Research Design 3: Communicating and managing risk

Informed Consent

Once you’ve completed your Risk Assessment and Mitigation Plan your next step is to decide how you will communicate with your participants with respect to the goals of your research, the tasks for participants and any potential risks of participating. This is generally done through a process of Informed Consent, and your Informed Consent materials should include details of these points along with any mitigating measures you will take.

Regardless of whether you are or are not collecting any Personal Data, you will normally need to seek consent of your Human Research Subjects before you start your research. 

It’s important to bear in mind that it’s not enough to leave your volunteers (paid or otherwise) to work out for themselves what possible risks might arise. It is your responsibility as a researcher to pre-empt and flag any foreseeable risks to your participants and to communicate these points clearly. This is clearly demonstrated by a 2000 case against two American Research Performing Organisations, where participants successfully sued (and eventually received a $3.8 million settlement) for Informed Consent materials that did not specify the experimental conditions or that subjects could refuse to participate, and were not worded in a way that participants could understand.

Along with your Risk Analysis and Mitigation Plan, your Informed Consent Materials will form a key component of your application for Human Research approval, once you are ready to start your research.

You can find more about Informed Consent, along with templates for developing your Informed Consent materials here. You can also find Dutch language versions of the Informed Consent templates here.

Managing risk

The main ways in which you manage the risks you identify is to execute the mitigation steps you’ve identified in your risk design as agreed with your participants in your Informed Consent. Alongside your mitigation measures on, for example, health, safety and environment, a key part of honoring this agreement is the development and execution of your Data Management Plan, which is a requirement for all research conducted at the TU Delft. In the context of Human Research your Data Management Plan can be used to record data-processing decisions and as such serve as proof of GDPR (General Data Protection Regulation) compliance. It’s important that it’s clear in this plan who will be responsible for executing specific steps around Privacy which have been agreed with participants in the Informed Consent. These might include, for example, ensuring safe storage on an encrypted device, restricted access to date and ultimately executing data deletion.

Planning for risk, ensuring compliance with GDPR, obtaining Informed Consent and developing and executing your Data Management Plan are all part of TU Delft’s Personal Research Data Workflow (PRDW). You can find out more about the PRDW and TU Delft data management policies and processes by consulting your Faculty Data Steward or consulting the information here