IRB: Ethics & Human Research

Certificates of Confidentiality and Informed Consent: Perspectives of IRB Chairs and Institutional Legal Counsel

Researchers conducting studies in which sensitive information about the participants is collected may apply to the National Institutes of Health (NIH) for a Certificate of Confidentiality to help safeguard participants’ privacy and the confidentiality of their data. According to federal law,1researchers who obtain a Certificate cannot be forced to disclose the names or other identifying characteristics of research participants in any legal proceeding. By shielding researchers and institutions from compelled disclosure, the Certificate is intended to facilitate research on sensitive topics by reassuring participants about the security of their information.When a Certificate has been obtained for a study, prospective participants must be informed about it. On its Web-based “kiosk,”2the NIH provides sample language (Box 1) for use in consent forms to describe a Certificate’s protections and the limitations of those protections. However, little is known about professionals’ use of and opinions about this language or about institutional guidance for describing a Certificate of Confidentiality to participants as part of the consent process. Knowing how professionals and institutions address these issues is important because the NIH’s sample language is complex and potentially difficult to understand.3In addition, despite the strong assertion in the NIH’s language that “[w]ith this Certificate, the researchers cannot be forced to disclose information that may identify you, even by a court subpoena,”4there is uncertainty about whether a Certificate can provide such absolute protection in all circumstances.5Because these factors may threaten the validity of informed consent, the opinions of institutional leaders involved in developing appropriate consent language, as well as information about institutional guidance concerning the Certificate, may help inform potential solutions for how to convey information about a Certificate in the informed consent process.

As part of a larger study assessing use and understanding of Certificates of Confidentiality, we conducted interviews with institutional review board (IRB) chairs6and institutional legal counsel.7Here we focus on themes that emerged from those interviews about the Certificate’s effects on consent forms and processes. We also conducted a search of research institutions’ websites to determine what kind of guidance they provide about how to describe a Certificate as part of the consent process.

Study Methods

We gathered data from IRB chairs and institutional legal counsel, as well as from a web search of institutional policies. Below is a brief summary of the methods used for each source; more details are available in the Appendix (found on theIRB: Ethics & Human Researchwebsite).

IRB Chairs.We conducted an online survey of IRB chairs to examine their use and understanding of Certificates of Confidentiality.8To explore survey responses in more depth, we conducted follow-up interviews with selected chairs whose responses indicated a particularly positive or negative view of Certificates or whose institutions had experienced a legal demand for research data. We computed composite opinion scores based on five survey questions about the extent to which Certificates achieve their intended purposes, with scores ranging from 5 to 25. Lower scores indicated a less favorable view of Certificates, and higher scores a more favorable view. For the analysis presented here, we focus on the interview responses related to informed consent. We used qualitative analysis software to generate from the interview transcripts a report containing any text from the section of the interview on informed consent and any text that included the word “consent.” One author (D.K.C.) identified themes that emerged within the report and organized these themes into a codebook. Another author (L.M.B.) independently analyzed the report, applying codes per the codebook. These two authors then reconciled any discrepancies.

Institutional Legal Counsel.We also conducted interviews about Certificates with institutional legal counsel.9Although we did not ask specific questions about Certificates’ effects on informed consent, legal counsel respondents spontaneously commented on these issues. In this secondary analysis, we used qualitative analysis software to generate a report containing any text from the transcripts that referred to consent forms and processes. Two authors (L.E.W. and D.K.C.) independently analyzed the report based on the themes identified from the IRB chair transcripts.

Search of Institutional Websites.One author (L.A.D.) led a search of the websites of the 39 U.S. institutions that have both an American Association of Medical Colleges-accredited medical school10and an Association of Schools of Public Health-accredited school of public health11to locate their policies about the Certificate of Confidentiality. Initially, we searched for the term “Certificate of Confidentiality” using the search function on each school’s home page. If that failed to produce results, we looked for links to research-related information and then reviewed those pages for relevant categories. We collected and analyzed the portions of the websites that discussed Certificates, including suggested or required consent language.

Study Results

Characteristics of Information Sources.Our sample of IRB chair interviewees (n=21) consisted of seven with a high (18+, “favorable” view of Certificates) composite opinion score (four of whom had experience with legal demands), four with a middle (15-17) score (two of whom had experience with legal demands), and 10 with a low (<15) score (two of whom had experience with legal demands). Over 75% reported more than five years’ experience as an IRB chair.

