We all generate data about ourselves every time that we use the internet, take a journey or purchase an item. That sort of information can reveal a lot about a person, including private and personal things that you don’t necessarily want everyone to know and that could lead to discrimination. Because of that, many countries and regions have upgraded their privacy laws in recent years.

Legislation

The personal data of the entire European Union is protected by the General Data Protection Regulation (GDPR) and the health data of American citizens is protected by the Health Information Portability and Accountability Act (HIPAA), for instance. California gives its consumers additional protection with the California Consumer Privacy Act (CCPA).

All those laws are valuable in protecting citizens’ rights, but they can make the work of scientists such as psychologists, health researchers and consumer behavior researchers more complicated. If you are doing that sort of research, you routinely collect personal information in your experiments and often sensitive personal information like data about children or health. How can you be sure that you are complying with the laws that apply in your area?

GDPR (and how to comply)

The EU GDPR is still the toughest privacy legislation in the world, so if you comply with that, you will most likely be ok wherever you live. Of course, if you are a researcher, your own organization’s ethics committee might have additional requirements that go beyond the law. The tips below are written specifically from a GDPR perspective, but they will help you wherever you live and work.

1. Professional software

Use good professional software, but in the end, it is up to you to use it correctly. Software for behavioral researchers like Noldus’ Viso has been designed with privacy in mind. If you use Viso, you can be confident that your data is safe. If you choose an alternative like an open-source program, you will need to check if it meets your needs. For instance, if the computer is in a lab or shared with colleagues, is there proper user management to ensure that everyone can only access their own experiments? However, even if the software is good quality, that doesn’t make it impossible for you to use it improperly.

2. Physical security

In this digital age, it is easy to forget the importance of physical security. If you are coding a video and you walk away from the screen, do you lock the computer? If not, who can see it? Colleagues working on other projects? Your housemates when you are working from home? Who can enter the room where the data is kept? If you want to be sure that a camera in your lab is not accidentally recording when it should not be, a physical cover can be a good option.

3. Digital security

Just because you have to log on to Windows to open your computer, doesn’t mean that all the data on it is secure. It is essential that the hard disk is encrypted using software like Bitlocker. That is built into more recent versions of Windows if you have a modern computer. Software like Noldus’ Viso has sophisticated user management to ensure that people working on different experiments in the same lab only have access to their own data, which adds an extra layer of protection. It is also important to note that all the data is stored on the client’s computers and that Noldus has no access to it.

4. Install updates

Always install all security updates, both for Windows and for the software that you use to collect your observational data. That applies both to your own computer and to any network drives and backups. There is not much point encrypting your hard drive if you make a backup to an unencrypted external drive or to a network drive which can be accessed by people not involved with the experiment that you are running.

5. Permission

A key aspect of dealing with privacy issues is to make sure that you have got permission from your participants for everything that you will do with the data and that they are well-informed. Don’t forget to include aspects like your retention policy (how long you will keep the data before deleting it) and data sharing with others (e.g. the helpdesk of the company providing the software that you use) in the consent form. It is also the case that no matter what consent people sign on the forms, their legal rights are retained, so for instance, they still have the ‘right to be forgotten’, also if you have paid them to participate.

When starting a recording/experiment in The Observer XT and Viso, a reminder is displayed to remind you to ask the participant for permission.

AV tool Viso

Viso is the easy-to-use solution for creating audio-video recordings to capture the behaviors of your participants, including screen capture if you want that. You can use it to educate, train, and improve the skills of students and trainees. Viso enables you to record in multiple rooms with all the data reliably coming together into one system, even if they are in different buildings. You can view it anywhere, even on your phone, with the web app. You can also mark and comment on the videos to make feedback quick and easy.

FREE DEMO: Try Viso yourself!

Request a free demonstration to find out why Viso is the right tool for your training facility!

• Easy-to-use solution
• Train and educate, enhance teamwork
• Immediate playback and debriefing

 Free Demo