Would you want the details of your last doctor’s appointment printed out and stuck on a billboard? How about turning your blood pressure reading into a flyer, or putting your cholesterol levels on a hoodie?
If the answer to these is ‘no, that seems like a bad idea,’ or ‘are you feeling alright?’ then you’re close to understanding why GDPR matters when it comes to healthcare-related market research. If your company can’t satisfy people that it takes its data security seriously, then it’s not going to get many clients for its next market research activity.
Please, tell me more about this fascinating subject
Oh, go on then. Here’s a quick summary of the basics.
GDPR stands for ‘General Data Protection Regulation’. It might be based on an EU law, but it’s now part of UK legislation as well and governs how organisations use and store personal data. It should be lawful and fair, its purpose should be limited to whatever the task is, and it should be kept to a minimum.
And – this is the important bit – it should also be secure. If you think that hackers aren’t interested in healthcare data, this next bit is going to come as a shock.
Data breaches in the healthcare sector rose by 21% between 2022 and 2023, totalling about 1,900 incidents, although there are almost certainly more. These are just the ones we know about.
Bad data security is also expensive. NHS trusts alone have paid out £1.5 million in data breach claims since 2021and that figure is rising all the time.
This means that there are two reasons why patient and healthcare professional – ‘HCP’ for short – data should matter. Not only will it damage your reputation, but it could make a large dent in the budget for your next Christmas party.
But how do you know that the market research company that you’re dealing with takes data security seriously, and isn’t doing the virtual equivalent of leaving the door open, the filing cabinet unlocked and a pile of money at reception?
Avoiding the pirates and reprobates
This is easier than you’d think. There are some basic questions you need to ask potential partners before parting with any of your company’s money.
Firstly, you need to see if they’re recognised by industry bodies. The Market Research Society is the world’s leading market research society and its members have to make sure they observe a strict code of conduct. You have to abide by this as a minimum to even think about bidding for some commercial tenders and government contracts.
They also have a Freephone service where people can check a company’s credentials or can look them up on the online register. If they’ve got no record of them, then it’s a safe bet that you shouldn’t be doing business with them, either.
Secondly, there’s Fair Data. This is less well known about, but it’s also run by the Market Research Society and holds everyone who signs up to what it calls the ‘Fair Data Principles’. These cover everything set out in the GDPR laws and reinforce the idea that vulnerable and underage people are protected as well.
And although this might sound obvious, it’s especially useful in the healthcare sector. A lot of research deals with groups who have been pushed to the margins, from some members of the LGBTQIA+ community to those with life-limiting conditions. Fair Data accreditation shows that they’ll be taken seriously.
Thirdly, there are a few other bodies. The Association for Qualitative Research is one. There’s also BHBIA, the British Healthcare Business Intelligence Association which has an ethical and compliance framework for all its members. And then there’s the International Standards Organisation whose member organisations set a whole load of standards across different fields.
The relevant one here is ISO 20252 which applies to market opinion and social research. There are clauses in this that specify that the company takes GDPR seriously and protects personal information at every stage, from collection through to final reporting and expects the company to show that it monitors how the data is used.
Now you know all this, you can head out there and find the right market research company for your next healthcare study. Good luck, and happy hunting.
Er, hang on a minute.
Before you go, there are a few reasons why you might want to put Acumen at the top of your list, starting with our membership of all those professional organisations. We’re recognised by the Market Research Society, the Association for Qualitative Research, BHBIA and Fair Data. And we’ve also got ISO 20252 accreditation as well.
If that’s not enough, there’s our privacy policy. Yes, we know that it’s normally the boring grey bit people scroll through before they click ‘okay,’ but it sets out in plain language what we do with all the data we collect. It might not be a great read, but it’s there for all visitors to our site and we encourage people to email us about it.
We go into detail about what we collect and how we collect it as well as who we share it with and what your rights are as well. And there is more to this than you might think, especially under the laws that apply to GDPR.
People who take part in our research can see what information we’ve got and change anything that’s wrong. They can restrict processing of it, object to having it processed at all, or even be forgotten completely.
Ethics: not just a place east of London
This is the bit where we blow our on trumpet. And that trumpet is quite a big one. And it’s really, really shiny.
We believe that we’re one of the ethical leaders in our industry. No, really. If it feels wrong, even if it sits within the guidelines, we don’t do it. Not only that, but we don’t just do training once and then forget about it until next year. We do regular training as well as doing regular, in-house audits to make sure we’re living up to our own hype.
And there’s also Acumonitor. This is our own system that verifies people before they take part in any market research. This means you only get people who match the exact criteria, but just as importantly, it keeps the bad ones out.
We’ve used it to verify 150,000 people and removed 7,000 who were using fraudulent identities and who might use the opportunity to harm us – or you. Our founder even got an award for weeding out the fake participants. That makes us feel pretty good.
If you want to know more about GDPR and how it impacts your market research in healthcare or any other sector, just get in touch.
So here’s the summary
✔️ We don’t just rely on the internet. We blend digital, personal, and on the ground strategies for high-quality recruitment.
✔️ We won’t just accept anyone. We ensure every participant is engaged, qualified and ready, willing and able to provide valuable insights.
✔️ We don’t forget that we’re dealing with people. Behind every data point, is a real person sharing their story.
✔️ We take data security really seriously. It’s behind everything we do, from collection to processing and is why we’re ISO certified – and a member of several industry bodies.
Welcome to 2025! This year is an especially big year for us here at Acumen […]
READ MORE
Congratulations to all of our winners and thank you for taking part. Rebecca Barnes Monday […]
READ MORE
I’ve been involved in and around market research from a young age, when my Mum […]
READ MORE