shhh... can you keep a secret qrca views

S P R I N G 2 0 1 0V O L U M E 8 • N U M B E R 3

I D E A S & T O O L S F O R Q U A L I TAT I V E R E S E A R C H

Shhh...• QUALITATIVE TOOLBOX •

30 QRCA VIEWS SPRING 2010 www.qrca.org

magine this scenario: ABC Pharma (one ofthe top ten pharmaceutical companies inthe U.S.) hires XYZ Corporation (a quali-

tative marketing research boutique firm) toconduct 30 one-on-one interviews with high-volume neurologists. XYZ’s assignment is touncover the reasons that these specialistsare prescribing a competitor’s product formigraine headaches in lieu of their product,Zap. XYZ has done multiple projects withABC Pharma in the past, and their moderatorshave developed good working relationshipswith both the marketing researchers and theZap brand team.

The project commences in New York City.On the morning that research begins, Julie(the moderator) greets the market researchmanager (Bob) and two brand leaders (Joeland Caroline). Surprisingly, Julie also findsGrace (the regional sales manager from theManhattan office) also attending the researchthat day. Julie knows that some other membersof the marketing team are planning to watchonline, but she thinks to herself that it is ratherunusual to see someone from Field Sales inthe back room.

The first interview of the day is with Dr.Morrison. Following her standard protocol,

B Y A M Y W I N S T E L A N D C A R L A E S S E N

Ladd Research Group • Cincinnati, OH • [email protected]

I

Shhh...CAN YOU KEEP A SECRET?Protection of Privacy: A Case Study

31Q U A L I T A T I V E R E S E A R C H C O N S U L T A N T S A S S O C I A T I O N


Shhh... Can You Keep a Secret? Protection of Privacy: A Case Study C O N T I N U E D

Julie explains that she will audiotape and video-tape their discussion, but that the doctor’s identitywill remain anonymous. He chuckles to himselfand then says aloud, “Yeah, right. Whoever yourclient is will recognize me; I’m the head of neu-rology at the biggest hospital in the city.” Juliesmiles and continues with the introduction of thediscussion topic. The interview proceeds smoothly,and Julie feels certain that it is going to be aproductive day.

After concluding the interview, Julie has a 15-minute break before the next respondent arrives,so she makes use of the downtime by debrief-ing with her clients. As she enters the backroom,she walks into an animated conversation betweenGrace and the team. Having pushed her sales repsfor months to uncover the reasons why Dr. Jones’script volume is so low for Zap, Grace now hasa clear understanding of Dr. Jones’ concerns.She relays how excited she is to finally see whathappens in marketing research and commentsthat she has already forwarded the informationon to her district manager via her BlackBerry.

Alarmed, Julie immediately catches Joel’s andCaroline’s attention and pulls them into the outerroom. They know exactly what she is going to sayabout protecting the physician’s identity, and theyconvey to Julie that they have already explainedthis to Grace. It is clear, however, that it has beena struggle getting Grace to truly understand thatthey mean what they have said.

Julie responds by requesting a confidentialityagreement from her project manager at the homeoffice via email. She prints it off and heads onceagain to the back room, where she restates theexpectations regarding respondents’ privacy inmarketing research. Requesting that Grace signthe document, Julie still does not feel overlyconfident that the agreement will prevent Gracefrom relaying other information that she hearsthroughout the day. “At least I have her signatureon record,” she thinks to herself. Heaving a sigh,Julie proceeds through her next few interviews.

During the lunch break, Julie sits down at herlaptop to catch up on emails. As the break is com-ing to an end, she re-enters the interview room andreaches for her moderator’s copy of the scheduleon a side table. Unable to locate it, Julie returnsto the back room to see if she has mistakenlyplaced it in the stack of completed discussionguides. She notices Joel reviewing the schedulewith Caroline and stops in her tracks upon real-izing that they are holding her copy — not theclient copy, which excludes the respondents’identifying information (first name/last name).

