.g. OneDrive, SharePoint or file servers.

  • Will Personal information be collected along with the data/specimens? What are the minimum Personal information necessary to conduct the research?
  • Coding Data/Specimens: Will Personal information be replaced with ID Codes when the data/specimen are collected/obtained (recommended)? If no, why not? If yes, will a master code list be used to link Personal information with ID Codes? How will the confidentiality of the master code list be protected?
  • Access to Clinic, Education, Program or Personnel Records for Research: How will researchers ensure only authorized persons access clinic or other private records that will be used for the research? How will researchers ensure confidentiality is maintained during the collection of private information from clinic or other records?
  • Electronic Records: How will researchers ensure electronic data are protected during data collection? Will participants completing online surveys be advised to close the browser to limit access to their responses?
  • Use of Translators or Interpreters: When data collection requires use of translators or interpreters who are not members of the research team, how will researchers ensure the confidentiality of the information collected?
  • In-person Interviews: What safeguards will be in place to maintain the confidentiality of data obtained through in-person interviews?
  • Focus Groups or Other Group Settings (schools, etc) What protections will be in place to minimise the possibility that information shared in a group setting is disclosed outside of the group or for purposes other than those described in study documents?
  • Internet Research: How will researchers restrict access to survey responses during data collection (e.g., restricted access, data encryption)?
  • Data Collection via Mobile Applications (apps): What data will be collected? (Research data? Other data captured from the device the app is installed on?) Will the data being captured be identifiable? How will the data be obtained (e.g., data sent automatically from the app or device via the internet, or manual export of data)? Where will the data be stored and how? (Encryption utilised? University devices, firewalls, etc. utilised?) In case of a commercial app, what is the app’s privacy policy and will the app have access to the research data? Do participants need to be trained on how to use their mobile devices (e.g., how to adjust security features on the device, how to use encryption, how to use virtual private networks)? Does the app require usernames and passwords? (If yes, are they generated by the user or by the researcher? What if a participant forgets their username and/or password?)

NOTE: Considerations for data storage apply both before and after analysis.

  • Retaining Personal information: Will Personal information be stored with the data/specimens? Why?
  • Access to Personal information: If Personal information will be stored with data/specimens, who will have access? If stored data/specimens are coded, who will have access to the master code list? When will the master code list be destroyed?

NOTE: Access to Personal information should be limited to researchers who require such access to fulfill research objectives. The master code list should be destroyed as soon as is feasible (e.g., immediately after data are cleaned).

  • Identification of Participants through Linked Elements: Will stored, coded data/specimens contain elements that may be used (alone or in combination) to link an individual with her/his data/specimens? This is particularly relevant to research with small cell sizes.
  • Storage of Electronic Records: How will researchers manage electronic data to protect confidentiality?
  • Audio, Video, and Photographic Records: What additional precautions will be used to protect the confidentiality of audio, video, or photographic records in that individual participants may be identified through voice analysis (audio and video) or physical characteristics (video or photographic images)?
  • Security of Storage Facility: Are the security features of the storage site (or storage mechanisms for electronic data) sufficient to ensure data confidentiality?
  • Inclusion in Clinical or Program Records: Will research data be recorded in permanent clinical or program records? If yes, what information will be recorded and why will it be recorded in these records?
  • Placement of Data in Repositories: What are the requirements of the repository related to file formats; data management and sharing plans; documentation of form and content; variable names, labels, and groups; coding; and missing data.
  • Presenting Data: How will data be presented to ensure discrete variables cannot be used (alone or in combination) to identify an individual? This is especially important for research with small cell sizes.
  • Geocoding and Mapping: For research involving geocoding and mapping, what precautions will be implemented to protect the identities of individuals in the sample populations? Is it possible the mapped information may stigmatise or provoke anxiety among the individuals living in specific locales identified on the map?
  • Secondary or Incidental Findings: Will participants (or affected, biological family members) be told about secondary or incidental findings? If no, why not? If yes, how and to whom will the disclosure be made?