Our legal counsel interviewees (n=24) represented the institution in legal matters, the vast majority (n=22) as direct employees. Nearly 90% reported five or more years’ experience as institutional legal counsel.

For our search of institutional websites (n=39), one site required a log-in to access research policies, and we were unable to locate any reference to Certificates on five of the websites. Among the remaining 33 sites, 9 offered only a link to the NIH kiosk; 11 contained a single paragraph providing a basic description of Certificates (often with a link to the NIH kiosk); and 13 either had a specific document on Certificates or offered more than one paragraph about Certificates as part of a larger policy on privacy and confidentiality in research.

Institutional Guidance on Consent Language Describing Certificates.Among the 33 websites where we found reference to Certificates, three required a password to access sample consent forms, and on one, the link to sample forms did not work. Among the remaining 29 institutions, we found the following:

  • For 10, we could find no mention that the consent forms for research conducted under a Certificate should contain special language. Five of these provided links to the NIH kiosk but not to the specific page with recommended consent language.
  • Five either provided a link directly to the sample language on the NIH kiosk or reprinted the NIH language on their own site, with no other commentary.
  • Five did not provide any sample language but described factors that investigators should        consider when drafting consent forms (Table 1, Examples 1-2). One of these also provided a link to the sample language on the NIH kiosk.
  • Nine provided their own sample consent language. Patterned closely on the NIH’s language (as detailed below), most of it appeared to be attempts to simplify or clarify the language (Table 1, Examples 3-4).

The NIH’s sample language contains four distinct elements (Box 1): 1) with a Certificate, the researcher cannot be forced to disclose identifying information, even by court order; 2) a Certificate does not prevent government audits of the study; 3) participants may voluntarily release information about themselves; and 4) researchers may/will comply with state laws requiring reporting of child or elder abuse, intent to hurt someone, or certain communicable diseases. The nine institutions that provided their own sample language included all of these elements, with the exception of one that did not mention the possibility of government audits. Four institutions added an item that is not in the NIH language: two institutions included an explanation that although the Certificate is issued by a federal agency, this does not mean that the federal government approved or disapproved of the research project; one institution added that “if any study information is placed into your medical records, the Certificate does not protect that study information”; and one institution stated that in addition to voluntarily reporting abuse or intent to harm, the researcher would provide information to “someone who is accused of a crime, if he or she believes that our research records could be used for defense.”

Modifying the NIH’s Sample Consent Language Describing Certificates.The importance of considering modifications to the NIH’s consent language emerged as a major theme in our interviews. This included changes to promote comprehension among prospective participants and to describe appropriately what is known and unknown about Certificates’ protections and limitations.

  • Improving Comprehension.In our interviews with IRB chairs, one commonly mentioned priority was the use of simple, straightforward language to describe a Certificate of Confidentiality. Some chairs offered minor modifications to the NIH’s sample language to lower the reading level. As one chair explained, “[W]e’ve customized [the NIH language] a little bit to make it more readable. Making the sentences shorter and things like that. It’s not a great deviation, but it’s a little bit of an improvement.” According to another respondent,

The NIH is a guideline for us because we have competing requirements. One is we want the language to be readable… When you get anything from the government, it’s probably not going to be readable by a sixth-grader and well understood. So for example, a simple thing, the NIH language uses the term, ‘the researchers’, we tell our PIs just to say, ‘we’—‘we cannot be forced’ or ‘we will not release,’ something like that.”

Several chairs discussed additional efforts to enhance comprehension and reduce the potential for confusion, including tailoring the language to each study (“It really needs to fit with the tone of the consent, and it needs to be project-specific”) and ameliorating conflicting language (“It’s quite common that our consent will say [that] we’ll protect the confidentiality of your information to the maximum extent allowed by law. And we’ve got lines from NIH on Certificates that say . . . you can’t be forced under law to disclose stuff. That’s conflicting language”).

A few of the legal counsel respondents spontaneously raised similar concerns about the challenge of explaining Certificates’ protections and limitations in understandable ways. One noted that it is “a very hard thing to convey to the average guy off the street and it’s very hard to put in eighth grade language.” Another commented that it is “very challenging to describe for subjects in a consent form” the nuances of a Certificate, especially in relation to other confidentiality protections.

