Qualitative content analysis for international comparison of data usage agreements
24/08/2016 | 13:10 - 13:14 Station 5
University of Heidelberg
Presentation Type: Multimedia Poster
Themes: Applied projects, Privacy, regulation & governance and Privacy, regulation & governance
Session: Multi-media Poster Presentation Session 1
Christian Haux, Frank Gabel, Anna-Lena Trescher, Helen Whelton, Geert van der Heijden, Stefan Listl and Petra Knaup-Gregori
The multi-country-EU project ADVOCATE (Added Value for Oral Care) involves the analysis of routinely collected oral health care records from health insurance systems in six European countries, including NHS England and NHS Scotland. The data will be stored in a in a central repository using AnalytiXagility which adheres to strict privacy and security standards. Therefore, data usage agreements must be consented with all partners and being subjected to specific regulations in the respective nation. This will result in different aggregation levels for data integration, e. g. one of the partners does not allow the transfer of data that contain a personal identifier. To understand the variety of requirements and limitations in different countries, we performed a qualitative content analysis of the agreements.
A categorisation system for privacy and data protection aspects was developed. The aspects are based on privacy conditions mentioned in guidance documents, the agreements themselves and the project's proposal. The agreements were examined for textual elements and systematically coded by three reviewers. Compliance between privacy conditions and the agreements was estimated using a nominal scale, whether the context was available in the agreement or not. The software MAXQDA was used for tagging relevant text passages.
The initial coding scheme contains eight categories on top-level. They include, inter alia, aspects on data access, -preparation, -transmission, and -usage. The top-levels divide in up to four different levels of detail. The coding system was continuously adapted during full-text analysis. Initially, the agreements from the partners of Denmark and Germany were used. Characteristics in the agreements require a fine granularity of sub-categories. The German agreement, for example, names the whole institution as partner, whereas the Danish agreement differentiates in personal roles, each with own responsibilities.
Undertaking an overview of privacy conditions can be a valuable step in comparing privacy and security requirements in different national regulations. The qualitative content analysis was found a suitable approach for this purpose because it enables the detection of fine characteristics. By using an incremental design, it is possible to adapt the coding system to include additional partners. However, the current coding system has the limitation that heterogeneity between the agreements leads to a fine granularity of categories that hamper the comparability between partners. Despite these problems, the approach allows the comparison of data privacy and supports the development of a data integration process for international harmonisation.