Julie quickly grabs a client schedule and casuallymentions, “It looks like our copies were switched;here, take this one — I know you wouldn’t want

to accidentally remember the physician’s names.”Joel and Caroline exchange a quick laugh andswitch copies without any debate. Julie, becomingincreasingly concerned, suspects that they werenot the only ones who might have seen her copy,and she cannot help but wonder if someone hadpicked it up from the interview room, or if shehad been careless enough to leave it on top of herother paperwork.

The afternoon’s interviews carry on, and bythe dinner break, Julie is more relaxed. The teamseems pleased with her work, and Julie is confidentthat she is uncovering the information ABC issearching for to understand why Zap is not beingprescribed as frequently as the competition. AsCaroline reviews some of the key learnings fromthe day, she comments, “Grace was especially gladthat we were able to recruit Dr. Levy. She haswanted him to speak for us for a long time, sohis input is really valuable for this project.”

After the final debrief, the clients pack up andquickly depart. Julie gathers her materials andensures that the interview room will be lockedso that she can leave discussion guides and clientsales materials behind for the next morning. Asshe is waiting for a taxi, Ron (the facility manager)stops in to make sure that she has been satisfiedwith his team’s service for the day. She assureshim that they are doing a great job, and Ronremarks, “ABC has sure been here a lot lately.They must have a great deal of money investedin Zap.” Julie agrees with him and then pauses.“How do you know this project is about Zap,Ron?” “Oh, it’s on the top of the discussionguide that you asked me to copy,” he replies. “Itsays ‘ABC Zap Market Share Decline Project.’”

The taxi arrives, and Julie is pleased that thefirst day of the four-city project is complete. Onher way to the hotel, she mentally prepares thepositive report she will send later that night toher manager at XYZ.

ANALYSIS

How can XYZ Corporation improve itsprocesses to ensure the protection ofrespondent privacy?Marketing researchers understand that the degreeto which a respondent believes that his or her pri-vacy will be protected influences his or her candidparticipation in an interview or focus group.Similarly, respondents, particularly healthcareprofessionals, typically understand that their feed-back positively impacts the healthcare industry.However, consistently communicating and rein-forcing privacy measures — both verbally and in

33Q U A L I T A T I V E R E S E A R C H C O N S U L T A N T S A S S O C I A T I O N

writing — can ensure that all parties comply, aswell as further enhance the value of informationlearned in a qualitative study.

Prior to entering into a contract, XYZ can beginby inquiring about ABC Pharma’s confidentialityexpectations/policies/procedures. Understandingwhom a client might allow into a research studywould have allowed Julie to be better preparedto address any confidentiality concerns prior tothe project.

Ensuring that all research observers completea confidentiality agreement prior to arrival atthe facility would have prevented Grace fromunintentionally violating privacypolicies. The agreement shouldspecifically state that all infor-mation gathered during theresearch is to be used only formarketing research purposes,and not for sales efforts. Itshould also state that if anobserver recognizes a partici-pant, then that observer shouldimmediately remove himselffrom the observation area.

As part of the marketingresearcher’s upfront disclaimer,respondents should also be givenan opportunity to opt out of theinterview, both verbally and inwriting, prior to the introductionof the discussion topic. When Dr.Morrison stated that he assumedhe would be recognized, Julieshould have given him an oppor-tunity to opt out of the interview.Requiring respondents to signa confidentiality agreementand using a verbal disclaimerverbatim before commenc-ing interviews ensures thatthe option to opt out hasbeen offered.

When conducting researchat a facility, it is also criticalto understand their privacyprocesses before arrival. As inthe case with XYZ, Julie could

have requested that all schedules only have initialsand no identifying information.