  • Describing Certificates’ Known Exceptions and Limitations.Another commonly mentioned priority was clear communication about the known limits of a Certificate’s protections. For example, with regard to explaining the exceptions to a Certificate’s protections (i.e., government audits, state reporting, self-disclosure), some IRB chairs felt the NIH’s language provides too much detail. One said, “We think that’s a little bit too much. We do always talk about the child abuse thing and intending to hurt oneself. But the rest of it seems a little bit theoretical. So we don’t always require that.” Another described the NIH’s language about government audits as “way more than people need to know” and “not necessary to mention,” in part out of concern that these details might detract from the “main point” of the description about a Certificate.

More generally, some IRB chairs emphasized the importance of “being honest about the limitations” and ensuring that the “limitations are clearly stated.” Another was specifically concerned that participants understand that a Certificate is designed to protect against only certain types of disclosures, by “making it clear in the consent forms and consent processes that there are still risks that the Certificate is not relevant to . . . that these risks still exist.”

Similarly, one legal counsel respondent stated that the end goal is “that the individual be able to understand just exactly what the Certificate does provide. It provides a protection against the risk of external investigative or judicial processes.” And another emphasized, “Accuracy of informed consent is one of my main goals in all of this. What people know. If they have any protections, and if so, what they are and what the limitations of those protections are.” For some of the legal counsel respondents, clarity in the consent form seemed to be important in part because it helped document what was promised to participants, which would guide their actions in protecting data. As one explained, “My first line when a question comes up is, what has the researcher done? What’s the promise to the subject? And I guess what I would say is, what do we care most about? Making sure the informed consent represents correctly what can be disclosed and what can’t. And then we protect it.”

  • Describing Uncertain Aspects of Certificates’ Protections.The NIH’s sample consent language was problematic for several IRB chairs because of its strong assertion about Certificates’ legal protection against disclosure of information about participants. As one noted, “This offers additional protection, but we can’t tell you it’s fool-proof.” Another explained,

We had a lawyer ethicist who said, “[A Certificate] helps, but a consent form should say ‘it’s not a guarantee.’ Just that it shows we’re doing our maximum, and our hospital lawyers would go to court to fight it. But we can’t promise we would prevail at the end of the day. I’m not promising I will go to jail rather than handing them over . . .  . I’m not asking the investigator to promise that. So we basically say that in the consent; we say, Yeah, this offers additional protection, but [it] has never been fully tested in court.”

Several legal counsel respondents also focused on issues of uncertainty surrounding a Certificate’s protections and whether consent forms adequately convey that uncertainty. When asked about concerns regarding Certificates, one explained, “I would [ask] whether the standard descriptions that I see in many institutions’ consent forms are overly reassuring.” The respondents who raised these issues mostly discussed their perception that Certificates are untested in court and that there may be compelling circumstances where courts might, despite the Certificate, order disclosure of information such as data pertaining to child abuse or investigations under the federal Patriot Act. However, one legal counsel respondent noted a more pragmatic concern, suggesting that as more information—including research data—is kept in electronic health records, researchers may not be in a position to protect it from disclosure.

Nevertheless, some legal counsel respondents felt constrained by the NIH in conveying uncertainty to research participants. As one described, “[T]he NIH wants informed consent documents to speak fairly strongly and clearly about the amount of confidentiality provided.” Another indicated that the NIH had refused to issue a Certificate for a study for which the consent form contained language that described uncertainty regarding the Certificate’s protections. According to this respondent, the NIH’s rationale for denying the request for a Certificate was that the consent form language “would undermine the person’s reliance on a Certificate so that would undermine the . . . legal status.” While acknowledging the validity of the NIH’s position, this respondent further noted the tension with informed consent: “We saw what we thought was a real risk and they were asking us not to disclose this risk in the informed consent . . . . But at some point if it really gets tested, I’m not 100 percent confident it would be supportive. And if I know this, why am I not telling individual participants? Is that the ethical thing to do?”

The Effects on Participants of Consent Language Describing Certificates.Finally, we asked IRB chairs about the effect on participants of consent language describing the Certificate of Confidentiality. Several reported hearing indirect feedback, via research team members, suggesting that the Certificate provided reassurance “that everybody is going to take their data seriously.” However, some respondents suggested that whether a Certificate has a reassuring effect on participants might depend on the nature of the research. In other words, a Certificate may reassure participants who are already concerned about their legal jeopardy given the topic under study. In studies where such concerns are not preexisting, the Certificate description may generate alarm:

If you’re talking to people about illegal behavior, you’re spending most of your time not about the risk of the drug I’m going to give you, but about how I will protect this information so your probation officer doesn’t find out. Confidentiality is the major element in consent discussions for that kind of research, [so the Certificate part makes] it more likely they would agree to be included. Now if you tacked [Certificate language] on to a study that’s a simple blood draw for genetic samples, we’d have a different discussion.

