Medical research and clinical trials have long been relied on as means of obtaining useful, accurate data to learn more about diseases and their potential treatments. Patients who elect to contribute to these efforts by sharing their health information offer a highly valuable service to the medical community—and society as a whole. But this exchange of information prompts some participants to wonder whether enough is being done to protect their privacy.
An effective privacy program requires an effective auditor, as is explained by ISACA® Journal columnist Cindy Baxter in the “The Relationship Between Privacy and Research” episode of the ISACA® Podcast. “An IS auditor examining criteria, understanding where the data are coming from and having a structure embedded in privacy laws helps give overarching protection that volunteers may forget they have relinquished,” Baxter says.
In addition to helping uphold patient privacy, the work of auditors can contribute to the quality of the research being conducted. “Doing walkthroughs, identifying the scope clearly, discovering what questions you might have and airing those questions as soon as you have them…is what makes the research strong, objective and reliable,” Baxter explains.
To learn more about how privacy relates to research and what auditors can do to protect it, listen to “The Relationship Between Privacy and Research” on the ISACA website or stream it on Apple Podcasts, Podbean, Spotify or Stitcher, and read “Relinquishing Privacy to Research” in the ISACA® Journal, vol. 2, 2021.