Lastly, all information identifying both the clientand the project should have been deleted from thediscussion guide. This can be a common error whenthe study sponsor develops the guide. Transferringthe client’s guide into a template created by the re-search company prevents both the facility personneland respondents from inadvertently identifying thestudy sponsor. On discussion guides created byXYZ, a non-identifying project name and numberwould also ensure confidentiality. At the end of theday, Julie should have taken all proprietary client

C O N T I N U E D Shhh... Can You Keep a Secret? Protection of Privacy: A Case Study

Consistently communicating and reinforcing privacymeasures — both verbally and in writing — can ensurethat all parties comply, as well as further enhance thevalue of information learned in a qualitative study.




materials with her to reduce the possibility thatany confidential information might end up in the wrong hands.

What do I need to know, and where canI turn to find out?As market researchers, we have a responsibilityto protect the privacy of all parties involved in aqualitative research project. Upon a recent reviewof the guidelines and principles set forth by theprofessional organizations in the market researchindustry — including the MRA, PMRG, QRCA,CMOR (which has since merged with the MRA),ESOMAR and CASRO — our organizationestablished a formal privacy compliance policyto ensure that we are taking every availablemeasure to protect the integrity of the researchwe conduct.

An assessment of each organization’s code ofconduct with regard to privacy (including bothrespondent anonymity and client confidentiality)led us to create a comprehensive overview ofcrucial privacy elements, which we have brokendown into three main areas. While this is by nomeans an exhaustive list, it provides guidance asto what our colleagues should focus on whenlooking at their own privacy standards.

Responsibility to INFORM• Respondents should have access to a researcher’s

privacy policy. ESOMAR’s International Codeon Market and Social Research states thatresearchers should have a privacy policy that isreadily accessible to respondents (whether bymail, fax or email) and should also ensure that it is posted on the researcher’s website. Addi-tionally, contact information should be providedto research participants in the instance thatthey may have further privacy inquiries once theresearch ends.

• Respondents should be verbally informed ofand provided with written confidentialitystatements. Both CMOR’s Compliance Guideand ESOMAR’s Code direct researchers toprovide a confidentiality statement clearlystating who the researcher is and the researchcompany that he/she represents, as well as indi-cating that respondent information will bekept confidential. The statement should alsodisclose when participants are being audio-taped, videotaped and/or video-streamed to an offsite location.

• Respondents should be given the opportunityto opt out of study participation. The MRA’sCode of Marketing Research Standards statesthat respondents must be given the opportunityto refuse to participate if there is a possibility

that they can be identified without the use oftheir name or address. In all likelihood, thispossibility would exist with almost any respond-ent to one degree or another, so a broadinterpretation of this code would dictate offeringany respondent the opportunity to declinefurther participation.

• Respondents should not be re-contacted withoutconsent. The MRA’s Code also states that studyparticipants should not be contacted after theresearch has concluded (should a client wantto ask additional follow-up questions, forexample) unless respondents have been informedof this possibility at the time of the originalresearch and have given their consent to bere-contacted.

Responsibility to PROTECTThe notion of protecting confidential informationextends across many parties — not only therespondents, but also the client, the recruitingfacility and the market researchers themselves.• Respondent information should not be used as

a means of identification. The MRA promotesthe protection of respondents’ identities fromthe end-client. Make sure, for example, that allcopies of focus group schedules contain onlyfirst names of participants. The only time inwhich the client should be made aware of arespondent’s identity is if the respondent hasgiven express, written permission. Observersfrom the client side should be told that if theyknow any of the participants, they must stop ob-serving and notify the researcher, per ESOMAR’sWorld Research Codes and Guidelines.

• Ensure that respondent contact informationwill not be used for sales or direct-marketingefforts. Let’s face it — it is too easy to be akey member of the brand team and pass alongto the sales manager the reasons a highlyinfluential prescriber has shared as to why he

Researchers should have aprivacy policy that is readilyaccessible to respondents— whether by mail, fax oremail — and should alsoensure that it is posted onthe researcher’s website.

is not using your product. TheMRA’s Code of MarketingResearch Standards strictlyprohibits this activity, statingthat “any information collectedduring any study will not beused for any sales, solicitationsor push polling.” The easiestway to do this is to remind clientpersonnel who may be listeningin at the beginning of the projectand have them sign a documentstating that they agree.

• Respect confidentiality of bothclient and respondent informa-tion by securing and disposingof project documents and fileswhen appropriate. Accordingto ICC/ESOMAR InternationalCode, data should be preservedno longer than is required forthe purpose for which the infor-mation was collected or furtherprocessed. There should be ameans of guarding electronicdocuments so that no othershave access to them except forthe individuals working on theproject. Upon completion of theresearch, paper files should beshredded, and electronic docu-ments permanently deleted.

• The client’s identity shouldremain blinded. The MRA’sCode suggests that researchersnot reveal any information thatcould be used to identify clientswithout their written permission.Something as simple as placingthe client name at the top of adiscussion guide that you bringinto the interview room could tipoff a respondent. Remind clientsnot to wear company-brandedattire or carry bags with companylogos. Additionally, be sure thatany subcontractors (videog-raphers, transcriptionists, etc.)have also signed non-disclosureagreements.

• Become familiar with the researchfacility’s privacy policies, andhonor them as you would yourown. The MRA Code indicatesthat market researchers “willfollow all use restrictions imposed



by the facility in order to ensure confidentialityfor all parties.” It is a good idea to ask for acopy of the facility’s privacy policy the first timeyou work with that office, and keep a file foryour records.

Responsibility to EDUCATE• Recognize that international projects may

include additional privacy-compliance require-ments. ESOMAR’s World Research Code &Guidelines makes general provisions for con-ducting research across the globe, but eachcountry may have further stipulations governingthe process in that country. Before accepting

an assignment outside the U.S., make a full-faith effort to learn if there are any otherlegal requirements that you may need tocomply with.

• Instate a privacy officer for your organizationif you do not already have one. Per ESOMAR’sWorld Research Code & Guidelines, someonemust be responsible for privacy and for keepingthe privacy policy up to date, ensuring that allstaff (including temporary staff) are aware ofits requirements and for handling queriesrelating to it.

• Make it a point to re-evaluate and update yourprivacy policies, when necessary, each year. Itis crucial to stay abreast of changes in theindustry, as legislation continues to alter thelandscape of market research. The pendingPhysician Payment Sunshine Act, for example,threatens to compromise privacy betweenphysician participants and pharmaceutical/medical-device clients, proposing that manu-facturers disclose any payment made todoctors in an amount over $100. If passed,this policy will go into effect in 2010. Knowhow current laws impact protocol and hownew policies may warrant strategic changes foryour business practices. The MRA’s websitehas state-by-state updates indicating proposedand pending legislation at www.mra.org.

– QRCA (Qualitative Research Consultants Association)QRCA Guidelines to ProfessionalQualitative Research Practices;QRCA Ethics Policy Manualwww.qrca.org

– MRA (Marketing Research Association)The Code of Marketing Research Standardswww.mra-net.org

– CMOR (Council for Marketing andOpinion Research, merged with the MRA in 2008)

Compliance Guide/Best Practiceswww.mra-net.org

– PMRG (Pharmaceutical MarketingResearch Group)

www.pmrg.org

– CASRO (Council of American Survey Research Organizations)

Code of Standards and Ethics for Survey Researchwww.casro.org

– ESOMAR (European Society for Opinion and Marketing Research)

World Research Codes & Guidelineswww.esomar.org

Privacy/Confidentiality Resources

Make it a point to re-evaluate and update yourprivacy policies, whennecessary, each year. It iscrucial to stay abreast ofchanges in the industry, as legislation continues to alter the landscape ofmarket research.

The following organizations are referenced in this article. For more information aboutprivacy standards, visit these websites:

shhh... can you keep a secret qrca views

Business