IRB chairs mentioned other ways in which Certificate descriptions might adversely affect participants. Some were concerned that participants might be overly reassured by the description, which could lead to “issues in terms of people being willing to take on risks that they might otherwise not have done.” One described the challenge of setting expectations appropriately:

We certainly want to make sure . . . that the language doesn’t mislead participants about the protections provided by the Certificate. So you’re kind of in the awkward position of saying, ‘Well, we’ve applied for the Certificate, which is supposed to protect you from subpoena, but by the way, we’re not really sure how much it reduces the risk.’

Another concern was about adding complexity to the consent process. One chair described Certificates as “adding a lot of complex stuff to” and “muddying up” consent forms. Another expressed concern about the overuse of Certificates and the confusion introduced by potentially unnecessary information: “I think there is a downside of too much information . . . . One of my biggest issues with the whole process is that people use them when they’re not really necessary and it does create additional layers of confusion, at least in some people’s minds.”

However, nearly all IRB chairs indicated that they did not have a mechanism for collecting feedback from participants or researchers about the consent language describing Certificates. “Have we heard directly, indirectly, how well they understand? No,” one chair said, “because . . . certainly the participants . . . in those kind of studies would never talk to us.” As another chair reported, “We get very, very little participant feedback. Every consent form has the IRB contact information on it, and in my six years on the IRB I’ve only received one call from participants and it had nothing to do with the consent language.” One chair who reported not being aware of any positive or negative feedback from researchers said, “[B]ut you’ve got me interested now in thinking about this, that maybe we should ask them, does this really help or not? We just say, ‘Well, you obviously need a Certificate here.’” Even so, some respondents made speculative statements about what a Certificate might achieve when described in the consent process: “My guess is that [Certificates] may have helped in recruitment of people on the margin[,] . . . but I’m willing to guess that overall it has very little impact on enrollment. I could be wrong, but that’s my guess.” Another said, “I like to imagine that perhaps in [extreme] situations that [Certificates] might be of some value.”


Our interviews with IRB chairs and institutional legal counsel highlighted the importance of simplifying and clarifying the NIH’s sample consent language about the Certificate of Confidentiality. However, the results of our review of information posted on institutions’ websites suggest significant institutional reliance on the NIH language without reference to the potential for modification. Additionally, many IRB chairs viewed Certificates as a possibly helpful component of the consent process based on a belief that they reassure participants about attempts to protect the confidentiality of information about them. At the same time, several chairs also raised concerns about ways in which Certificate descriptions might confuse, mislead, or even alarm participants.

The findings of our study lead to several observations. First, despite some respondents’ comments about the need to modify the NIH’s language, it appears that institutional efforts to do so have been fairly modest. Although IRBs may work with researchers individually to craft appropriate consent language, guidance indicating leeway to alter the language was scarce. This raises a question about how often IRBs and researchers do in fact adjust the NIH’s language and whether they are aware that modifications are permissible and, in some cases, necessary to facilitate informed research participation. The NIH kiosk introduces its sample language with the qualification that “[r]esearchers may adapt the language to meet the needs of the research participants and to the subject matter of the study.”12It may be helpful to give this flexibility more prominence on the kiosk and also for IRBs to highlight this fact on their websites. Providing examples of appropriate modifications could further reinforce that the sample language is a starting point, rather than a requirement. It is important to note, however, that regulations constrain some alterations, including disclosures for federal audits.13Thus, reducing the level of detail, a goal expressed by some respondents, may require regulatory change. Any such changes should be informed by how required statements are understood and valued by participants.14

A second observation is that the NIH’s sample language would benefit from revision. According to respondents, the language would ideally be shorter, simpler, and easier to read and would more accurately reflect limitations of the Certificate’s protections.

A third observation is that our findings emphasize the complexity of appropriately reassuring prospective participants about confidentiality in studies that have a Certificate. Our respondents suggested that participants’ reactions to Certificate descriptions could range from heightened concern to false reassurance. Importantly, however, most respondents acknowledged that they lacked data to substantiate their opinions. These results highlight the need for empirical evidence from researchers and research participants about Certificates and their effects. IRBs could also consider encouraging more informal feedback from research teams to help improve consent forms and processes for studies with a Certificate.

