CoCs protect information, documents, and/or biospecimens that contain identifiable, sensitive information related to a participant.
The CoC policy and 42 U.S. Code §241(d) defines identifiable, sensitive information as information that is about an individual and that is gathered or used during the course of research where the following may occur:
- Through which an individual is identified; or
- For which there is at least a very small risk, that some combination of the information, a request for the information, and other available data sources could be used to deduce the identity of an individual.
Note that the law focuses on the identifiability of the information, and not on the sensitivity of the information.
The CoC protections cover all copies of information, documents, or biospecimens gathered (i.e., collected) or used by the investigator during the research, including copies that are shared for other research activities.
Once covered by CoC protections, these protections last in perpetuity.
Looking for more information on Certificates of Confidentiality? Learn more about automatically deemed-issued Certificates for NIH-funded Research and how to request Certificates for non-NIH funded research, Considerations for Issuing CoCs for Non-NIH Funded Research, and Limitations on Issuance of CoCs for Non-NIH Funded Research.