Privacy and Confidentiality

The following information is to assist users of the PIEL Data app in providing appropriate information to their institutions and ensuring compliance to any regulatory requirements. Most of the Privacy and Confidentiality features are similar the the PIEL Survey app. For information regarding the PIEL Survey app, please see the specific information.

In this summary, we use the term 'Researcher' for the person who is primarily responsible for conducting the survey project. We recognise that this person may in fact be a therapist but the term 'Researcher' is used for convenience. A 'Participant' is the research subject or patient, the person who responds to the surveys. Institutions will have a process for approval of research or therapeutic projects. This will often include an Institutional Review Board (IRB) or Ethics Committee. We will use the term 'IRB' to refer to these approval processes.

The requirements of IRBs will differ based on the sensitivity of the data collected, whether the subject is identifiable, the effectiveness of informed consent and whether there is potential harm to the subject. Furthermore, there is often a layer of government legislation and regulation which may need to be followed. This will differ in each country.

Please contact us if you need further information.

Data Collected

The Researcher fully controls the import of data into the PIEL Data app and fully controls if, when and how the data is transmitted.

The PIEL Data app does not collect any data apart from the data imported by the researcher.

Data Storage

The PIEL Data app only uses device storage and is protected by device encryption. We can provide the following assurances.

  1. The PIEL Data app does not use a remote server or database.
  2. The data is saved on the Researcher's device and can only be transmitted when the Research exports the data and shares it using the chosen method.
  3. All data can be deleted by the Researcher at any time, using commands within the app or by deleting the app from the device.
  4. The user interface makes it clear when there is data stored on the device.

Data Transmission

A key feature of the PIEL Data app is that the Researcher has complete control over when and if data is transmitted or transferred.

  1. No data is transmitted or transferred from the device unless the Researcher emails it or connects the device to a computer for file-sharing. In both cases, the active cooperation of the Participant will be required. The PIEL Data app does not upload or backup of data to a remote server or to a cloud service.
  2. The Data File is encrypted by the operating system and can only be exported once the device is unlocked.
  3. Once the device password is entered and the Data File is exported, the Data File is no longer encrypted. However, this file has limited information. It does not contain the text of the questions; they are identified only by question number. With one exception, the answers are saved as one or more numbers which correspond to the answer options as set in the Control File. The exception is 'text' questions. The answers to 'text' questions will be saved as text. Thus the data for all questions other than 'text' questions is unintelligible without the Control File. The participant identification should also be chosen to be unidentifiable. Is should be noted that the Control File is not transmitted or transferred from the device at any time (in fact it is deleted once imported).
  4. If encryption during sending of the Data File is required, the email account on the device should be setup to use SSL/TLS security using setting from the email provider. This is usually the default setting of email software.

Data Disclosure

There are many ethical and regulatory questions relating to disclosure of data. Since the PIEL Data app does not provide a web or other interface to the data, these requirements are the responsibility of the Researcher. The Data File is provided directly to the Researcher by email or file sharing. It is a transaction between the Participant and Researcher. Access to the data after that point is controlled by the Researcher.

Further Protection

The Researcher can consider the following protections as another layer of security.

  1. The Participant's ID should be an unidentifiable ID, not their name. Even the name of the project and Researcher can be an unidentifiable ID if you wish, or even omitted altogether.
  2. The Control File and the Data File should be stored in secure locations. The Data File will often not make much sense without the Control File. You may consider storing them in separate locations.
  3. The device should be password protected with a strong password.
  4. Participants can choose to use encrypted email (SSL or TLS) to send the Data File.
  5. The Researcher should take care that the email server is secure and that they take appropriate precautions with the data once received from the Participant. Universities usually have strong protections in place for their email servers and Researchers should confirm this.
  6. If you have any concerns about email transmission or your email server security, a secure method of obtaining the Data File is file transfer by directly connecting the Participant's device to the Researcher's computer.

Marketing

We can provide the following assurances.

  1. There is no marketing material or request for donations within the PIEL Data app.
  2. The PIEL Data app receives no sponsorship from commercial entities in exchange for advertising or data.
  3. The PIEL Data app does not have access to any personal details of users unless they initiate contact (for example using the contact form on the PIEL Survey website).
  4. No third party (apart from the Researcher and Participant) has access to the Control or Data Files through the PIEL Data app or website.

General Data Protection Regulation (GDPR)

The GDPR is a regulation of the European Union and European Economic area covering data protection and privacy. The underlying principle is that individuals should have control over their personal data and be protected from unauthorised use of their personal data.

The PIEL Data app meets the requirements of GDPR. In fact, the design features of the app are ideally suited to data privacy and protection and the protections provided by GDPR.

  1. The PIEL Data app gives Researchers full control over their data.
  2. The data is encrypted and stored on the Researcher's device. Specifically, there is no external data server.
  3. No data is transmitted automatically or in the background.
  4. When the data is transmitted by the actions of the Researcher, the data is no longer encrypted but the participant controls the process, the content and the recipient.
  5. Data is only processed by the Researcher using the PIEL Data app on their device.
  6. No data is sent to Blue Jay Ventures or any third party.
  7. The Researcher can delete their data at any time, either from within the PIEL Data app or by deleting the app from their device.

The main issues relating to GDPR will relate to how Researchers receive and process the data received from participants, not the PIEL Data app itself.

The Health Insurance Portability and Accountability Act of 1996 (HIPAA)

The US Congress incorporated a number of provisions into The Health Insurance Portability and Accountability Act of 1996 (HIPAA) that mandate the adoption of Federal privacy protections by certain entities. These protections cover the privacy and security of Protected Health Information (PHI). PHI is any individually identifiable health information held by a covered entity that concerns health status, provision of health care. They concern how data is stored, used, disclosed and transmitted.

We recommend that Researchers refer to this useful summary provided by the U.S. Department of Human & Health Services. The information provided above should aid Researchers in determining the requirements that apply to their project and whether they meet those requirements. However, we make the following observations.

  1. The PIEL Data app does not add any personally identifiable information. If the Researcher does not provide identifiable information in the Control File nor ask questions which result in identifiable information, the Data File will not contain PHI.
  2. The only data storage by the PIEL Data app is on the Participant's device. There are several layers of protection for the Participant as described in the above sections.
  3. There is no transmission of data without specific actions of the Participant.
  4. More specifically, patient initiated communication such as email is permitted.
    "Patients may initiate communications with a provider using e-mail. If this situation occurs, the health care provider can assume (unless the patient has explicitly stated otherwise) that e-mail communications are acceptable to the individual. If the provider feels the patient may not be aware of the possible risks of using unencrypted e-mail, or has concerns about potential liability, the provider can alert the patient of those risks, and let the patient decide whether to continue e-mail communications." U.S. Department of Health & Human Services

Revised: 18 June 2023