Helping researchers navigate clinical & translational research regulatory processes. Regulatory Foundations, Ethics, and Law Program

Emerging Technologies, Ethics, and Research Data


The Emerging Technologies, Ethics, and Research subcommittee works to identify and develop models to aid IRB and IT collaboration as well as to create practical tools to enhance the data security reviews and human subjects protections in research involving novel technologies (i.e. cloud platforms, apps, inter-connected smart devices, and other big data research initiatives).

Sample Informed Consent Language Library: Describing Technologies Used in Research

The library was developed to assist investigators in describing technologies used in research within the informed consent form. The library is a series of sample informed consent language adopted from real-world examples, examining regulatory issues specific to various technologies used in research projects and suggestions for understanding and describing them.

Download the complete Harvard Catalyst Sample Informed Consent Binder [PDF] or select from the individual topics below.

Sample Informed Consent Language Library Overview

Research participants' health information and data are increasingly being collected, stored, and shared using more powerful and prolific technologies. When designing a research study, investigators must consider and address these factors, while also finding meaningful and effective ways to describe technology-specific factors within the informed consent process and consent form. Each section includes model statements investigators may adapt to describe the technology.

Download a PDF

Chat Technology

  • Real-time, instant messaging electronic communication between two users, connected by a network
  • Considerations:
    • Encryption and security concerns
    • Company terms of use and privacy policies
  • Model statements investigators may adapt to describe chat technology

Download a PDF

Data Collection and Privacy Considerations

  • Ensuring integrity of data during the data collection process, protecting against the risks of unauthorized use
  • Considerations:
    • Method of data collection
    • Risks of unauthorized use and users
    • Encryption and security concerns

Download a PDF

Transmission of Research Data

  • Transferring research data in motion from one machine or device to another
  • Considerations:
    • Personally-identifiable data of research participants
    • Method of data transfer
    • Encryption and security concerns

Online Tracking and Cookies

  • Tracking cookies or web beacons have the ability to track and monitor activity; these elements that may not be evident to the average user
  • Considerations:
    • Method of online tracking and cookies
    • Privacy risks/concerns with tracking technologies
    • Suitable privacy safeguards

Download a PDF

Storage and Archiving

  • Investigators should inform participants about the data storage and archiving technologies, back-ups plans, and access controls
  • Considerations:
    • Method, location, duration of data storage, and archiving
    • Encryption and security concerns
    • Storage and archiving technology company terms of use and privacy policies

Download a PDF

Research Data Destruction

  • Additional steps must be taken to sufficiently destroy data so that the data cannot be recreated, reconstructed, or extracted
  • Considerations:
    • Data collected in a federal- or state- funded project
    • Method of data destruction
    • Encryption and security concerns

Download a PDF


  • Communication tool to be evaluated for use in research in reference to regulations
  • Considerations:
    • Encryption and security concerns
    • Email technology company terms of use and privacy policies

Download a PDF

Mobile Health: Devices, Apps, and Wearables

  • The method of delivering healthcare through mobile technology allowing investigators to collect data from research participants when they are not physically present
  • Considerations:
    • Passive data collection
    • Encryption and security concerns, including loss and theft
    • Mobile device and application technology company terms of use and privacy policies

Download a PDF

Online Survey Tools

  • Online survey tools or questionnaires may require different data security requirements based on the complexity of the project and the study population
  • Considerations:
    • Survey tools available at an academic institution versus a third party software company
    • Encryption and security concerns
    • Survey tool technology company terms of use and privacy policies

Download a PDF

Social Media

  • Social media used for research recruitment raises unique issues including access to personal health information and appropriate online communication while enrolled in a study
  • Considerations:
    • Encryption and security concerns
    • Social media technology company terms of use and privacy policies

Download a PDF

Video, Audio, and Photography Recordings

  • Recording the voice and/or image of a research participant creates a distinct type of record that requires unique handling and storage
  • Considerations:
    • Method of recording
    • Encryption and security concerns

Download a PDF

Glossary of Terms

Terms used to describe technologies used in research

Download a PDF


Resources we found helpful while creating the document

Download a PDF

Attribution, Sharing, and Adapting

We encourage you to request, share, adapt, and contribute to the Informed Consent Library

Download a PDF

Sample Informed Consent Binder

Complete Harvard Catalyst Sample Consent Language Library, with sections bookmarked in one PDF

Download a PDF

Case Studies

A series of case studies below examine regulatory issues specific to various research data security issues and suggestions for managing them.

  • A Study Involving Multiple Institutions and CMS Data [PDF]
  • Managing Data Security with Local and International Partners [PDF]
  • Research Data Loss Incident - Multi-Stakeholders [PDF]
  • Secondary Use of Data in Studies Involving Wearable Technology [PDF]
  • Accidental Receipt of Identifiable Data [PDF]
  • Maintaining Sensitive and Non-Sensitive Data [PDF]
  • Police Body Cameras [PDF]
  • Secure Storage of Audio Recordings [PDF]
Additional Resources
  • Information Risks and IRB Strategies for Technologies Used in Research: A Guide for Researchers, IT, and IRBs [PDF]
    Researchers use both institutional and external tools and technologies to enable their research. IT and information security departments utilize institutional processes and standards to vet such technologies. This document identifies vetted (and non-vetted) tools and technologies.
  • Research Data Management: Guide for Investigators [PDF]
    This Guide addresses how to plan and manage research data considerations for researchers who expect to work with confidential or sensitive information involving individuals in the course of a research study. The Guide follows the research data management lifecycle, highlighting key issues to consider, and a roadmap to follow through the lifecycle of data from the beginning planning phases through design, and all the way to proper destruction and disposal of data.
  • The Use of Social Media in Recruitment to Research: A Guide for Investigators and IRBs [PDF]
    Social media is emerging as a promising tool for recruiting people into clinical trials and other important types of research. This guidance document outlines numerous concrete recommendations on the ethical and regulatory aspects of using social media as a research recruitment tool.
  • Providing IT expertise to the IRB [PDF]
    The incorporation of Information Technology (IT) expertise onto IRBs is one way to help ensure the appropriate evaluation of the safety and potential risks of the technology being utilized to conduct research. This document serves as a short guide to onboarding IT staff onto IRBs.
  • Important IT Considerations for IRBs [PDF]
    IRBs need not be IT experts, however an awareness of potential risks posed by new technologies may be helpful. This document includes a list of questions for IRB members to consider when thinking about IT and/or data confidentiality protections, and concurrently evaluating the regulatory criteria for approval. This list is not exhaustive, but provides a baseline of questions to consider when evaluating the potential risks of the technology being utilized in the research.
  • Guide to Vetting Technologies [Excel]
    The guide is designed to be used as a supplementary resource to help investigators ascertain which commonly-used technologies have or have not already been vetted by their institution. This helps to ensure the safe and secure collection, storage, access, and sharing of research data.