You are the “Information Governance, Security and Compliance Manager” of research firm who conducts clinical studies. Your team of 15 members who are medical doctors is gearing up for a big contract to research the effects of cancer medication vs placebo. The team will be researching 3 groups of 10 people each (30 participants).
The client asks for the data to be computed in IBM SPSS so they will have to switch from Google Analytics. IBM SPSS is widely used in the research community, but the constraint is the learning curve since this is a new program and we are concerned about privacy.
The research project will take 2 years to finish, each participant must come in to the clinic one a month. The current process is that the patient/participant comes in the clinic and complete the written form, and the patient signs the consent form, the receptionist inputs the patient’s personal information in the computer. Only the staff will have access to the records.
As we transfer to using a new system, you are tasked with completing the IG Checklist and Privacy Impact Assessments form. If a section does not exist come up with a plan so that we as a team meet compliance in all areas on the checklist.