Informing participants of confidentiality protections and limitations

In general, researchers are obliged to provide the level of confidentiality specified in the Participant Information and consent materials. Individuals are to be informed about the extent to which confidentiality of their data will be maintained during all phases of the study, including who will have access to the data, what security measures will be used, and where data will be stored. Extensive security procedures may be needed in some studies, either to give individuals the confidence they need to participate and answer questions honestly, or to enable researchers to offer strong assurances of confidentiality. Complete confidentiality should not be promised, however, unless personal identifiers have not been obtained or recorded.

There are ethical or legal limits to confidentiality, for example when a researcher obtains information subject to mandatory reporting, such as evidence of child abuse. If it is probable that information subject to mandatory reporting may be collected during the study, a researcher should state these exceptions to confidentiality in the Participant information and consent form. Researchers must tell participants about limitations on the protection of data confidentiality such as:

  • inspection of medical or research records by the HREC, sponsor or whoever else applicable;
  • mandatory reporting laws for communicable diseases; and
  • mandatory reporting laws for child or elder abuse or illegal activities.
Limits to Confidentiality for specific Projects

Some projects may not expect to keep participants' identities or their responses confidential; sometimes interviewees want their names associated with their responses. This practice is acceptable if research participants are made aware of whether or not their names will be associated with their responses and told of any inherent risks associated with such disclosure.

Researchers must tell participants:

  • how the information collected from/about them will be used (i.e., study purpose);
  • if personal information will be collected, and whether personal information will be disclosed in reports or publications resulting from the research;
  • who will have access to their personal information and the other information collected about them; and
  • the collection of audio, video, or photographic records. For the latter, researchers must obtain signed video/photo releases.

Participants may benefit from being told:

  • why the collection/retention of Personal information is necessary for the research;
  • if Personal information will be stored with the data or linked to the data via a master code list;
  • how long the researchers will retain their Personal information;
  • when data will be de-identified, or if not de-identified, when it will be destroyed; and
  • what procedures will be put in place to preclude unauthorised access to the research data.

Informing participants about secondary and incidental findings

When communicating the fundamental aspects of their research to the HREC and to participants, researchers must also consider whether study tests or procedures may reveal information about a study participant that is not the primary focus of the research but that may have clinical significance for the individual. Such findings may be secondary or to the research and anticipated or unanticipated.

Tests/procedures more likely to lead to secondary or incidental findings include large-scale genetic sequencing (e.g., whole genome sequencing, non-specific genomic analyses); non-discrete testing of blood and other biological specimens (e.g., metabolic panels); and imaging (e.g., MRI, CT, X-rays, ultrasounds).

Data use and Materials Transfer Agreements

When researchers are sharing data/specimens with other entities, whether as the provider or recipient, formal agreements may be warranted. Contact the University's Contracts team for establishing Data Use Agreements. Contact the University Data Management team for information about Transfer Agreements.

When applicable, investigators must attach a Research Data Management plan, approved Data Use Agreements and Materials Transfer Agreements to new projects or amendments (for newly added agreements) in Orion for HREC review.

Name Purpose Format Link
Research Data Management plan Use this template to provide detailed information on how you plan to manage, store and publish your data. .docx Download

Unauthorised disclosure of information

Investigators must inform the HREC immediately in the event of an unauthorised release or loss of participants' private or confidential information. If an accidental release of data or breach of privacy occurs:

  • data should be recalled immediately where possible.
  • where the researcher is a student, they must immediately inform their supervisor.
  • the Research Ethics and Integrity Manager should be consulted and a plan of action determined.

The HREC may determine the breach of confidentiality to constitute noncompliance and/or an unanticipated problem involving risks to participants or others.

For more information, see HREC information for reporting adverse events, incidents or accidents.

Page last updated on 23/04/2024

Service Central

Visit Service Central to access Corporate Services.

Other service contacts

Learning and Teaching
Request Something

Make a request for services provided by Corporate Services.

Request something
Knowledge base

Find answers to frequently asked questions 24/7.

See Knowledge Base