The following information will help you understand the difference between these frequently misunderstood terms and how better to protect participants' private information.
You do not know or collect any identifiers (e.g., name, address, telephone number) that link responses to a specific individual. Even you, the researcher, do not know the identity of the respondent.
Data you collect in person (e.g., interviews, video-recording, etc.) can never be "anonymous." If you record a list of codes associated with identifiers (e.g., names), those data are not anonymous.
If a combination of indirect identifiers (e.g., gender, race, age, etc.) associated with the study could identify or reidentify a specific individual, particularly with small samples, you should not call your study data anonymous.
When data are not anonymous, participants may experience risk if a breach of confidentiality occurs and their identifiable information is released without their permission.
Direct Identifiers: See here for the 18 personal identifiers designated by HIPAA, as well as a definition of PHI (Personal Health Information).
Indirect Identifiers: Even when you do not collect direct identifiers (see above), a combination other data could reveal an individual's identify, especially with small sample sizes: gender, age, race/ethnicity; size of town, community character (e.g., industrial, agricultural center, suburban, education community, etc.), and general location; characteristics of family structure (size, sex distribution of children, ages, marital evolution); details of personal characteristics or expressions of individuality.
Confidentiality refers to how researchers handle data, and represents an agreement (via informed consent, written or oral) between you and potential participants that their individual responses and identities will not be disclosed beyond the research team unless they have agreed otherwise (preferably in writing).
You cannot always guarantee absolute confidentiality, however, and must inform participants of this. For example, you cannot control whether members of a focus group share others' information. Or, in the case of a participant complaint, the IRB may need to review data and possibly consult with appropriate University officials (e.g., University Legal counsel). You also must comply with applicable mandatory reporting laws, such as if a participant expresses the intent to harm self or others. Seattle University faculty and staff must also follow FAQ on Updated Title IX Guidance.
If you collect or transmit data online (e.g., online surveys, Zoom interviews, etc.), a low risk of a confidentiality breach exists. You can minimize this risk by encrypting data transmission. You also must store data securely to prevent, where possible, identification of individuals. Do not store materials on personal devices, even if password protected. Should you lose the device, unauthorized access risks disclosure and breaching confidentiality assurances. Additionally, (rarely) SU administration (or a faculty adviser, if applicable) may need to access your raw data. Thus, the SU IRB indicates storing all research data on SU-supported drives such as OneDrive or Teams.
"Privacy" refers to an individual’s control over the extent, timing, and circumstances of sharing personal information (physical, behavioral, or intellectual). Privacy pertains to people whereas confidentiality pertains to data; privacy is a right that can be violated whereas confidentiality is an agreement that can be broken. You must protect participants’ privacy during study recruitment and data collection.
You may not collect data (words, behavioral observations) without permission, when an individual has an "expectation of privacy" (the reasonable expectation that no observation or recording is taking place). An individual would not have an expectation of privacy if engaging in loud conversations or actions on public transit; however, in a classroom or church setting, for example, a person would not expect someone to record notes for research purposes.
Study data: Never gather more data than necessary to answer your research question(s). Ask yourself, "What data is relevant to this particular study and provides information to further my research question?" For example, when collecting demographics, is specific age necessary, or could you ask for an age range? Is marital status or race/ethnicity directly relevant to the project? If not, do not collect extraneous information.
Recruitment: With "snowball sampling," provide potential participants with study information that to forward to others who may be interested in the study. Potential or actual participants should never give you names/contact information of other potential participants without their permission.
Informed consent process: Clarify to participants how their data will be kept confidential, including:
Web-based surveys: (e.g., Qualtrics) Such online surveys can allow for anonymous data collection, only if you disable the feature collecting IP (internet protocol) addresses, in addition to not collecting enough indirect identifiers (gender, age, race, work‐site, etc.) to identify specific individuals, particularly with small, unique populations. Do not tell potential participants that the study will be "anonymous" if you have not taken necessary steps to disable IP collection.
Reporting results: (e.g., in a research article/paper, report, presentation, news release, etc.). No time limit exists on the confidentiality of participant information. You cannot identify participants without explicit permission, and direct quotes/descriptive information could reveal an individual's identity.
Data withdrawal: If your data is not truly anonymous (that is, neither you, nor anyone else can link participants to responses), you must always provide participants with the means and right to withdraw their data at a future time. Be sure you provide updated contact information on the consent form, so participants may contact you, if they wish their data removed from the study.