Finally, it is important to note that our data were gathered from disparate sources. Because we did not ask IRB chairs and institutional legal counsel exactly the same interview questions, we do not have parallel data from each group on every topic discussed here. This limitation notwithstanding, our findings converge on a set of issues that are critical to enhancing informed research participation in studies on sensitive topics. The consistency with which IRB chairs and legal counsel focused on certain issues is especially interesting: although counsel are not as closely involved in the consent process, they raised these issues spontaneously. Moreover, our findings highlight a discrepancy between the concerns respondents had about consent form descriptions of Certificates and the guidance on Certificates available through institutional websites, guidance that tends to directly reflect the information provided on the NIH kiosk. This suggests that it would be beneficial for the NIH to provide more guidance that is informed by input from IRBs and legal counsel, as reported here, as well as input from researchers and participants.


The project described was supported by Award Number R01HG005087 from the National Human Genome Research Institute (NHGRI). The content is solely the responsibility of the authors and does not necessarily represent the official views of NHGRI or the National Institutes of Health. We would like to thank our colleagues Emily Namey, Kevin Weinfurt, and Alexandra Cooper for their input. We would also like to thank Lauren Powers for her assistance with the web search.

The Duke University Health System IRB determined that this research was exempt under 45 CFR 46.101(b)(2), and the Georgia State University IRB approved it under expedited review.

Devon K. Check, BA,is a research assistant at Duke Clinical Research Institute, Duke University School of Medicine, Durham, NC;Leslie E. Wolf, JD, MPH,is a professor of law at Georgia State University College of Law, Atlanta, GA;Lauren A. Dame, JD, MPH,is the associate director of the Center for Genome Ethics, Law & Policy, Duke University, Durham, NC;Laura M. Beskow, MPH, PhD,is an associate professor at the Duke Clinical Research Institute, Duke University School of Medicine, Durham, NC.


1. Public Health Service Act 301(d), 42 USC 241(d).

2. National Institutes of Health Certificates of Confidentiality Kiosk. Available at

3. Catania JA, Wolf LE, Wertleib S, Lo B, Henne J. Research participants’ perceptions of the Certificate of Confidentiality’s assurances and limitations.Journal of Empirical Research on Human Research Ethics2007;2(4):53-59; Wolf LE, Zandecki J. Sleeping better at night: Investigators’ experiences with certificates of confidentiality.IRB: Ethics & Human Research2006;28(6):1-7; Beskow LM, Check DK, Ammarell N. Research participants’ understanding of and reactions to Certificates of Confidentiality.AJOB Primary Research2013; doi: 10.1080/21507716.2013.813596 (epub ahead of print).

4. National Institutes of Health Certificates of Confidentiality Kiosk. Detailed Application Instructions for Certificate of Confidentiality: Extramural Research Projects.

5. Beskow LM, Check DK, Namey EE, Dame LA, Lin L, Cooper A, Weinfurt KP, Wolf LE. Institutional review boards’ use and understanding of Certificates of Confidentiality.PLoS ONE.2012;7(9):e44050; Wolf LE, Dame LA, Patel M, Williams B, Austin J, Beskow LM. Certificates of Confidentiality: Legal counsels’ experiences with and perspectives on legal demands for research data.Journal of Empirical Research on Human Research Ethics2012;7(4):1-9; Wolf LE, Patel MJ, Williams BA, Austin JL, Dame LA. Certificates of Confidentiality: Protecting human subject research data in law and practice.Minnesota Journal of Law, Science & Technology(in press); Beskow LM, Dame L, Costello EJ. Author reply.Science. 2009;323(5919):1289-1290; Beskow LM, Dame L, Costello EJ. Research ethics. Certificates of Confidentiality and compelled disclosure of data.Science.2008;322(5904):1054-1055.

6. See ref. 5, Beskow et al. 2012.

7. See ref. 5, Wolf et al. 2012.

8. See ref. 5, Beskow et al. 2012.

9. See ref. 5, Wolf et al. 2012.

10. Association of American Medical Colleges Member Directory.

11. Association of Schools of Public Health Member Schools.

12. See ref. 4, National Institutes of Health Certificates of Confidentiality Kiosk.

13. U.S. Department of Health and Human Services, Protection of Human Subjects. 45 CFR 46, 2a4(j)(3)(iii).

14. See ref. 3, Beskow et al. 2013.