Additional information about Certificate of Confidentiality policies for NIH and other Institutes and Centers may be found at the NIH Office of Extramural Research:
Certificates of Confidentiality allow researchers to avoid the involuntary release of any portion of research records containing information that could be used to identify study participants. A Certificate of Confidentiality protects the investigator and anyone else who has access to research records from being compelled to disclose identifying information in any civil, criminal, administrative, legislative or other proceedings, whether federal, state or local. Identifying information is broadly defined as any item or combination of data about a research subject that could reasonably lead directly or indirectly, by reference to other information, to the identification of a research subject.
Certificates can be used to promote participation in studies by assuring anonymity to participants. Certificates will be issued only when the research is of a sensitive nature, where protection is judged necessary to achieve the research objectives. For instance, a Certificate of Confidentiality may be granted if disclosure could have adverse legal consequences or damage the financial standing, employability, insurability or reputation of the participant. The Certificate will help researchers avoid involuntary disclosure that could expose subjects and their families to adverse economic, psychological and social consequences.
Certificates of Confidentiality were originally authorized by a 1970 amendment to the Public Health Service Act to protect participants in research on substance abuse. The authority to award Certificates was vested with the secretary of the Department of Health and Human Services (DHHS). In 1988, the statute was broadened such that Certificates could be sought to protect individuals participating in biomedical, behavioral, clinical and other research, and the authority to issue Certificates was delegated to the Office of the Assistant Secretary for Health (OASH). With the reorganization of the OASH in 1996, its Certificate authority was decentralized to the NIH institutes, and the NIH director further delegated this authority to certain NIH officials (institute and center [IC] directors, deputy IC directors and executive officers). Each IC now has the option of issuing its own Certificates.
Types of Projects Covered
NIGMS issues Certificates for single, well-defined projects rather than for groups or classes of projects. An exception is for cooperative multi-site projects, in which a coordinating center or "lead" institution designated by the government program director can apply on behalf of all member institutions, and a single Certificate providing protection to all participating sites is issued. In this case, the application must list each participating unit, its address and the project director of the participating unit on the first page of the application. The lead institution must assure that all participating institutions conform to the application assurances and inform subjects appropriately about the Certificate, its protections and the circumstances in which voluntary disclosures would be made.
Extent and Limitations of Coverage
Certificates of Confidentiality can be used to cover biomedical, behavioral, clinical or other research. Refer to the Frequently Asked Questions in the NIH Certificate of Confidentiality Kiosk for more details.
Certificates of Confidentiality do not obviate the need for data security, however. Researchers should take appropriate steps to safeguard research results so that individuals having access to medical records (including those who may access the records with the subject’s consent) cannot access the research results or learn the identity of research participants.
Certificates protect against involuntary disclosure; however, information may be voluntarily released under certain circumstances. For example, research subjects may disclose or consent to the disclosure of information (including research information) in their medical records to an insurer, and researchers may not use the Certificate to refuse disclosure under this circumstance. In addition, researchers are expected to make arrangements with local and state authorities to satisfy communicable disease reporting requirements, and subjects should be informed of this possibility in the informed consent document. Moreover, Certificates do not authorize researchers to refuse to disclose information about subjects if authorized DHHS personnel request such information for an audit or program evaluation or if such information is required by the Federal Food, Drug, and Cosmetic Act.
With the exceptions noted above, it is important to keep in mind that the authority to resist compulsory disclosure provided by a Certificate supersedes any federal, state or local laws that require such disclosure.
Period of Coverage
Certificates are issued for a specific time period and protect all information that would identify research subjects who participate in the project during that period. Data collected while a Certificate is in effect remain protected after the Certificate expires and in perpetuity. The time period begins on the date of issuance of the Certificate or the commencement of the research, whichever is later. Generally, Certificates are effective on the date of issuance or upon commencement of the research project if that occurs after the date of issuance. The expiration date should correspond to the completion of the study. It is advised that applicants select a period of coverage that may overestimate, rather than underestimate, the time required to complete the project.
Extensions, Modifications and Amendments
Requests for extensions of Certificate coverage should be made 3 months prior to the expiration date. They should be accompanied by a justification, documentation of the most recent Institutional Review Board (IRB) approval, and the new expected completion date for the research project.
Modifications to existing certificates are encouraged where possible, rather than applying for new certificates, to simplify and expedited the process. Requests should be submitted when there is a significant change in the scientific scope of the study (e.g., different/additional intervention, change in study population), but are not necessary for operational aspects such as change in study personnel (other than change in PD/PI). Requests for modifications or amendments should be made 3 months prior to the needed date. These requests should be accompanied by a justification and documentation of the most recent IRB approval.
An amendment to an existing Certificate should be requested when a principal investigator relocates to a new institution.
Certificates are appropriate when the research information gathered is of a sensitive nature and protection is deemed necessary in order to achieve the research objectives while protecting the study participants’ confidentiality and privacy. Studies gathering information, the disclosure of which could reasonably be expected to lead to social stigmatization or job or medical/life insurance discrimination, would qualify for a Certificate. Projects eligible for Certificates must involve the collection of sensitive information that, if disclosed, could be damaging to an individual’s financial standing, reputation, insurability or employability. Federal funding is not a prerequisite. Examples of research projects relevant to the mission of NIGMS that would be eligible include, but are not limited to, the following:
Projects that are not research-based or research-related are ineligible for a Certificate of Confidentiality, as are projects that have not received IRB review and final approval. Projects are not eligible if collecting information that is not deemed to involve significant harm or damage to the subject if disclosed.
Application for Certificate of Confidentiality for NIGMS-Funded Projects
NIGMS uses a Web-based application process accessed through the NIH Certificates of Confidentiality Kiosk. This system will capture information (see below) as structured data elements that will be assembled to produce the ultimate Certificate of Confidentiality. The system will ensure consistent and comprehensive information about Certificate applications. Help is available throughout for technical and policy issues. Data collected includes:
Applications are reviewed and recommended for approval by the involved NIGMS program director and the staff review committee. Applications so recommended are forwarded to the director, NIGMS, for final approval and signature. Certificate requests that are not approved will be returned to the applicant with an explanation for the decision.
To obtain further information about Certificates of Confidentiality, to submit an application or to request an extension or amendment for an existing Certificate awarded by NIGMS, contact:
Erica Brown, Ph.D.Certificate CoordinatorNational Institute of General Medical Sciences45 Center Drive, Room 2AS.24F, MSC 6200Bethesda, MD 20892-6200Tel: 301-827-4499E-mail: email@example.com
To submit a Certificate request or to obtain an extension or amendment for an existing Certificate awarded by an NIH institute or center other than NIGMS, contact that IC's coordinator (available at the NIH Certificates of Confidentiality Kiosk) or contact:
Ann M. Hardy, Dr.P.H.NIH Extramural Human Research Protection Officer and Certificates of Confidentiality CoordinatorOffice of Extramural Programs Office of Extramural ResearchNational Institutes of Health6705 Rockledge Drive, Room 3002Bethesda MD 20892Tel: 301-435-2690 E-mail: firstname.lastname@example.org
This page last reviewed on
6/9/2017 2:35 PM
Connect With Us: