One of our main targets is to make the data available and show how people cope with the same virus in different situations in different countries. We have created an online data visualization tool for policymakers and analysts to compare psychological responses across countries.
Below, we outline the 5 stages of participation, and how your data is handled at each stage.
Filling out the Baseline Survey
Optional follow-up surveys
Generating the data files
Data sharing with other researchers
The role of the ‘Joint Controllers’
1. Filling out the Baseline Survey:
Filling out the baseline survey is quite straight-forward. For every question, you can decide if you would like to answer it or not. If there is any question you prefer not to answer, you can skip it. There are two questions in the survey that are considered “directly identifiable personal data” – namely your email address and your post code / ZIP code. To protect this information we take a number of measures, namely:
A. Data Access
There are only two data managers who are allowed to work with the raw data (i.e., data that links your email address and ZIP code to your survey responses):
Jannis Kreienkamp (email@example.com)
Maximilian Agostini (firstname.lastname@example.org)
As such this data is restricted, and not shared with the whole research team.
B. Data Safety
The two data managers, who have access to the raw data, are working from secured computers (e.g. all data is encrypted, password-protected, and remains on a local hard drive). The data is stored in an encrypted data storage facility and will only remain on the (encrypted) local hard drives of the data managers for the duration of data processing.
2. Optional follow-up surveys:
If you decide to take part in the follow-up surveys, we will use the email address you provide to contact you. The first few weeks the re-contact will happen every week, and at a later stage we will contact you monthly. Each time you receive a follow-up survey you can decide whether you want to be recontacted again or not. Your email address is solely used for recontacting you for upcoming waves. In order to protect your privacy, your email is stored locally in a separate file and a pseudonym is used to link your responses from the recontact to your responses from previous surveys. Please see the next section for information on how the pseudonyms are generated.
3. Generating data files:
The image below shows an overview of how the data files are created. In general, there are three types of data files the data managers handle:
Baseline file: The most important data file is the baseline file. This file contains all the information you provide exactly as you gave it. Only the two data managers have access to this file.
Pseudonymized data: In this data file, your emails and your ZIP codes, both of which count as “directly identifiable personal data” data, have been removed and have been replaced by a random string of letters and numbers which constitutes your pseudonym (e.g. S54TQQB1). This datafile only gets shared with researchers at universities subject to the General Data Protection Regulation of the European Union (GDPR) and the American Psychological Association (also see “How do we share data with other researchers” below).That is, the data is only shared with professionals who have access to the required infrastructure (e.g. encrypted drives) that allow them to keep your data safe.
Local coronavirus spread information: A specialized team based at the University of Utrecht (the Netherlands) is gathering information on how the coronavirus is spreading across the world. If you have provided your post code / ZIP code, we will match it with virus-related information from your general area. This can help us understand basic processes such as: do our participants who live in more affected areas feel more anxious? After we have added the information on virus cases in your ZIP code area, the ZIP code information will be deleted. At this stage, your responses are identified only by the pseudonym, and can no longer be traced to your ZIP code or email address.
4. Data sharing with other Researchers:
Any researcher who wants to work with the PsyCorona data, needs to request access in the following way: First, they have to propose an analysis plan which outlines how they will handle the data. If the analysis plan is approved, the University of Groningen will share the pseudonymized dataset with them that contains only the variables the researchers are interested in. By sharing only the most relevant variables we ensure that only minimal data is shared.
5. Joint controllers group:
This research project is a close collaboration between the University of Groningen (dr. Pontus Leander), New York University – Abu Dhabi NYUAD (dr. Jocelyn Belanger), and Utrecht University (dr. Caspar van Lissa). This means that these teams have additional privileges but also responsibilities. We specify these responsibilities and privileges here:
Data collection: NYU-AD and the University of Groningen are responsible for collecting data for the baseline measure. NYU-AD uses partners to collect data. The University of Groningen is responsible for managing recontact surveys and raw data collected by NYU-AD.
Data handling: The data managers at the University of Groningen are responsible for data security. This means that the University of Groningen takes care of downloading all raw data and pseudonymizing your responses. Only in Groningen come ZIP codes and region information, e-mail addresses, your responses to the baseline survey, and your responses to the recontact surveys together. Researchers at the University of Groningen then merge these datasets and create pseudonymized datasets.
Location data: Utrecht University is responsible for matching region information (ZIP codes) to local coronavirus spread information. This means that these data are shared with the researchers in Utrecht. However, only at the University of Groningen do the region information and their corresponding local virus spread information get merged to your survey responses. After that, ZIP codes are removed to ensure pseudonymization.
Data protection rights: Any questions related to questions about your data protection rights can be addressed to the Data Protection Officer of the University of Groningen. Feel free to reach out to email@example.com or the data protection officer A.R. Deenen firstname.lastname@example.org.
6. Final words:
We hope that the information above has provided you with an understanding of how we are trying to do our utmost to keep your responses safe and secure. We think consent is a relation that we build over time. We will, therefore, periodically further develop information on collaboration and try to make the best decisions to further ensure your privacy rights. Thank you for your trust and support during this research.
|09 november 2023 13:43